r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10484
Expires: Tue, 21 Mar 2023 18:12:14 GMT
Date: Tue, 21 Mar 2023 15:17:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 28774b36cf8bb6b054329393a33f6239
728313ddff6d5ceb6db3eb8445f039779616a140
08378fe6a897ab5a9c8d3bc2748c9670659d0d0d164317fdfac88d23fee78fa0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08378FE6A897AB5A9C8D3BC2748C9670659D0D0D164317FDFAC88D23FEE78FA0"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9250
Expires: Tue, 21 Mar 2023 17:51:40 GMT
Date: Tue, 21 Mar 2023 15:17:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Mar 2023 14:27:25 GMT
content-type: application/json
age: 3005
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4e6141892ec4705c6a0134f3157b969d
4169fdea42b0fa9cb565e14b8e8fdb293575c78e
905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10780
Expires: Tue, 21 Mar 2023 18:17:10 GMT
Date: Tue, 21 Mar 2023 15:17:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ym/i73r5G+N4eWpCd9b6SQIZZULsGMXttEkdvCmgI/a+7H3LHZIlDz4Jr7mlpWFNfxYJjbc80a0=
x-amz-request-id: KVP93GN1PSAENYYQ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 21 Mar 2023 14:53:13 GMT
age: 1457
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.cmfoods.co.uk/cmde.imrc/5/login.php?session_id=r2Ohjeihg6cnmMl1QBGHJTxuE730IUs1BBerkVhpNaL4YT6NSzu0lLSHdqTyo1eoVQmjRuXJ6WTWdT4D
67.207.68.140200 OK 32 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/login.php?session_id=r2Ohjeihg6cnmMl1QBGHJTxuE730IUs1BBerkVhpNaL4YT6NSzu0lLSHdqTyo1eoVQmjRuXJ6WTWdT4D
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1021), with CRLF line terminators
Hash bc3251eccd000a05bffaaaa770e0a3bb
a736b1bc2e3ec217e7543faa93b7a3c233788117
abdf1d346aafbedb04d62d9cf0aad20220ba0a89013fb6e0732f152626c144b0
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET PHISHING Suspicious HTML Decimal Obfuscated Title - Possible Phishing Landing Apr 19 2017
GET /cmde.imrc/5/login.php?session_id=r2Ohjeihg6cnmMl1QBGHJTxuE730IUs1BBerkVhpNaL4YT6NSzu0lLSHdqTyo1eoVQmjRuXJ6WTWdT4D HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.33, PleskLin
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 15:17:30 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.cmfoods.co.uk/cmde.imrc/5/media/style.css
67.207.68.140200 OK 145 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/style.css
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65536), with no line terminators
Size 145 kB (145055 bytes)
Hash ac922ecbe9a3c9017307bf651658c774
6934fbde5b9d13334381abaffff81dd252208d56
1df1b081d0aad204d6669abbb9dee7b49ef68b4de44f052b29b24382e5af4766
GET /cmde.imrc/5/media/style.css HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/login.php?session_id=r2Ohjeihg6cnmMl1QBGHJTxuE730IUs1BBerkVhpNaL4YT6NSzu0lLSHdqTyo1eoVQmjRuXJ6WTWdT4D
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:30 GMT
Content-Type: text/css
Content-Length: 145055
Last-Modified: Thu, 03 Dec 2020 03:46:20 GMT
Connection: keep-alive
ETag: "5fc85f8c-2369f"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.cmfoods.co.uk/cmde.imrc/5/media/styles.css
67.207.68.140200 OK 238 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/styles.css
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65352)
Size 238 kB (237450 bytes)
Hash 9513f5546ed180f2e9adef1d52213db9
1cd1ee09e2ca5b2f2719fef46a59096c6dafe6bb
ce6346046fc87765e2815794dccc487fb95284bdb76697f7e53ca450b0641eaa
GET /cmde.imrc/5/media/styles.css HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/login.php?session_id=r2Ohjeihg6cnmMl1QBGHJTxuE730IUs1BBerkVhpNaL4YT6NSzu0lLSHdqTyo1eoVQmjRuXJ6WTWdT4D
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:30 GMT
Content-Type: text/css
Content-Length: 237450
Last-Modified: Wed, 02 Dec 2020 09:24:56 GMT
Connection: keep-alive
ETag: "5fc75d68-39f8a"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.cmfoods.co.uk/cmde.imrc/5/media/jquery-2.2.3.js
67.207.68.140200 OK 259 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/jquery-2.2.3.js
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
Size 259 kB (258648 bytes)
Hash aacc43d6f308fa362ac85e3f4fb2b30c
09b2fbec3c6e662be486da501a913d4b93ad39eb
95a5d6b46c9da70a89f0903e5fdc769a2c266a22a19fcb5598e5448a044db4fe
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/jquery-2.2.3.js HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/login.php?session_id=r2Ohjeihg6cnmMl1QBGHJTxuE730IUs1BBerkVhpNaL4YT6NSzu0lLSHdqTyo1eoVQmjRuXJ6WTWdT4D
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:30 GMT
Content-Type: application/javascript
Content-Length: 258648
Last-Modified: Tue, 17 Nov 2020 02:38:44 GMT
Connection: keep-alive
ETag: "5fb337b4-3f258"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.cmfoods.co.uk/cmde.imrc/5/media/Experience.svg
67.207.68.140200 OK 12 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/Experience.svg
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (893)
Hash 3c30ea4f3370147c14d614b4e82323b1
f212ae8d2f0d655a1aed7ca8b43c13ba96aa159e
3bf07d30c5c5867acf6a3ec763086a9c3d1ea5c7e6783c1550e1309c67e59bf3
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/Experience.svg HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/login.php?session_id=r2Ohjeihg6cnmMl1QBGHJTxuE730IUs1BBerkVhpNaL4YT6NSzu0lLSHdqTyo1eoVQmjRuXJ6WTWdT4D
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:30 GMT
Content-Type: image/svg+xml
Content-Length: 12340
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Connection: keep-alive
ETag: "5fc75b30-3034"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.cmfoods.co.uk/cmde.imrc/5/media/AppStoreBadge.svg
67.207.68.140200 OK 12 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/AppStoreBadge.svg
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 1cfd5dba4a9210bcf77f5dbe48ec2e66
b18020f162dece51251489be269db7629a223fcd
4cfabcfdbec9a5cd903190f150028743f38c3533b53ea21c6e4dd35a52a80383
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/AppStoreBadge.svg HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/login.php?session_id=r2Ohjeihg6cnmMl1QBGHJTxuE730IUs1BBerkVhpNaL4YT6NSzu0lLSHdqTyo1eoVQmjRuXJ6WTWdT4D
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:30 GMT
Content-Type: image/svg+xml
Content-Length: 12224
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Connection: keep-alive
ETag: "5fc75b30-2fc0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.cmfoods.co.uk/cmde.imrc/5/media/GooglePlay.svg
67.207.68.140200 OK 23 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/GooglePlay.svg
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (2954)
Hash 56b446863643039c5c386e785054f8f8
8509aa1bbc637474b87bb386d4d23f2a73283cd9
00ff1bb43d0a271618cd1f626e0530c4e9efb344058b85744e569306c93ecc42
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/GooglePlay.svg HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/login.php?session_id=r2Ohjeihg6cnmMl1QBGHJTxuE730IUs1BBerkVhpNaL4YT6NSzu0lLSHdqTyo1eoVQmjRuXJ6WTWdT4D
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:30 GMT
Content-Type: image/svg+xml
Content-Length: 22795
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Connection: keep-alive
ETag: "5fc75b30-590b"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.cmfoods.co.uk/cmde.imrc/5/media/HuaweiStoreBadge.svg
67.207.68.140200 OK 23 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/HuaweiStoreBadge.svg
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1948)
Hash ebca1ba48fc8843d69e32d98d233b928
68b6d14f6b8e0cea4c98b933ed5cc489d46134f9
1ff2a8671111fb294acbd910e0ff757971eaeb4b381206de8ebabb38e259ca15
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/HuaweiStoreBadge.svg HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/login.php?session_id=r2Ohjeihg6cnmMl1QBGHJTxuE730IUs1BBerkVhpNaL4YT6NSzu0lLSHdqTyo1eoVQmjRuXJ6WTWdT4D
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:30 GMT
Content-Type: image/svg+xml
Content-Length: 22958
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Connection: keep-alive
ETag: "5fc75b30-59ae"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.cmfoods.co.uk/cmde.imrc/5/media/login-secure.svg
67.207.68.140200 OK 5.5 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/login-secure.svg
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2575)
Hash 2ac190a1585df4726aaab558465a3677
4724c9e5a01d8a67502afa1f3aee0a799c5e674f
5c6c8d8c0e52c66587d5f15d69de975d84894fc26afc864cd7b3eebde68b426c
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/login-secure.svg HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/login.php?session_id=r2Ohjeihg6cnmMl1QBGHJTxuE730IUs1BBerkVhpNaL4YT6NSzu0lLSHdqTyo1eoVQmjRuXJ6WTWdT4D
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:30 GMT
Content-Type: image/svg+xml
Content-Length: 5523
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Connection: keep-alive
ETag: "5fc75b30-1593"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.cmfoods.co.uk/cmde.imrc/5/media/login-fast.svg
67.207.68.140200 OK 5.3 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/login-fast.svg
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2974)
Hash 81a16172e4f2f3144e41fb7b161479ce
e402f0b8ba2d98fb397e153ab2f479d323ba0c96
e79680516f7aebb8535d875afb21b608dc955fa48f3084502858ea7513ba547c
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/login-fast.svg HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/login.php?session_id=r2Ohjeihg6cnmMl1QBGHJTxuE730IUs1BBerkVhpNaL4YT6NSzu0lLSHdqTyo1eoVQmjRuXJ6WTWdT4D
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:30 GMT
Content-Type: image/svg+xml
Content-Length: 5286
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Connection: keep-alive
ETag: "5fc75b30-14a6"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.cmfoods.co.uk/cmde.imrc/5/media/Error_Orange.svg
67.207.68.140200 OK 933 B URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/Error_Orange.svg
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (349)
Hash ea909396b604c3c01db7d3608ebb259e
7fb0f3707716e3ecad2addecbaee8b8079154813
24af98f5927069908c81e519b1082493492411999b322d3297a0be59baed39ed
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/Error_Orange.svg HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/login.php?session_id=r2Ohjeihg6cnmMl1QBGHJTxuE730IUs1BBerkVhpNaL4YT6NSzu0lLSHdqTyo1eoVQmjRuXJ6WTWdT4D
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:30 GMT
Content-Type: image/svg+xml
Content-Length: 933
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
ETag: "3a5-5b577af292c00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.cmfoods.co.uk/cmde.imrc/5/media/entrust_site_seal_ssl.png
67.207.68.140200 OK 19 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/entrust_site_seal_ssl.png
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 350 x 350, 8-bit colormap, non-interlaced\012- data
Hash e47461fd49a0426768698ade98b259e2
501132059c531265f3898e5b6d8646ac3886cfbb
203680b7945ca5c9f3697881f9af9c8ed160354675055d22fc34545910cd4d54
GET /cmde.imrc/5/media/entrust_site_seal_ssl.png HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/login.php?session_id=r2Ohjeihg6cnmMl1QBGHJTxuE730IUs1BBerkVhpNaL4YT6NSzu0lLSHdqTyo1eoVQmjRuXJ6WTWdT4D
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:30 GMT
Content-Type: image/png
Content-Length: 18758
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Connection: keep-alive
ETag: "5fc75b30-4946"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.cmfoods.co.uk/cmde.imrc/5/media/login-easy.svg
67.207.68.140200 OK 4.1 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/login-easy.svg
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2053)
Hash f0d22f982d5b06f6ddcc86d4ea20b34c
78d94235b41832ad6ccae8471754c787d6cae604
9731178a65895ad7a2835bb97c7d3e1fbb030448ce0af77fad66d45559beee0d
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/login-easy.svg HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/login.php?session_id=r2Ohjeihg6cnmMl1QBGHJTxuE730IUs1BBerkVhpNaL4YT6NSzu0lLSHdqTyo1eoVQmjRuXJ6WTWdT4D
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:30 GMT
Content-Type: image/svg+xml
Content-Length: 4147
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Connection: keep-alive
ETag: "5fc75b30-1033"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.cmfoods.co.uk/cmde.imrc/5/media/icon-512x512.png
67.207.68.140200 OK 41 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/icon-512x512.png
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 512 x 512, 8-bit/color RGBA, interlaced\012- data
Hash 45dc0d3ba9b11c9e0358ab3b418f7fcc
904740c7345e3770815dc35ab72b8f2e2b7b5ba1
fcb0dba575e2a3be211208f2a81a519c5d61109ebe399731d140ce5d87ed0920
GET /cmde.imrc/5/media/icon-512x512.png HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/login.php?session_id=r2Ohjeihg6cnmMl1QBGHJTxuE730IUs1BBerkVhpNaL4YT6NSzu0lLSHdqTyo1eoVQmjRuXJ6WTWdT4D
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:30 GMT
Content-Type: image/png
Content-Length: 40873
Last-Modified: Wed, 02 Dec 2020 09:23:14 GMT
Connection: keep-alive
ETag: "5fc75d02-9fa9"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.cmfoods.co.uk/cmde.imrc/5/media/favicon.ico
67.207.68.140200 OK 1.4 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/favicon.ico
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type MS Windows icon resource - 1 icon, 18x18, 32 bits/pixel\012- data
Hash 68773d46f68cd092f7aac1b70d211e01
bbe705f043f03d491232a63d29e5b8b6befb031e
4fbd7df4e4d5012b82c14234382d58275c3fe42c98162c05bbb4bc98c79ef9f5
GET /cmde.imrc/5/media/favicon.ico HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/login.php?session_id=r2Ohjeihg6cnmMl1QBGHJTxuE730IUs1BBerkVhpNaL4YT6NSzu0lLSHdqTyo1eoVQmjRuXJ6WTWdT4D
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:30 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 1430
Last-Modified: Wed, 02 Dec 2020 09:23:14 GMT
Connection: keep-alive
ETag: "5fc75d02-596"
X-Powered-By: PleskLin
Accept-Ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Mar 2023 15:14:33 GMT
age: 177
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4c195a3fc0c2abb831630cef1dcfa770
eda338de3063640556177b9db364c33193d7f6dc
c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11163
Expires: Tue, 21 Mar 2023 18:23:34 GMT
Date: Tue, 21 Mar 2023 15:17:31 GMT
Connection: keep-alive
www.cmfoods.co.uk/cmde.imrc/5/media/cookie-icon.svg
67.207.68.140200 OK 1.9 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/cookie-icon.svg
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (534), with CRLF line terminators
Hash 3500cea77fa8facce19a3d78e3d65efd
64561c1fa2bbc10d14ef7ad215215d87131ca614
fe40a000e17d2ff50ee03ddf8fa43c29b4f7bac9008cce7f94e649a072cbd9bf
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/cookie-icon.svg HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/media/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:31 GMT
Content-Type: image/svg+xml
Content-Length: 1910
Last-Modified: Thu, 03 Dec 2020 02:00:04 GMT
Connection: keep-alive
ETag: "5fc846a4-776"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.cmfoods.co.uk/cmde.imrc/5/media/NedbankIcon.svg
67.207.68.140200 OK 1.3 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/NedbankIcon.svg
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (483), with CRLF line terminators
Hash 4524fe949ec4e8fc09e53b254a9309ec
e48ebe170ce00e6c1ff6b85d1a6958941c52b4b0
9f03e50b45def1c758746fc72c3dd9f465eafa79f4b98226406af667fadb13dc
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/NedbankIcon.svg HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/media/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:31 GMT
Content-Type: image/svg+xml
Content-Length: 1336
Last-Modified: Wed, 02 Dec 2020 09:26:52 GMT
Connection: keep-alive
ETag: "5fc75ddc-538"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.cmfoods.co.uk/cmde.imrc/5/media/cross-close-white.svg
67.207.68.140200 OK 237 B URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/cross-close-white.svg
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 378eae90527ac0e3766c3798c76b5b64
72a5a3167ae6fe2f434e7bdb2650d9f781c35020
89252245ff4ddb40f7d961d7112209c4d5b1a206392146027dddecc04b53c999
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/cross-close-white.svg HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/media/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:31 GMT
Content-Type: image/svg+xml
Content-Length: 237
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Wed, 02 Dec 2020 09:29:08 GMT
ETag: "ed-5b577e0096100"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.cmfoods.co.uk/cmde.imrc/5/media/icon-chat-thin.svg
67.207.68.140200 OK 741 B URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/icon-chat-thin.svg
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (447), with CRLF line terminators
Hash 83f7e92164b236b189f0f97f35813eae
948bcd0ad350232f160457b2aabed9812ebd801c
ccdad4ff98cc6f06e6e4469c2f153cd05e16a7bb390e5db677ab2f4fa85ce0cd
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/icon-chat-thin.svg HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/media/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:31 GMT
Content-Type: image/svg+xml
Content-Length: 741
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Wed, 02 Dec 2020 09:25:26 GMT
ETag: "2e5-5b577d2cded80"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.cmfoods.co.uk/cmde.imrc/5/media/location-blank-green.svg
67.207.68.140200 OK 1.2 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/location-blank-green.svg
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (359), with CRLF line terminators
Hash 15be25902bd569e3e4659d742681e2fb
613050d4c8541fea62a4123605610b3610917fb3
cd12b1387c0081203b3cc5c14e644e0368bd887e0002d6a78f4ce89184079c7b
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/location-blank-green.svg HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/media/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:31 GMT
Content-Type: image/svg+xml
Content-Length: 1170
Last-Modified: Wed, 02 Dec 2020 09:28:54 GMT
Connection: keep-alive
ETag: "5fc75e56-492"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.cmfoods.co.uk/cmde.imrc/5/media/contact-blank-green.svg
67.207.68.140200 OK 1.1 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/contact-blank-green.svg
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 45328cfea483e7616bd24d895061746f
254babed655099ecabde38fdd2a9eebe4745197e
34870e9d178688052bf6ac99404873d4ba713b026369a811083b588d9d803312
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/contact-blank-green.svg HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/media/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:31 GMT
Content-Type: image/svg+xml
Content-Length: 1125
Last-Modified: Wed, 02 Dec 2020 09:27:00 GMT
Connection: keep-alive
ETag: "5fc75de4-465"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.cmfoods.co.uk/cmde.imrc/5/media/demo-icon.svg
67.207.68.140200 OK 1.6 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/demo-icon.svg
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1093), with CRLF line terminators
Hash 743f7630b78dcb8c373e994da6945761
16a1b674069131ac8b01bdb0fb0977ccfc78da6e
d618a969357e7068c902c05acd681131cf186ff0fbe53f35c7519980f33a32ea
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/demo-icon.svg HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/media/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:31 GMT
Content-Type: image/svg+xml
Content-Length: 1628
Last-Modified: Wed, 02 Dec 2020 09:27:48 GMT
Connection: keep-alive
ETag: "5fc75e14-65c"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.cmfoods.co.uk/cmde.imrc/5/media/outline-cheque.svg
67.207.68.140200 OK 259 B URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/outline-cheque.svg
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 4a2b65b698559fc79b4e013118ab7f95
7c09f88b6ad294979142eb11bf2fe87b51b350a8
cce1cb057aba624a402810787efca075b01266b8c7d70fbfc29c06e04c9db877
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/outline-cheque.svg HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/media/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:31 GMT
Content-Type: image/svg+xml
Content-Length: 259
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Wed, 02 Dec 2020 09:26:32 GMT
ETag: "103-5b577d6bd0200"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.cmfoods.co.uk/cmde.imrc/5/media/Arrow.svg
67.207.68.140200 OK 761 B URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/Arrow.svg
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash b303c49924ce1909fcbcc33522ebf8f5
d1c3ab0e640f7fb06962d72a7b5799e7a1c1811f
636a98e693146284effe41930c519a43f586aca7769d8a4acb64b8dbbb9ef5e2
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/Arrow.svg HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/media/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:31 GMT
Content-Type: image/svg+xml
Content-Length: 761
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Wed, 02 Dec 2020 09:29:50 GMT
ETag: "2f9-5b577e28a3f80"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.cmfoods.co.uk/cmde.imrc/5/media/FontFont%20-%20MarkPro.otf
67.207.68.140200 OK 165 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/FontFont%20-%20MarkPro.otf
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type OpenType font data\012- data
Size 165 kB (165396 bytes)
Hash 12d6724a254d3be629fc6b2871ae5a6a
d3a93c9ed090be9366b9513e5515e8e19ff48459
eaa561f9f8ef5b69bd39e15e332dc3700decacebf48e08b0640ad3a5d8711f65
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/FontFont%20-%20MarkPro.otf HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/media/styles.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:31 GMT
Content-Type: application/vnd.oasis.opendocument.formula-template
Content-Length: 165396
Last-Modified: Wed, 02 Dec 2020 09:23:24 GMT
Connection: keep-alive
ETag: "5fc75d0c-28614"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.cmfoods.co.uk/cmde.imrc/5/media/FontFont%20-%20MarkPro-Bold.otf
67.207.68.140200 OK 166 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/FontFont%20-%20MarkPro-Bold.otf
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type OpenType font data\012- data
Size 166 kB (165936 bytes)
Hash 476d44b0f6c8939bb8859c9ce7598310
cd8fb565970c2750a12b3b47b1869578f7a041fb
979af22174e46123e6fb3c96d96360ba0ea7a5dbd00ae97ab1ebefae9c284d37
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/FontFont%20-%20MarkPro-Bold.otf HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/media/styles.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:31 GMT
Content-Type: application/vnd.oasis.opendocument.formula-template
Content-Length: 165936
Last-Modified: Wed, 02 Dec 2020 09:23:30 GMT
Connection: keep-alive
ETag: "5fc75d12-28830"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.cmfoods.co.uk/cmde.imrc/5/media/Eye-Show.svg
67.207.68.140200 OK 969 B URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/Eye-Show.svg
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 73c874f4bd757bebaedc93137dec93cd
28a3a7ff7f4c6665f91dc9e5f686516dd412b594
3b5618abb126e7405b0ee27b5e979d3ac3bb85f8923191268cd27fb768888cd0
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/Eye-Show.svg HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/media/styles.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:31 GMT
Content-Type: image/svg+xml
Content-Length: 969
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Wed, 02 Dec 2020 09:27:16 GMT
ETag: "3c9-5b577d95c6500"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.cmfoods.co.uk/cmde.imrc/5/media/close-gray.svg
67.207.68.140200 OK 1.9 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/close-gray.svg
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a1c98318d4817ba59ad6274c57448a6e
6c08220befdc5571482d403c3f57989b3149517c
870f98a3f5f6c48980338e74f6bee5bf2c1ae12bf249e85a508a0fd0bd7a91c0
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/close-gray.svg HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/media/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.33, PleskLin
www.cmfoods.co.uk/cmde.imrc/5/media/FontFont%20-%20MarkPro-Medium.otf
67.207.68.140200 OK 162 kB URL HTTP/1.1 www.cmfoods.co.uk/cmde.imrc/5/media/FontFont%20-%20MarkPro-Medium.otf
IP 67.207.68.140:0
ASN #14061 DIGITALOCEAN-ASN
File type OpenType font data\012- data
Size 162 kB (162260 bytes)
Hash 8531ae94f5ad973be8b718f88e9660ed
a6d5635dcebab54c459a725da9a892017627a994
ad51841bf5cf5eb27ead0ae50f936f678eeb2d4e1be6035e83fce13b0e3b83bb
Analyzer Verdict Alert fortinet Phishing
GET /cmde.imrc/5/media/FontFont%20-%20MarkPro-Medium.otf HTTP/1.1
Host: www.cmfoods.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cmfoods.co.uk/cmde.imrc/5/media/styles.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 15:17:31 GMT
Content-Type: application/vnd.oasis.opendocument.formula-template
Content-Length: 162260
Last-Modified: Wed, 02 Dec 2020 09:23:34 GMT
Connection: keep-alive
ETag: "5fc75d16-279d4"
X-Powered-By: PleskLin
Accept-Ranges: bytes
push.services.mozilla.com/
54.148.242.254101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.242.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wqloM4c5kKq82gPbpn2ymw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DbdEYw+2HtIRNlNaDjpDgOdeKRY=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18208
Expires: Tue, 21 Mar 2023 20:21:00 GMT
Date: Tue, 21 Mar 2023 15:17:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18208
Expires: Tue, 21 Mar 2023 20:21:00 GMT
Date: Tue, 21 Mar 2023 15:17:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18208
Expires: Tue, 21 Mar 2023 20:21:00 GMT
Date: Tue, 21 Mar 2023 15:17:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18208
Expires: Tue, 21 Mar 2023 20:21:00 GMT
Date: Tue, 21 Mar 2023 15:17:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68a4b574-14c9-4d65-81df-d700ef3fa2f4.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68a4b574-14c9-4d65-81df-d700ef3fa2f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e538277f72ecedd22d24c1012250fa9e
4bd955ea3790a6926486e3d56f51c712c56997d7
5f4d374598cfb1a78e7016ec3a0b563e61e7481be202c34b10c9fdfbfc7b638e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68a4b574-14c9-4d65-81df-d700ef3fa2f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11336
x-amzn-requestid: 3aaca817-ebbc-449f-806c-d5a2a7559335
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWjFEmFIAMFqhg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d146-435381723c24efc66eed6b4b;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:33:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: GIjvleZ9_Ylizb0wtrfvVrU8qtjVdojVpS3IGmBZaqtLha42eEMBJw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6af3b573d8970d5db2a4d03354335b84.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:17:11 GMT
age: 61221
etag: "4bd955ea3790a6926486e3d56f51c712c56997d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 302595cc68fe8cf12121d0f652b3194d
e5532a3fed552246e8a63ea2ba75e174273a7b9f
6ca3599a9af06f51d4dc205d4ebd8f7f8b38c54864b6b478eac8c0d1adbc97c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7695
x-amzn-requestid: 1009077b-14aa-42e5-86f1-de94b8b2aba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDETIHf8oAMFxEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641780e0-07bbb0376f1c1941731e00ba;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:38:40 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 02HknfEEVW-DU3f3sOQgfs_eL48pvEgV4ft__uRLXOFlDO5qX5tDsQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:49:06 GMT
age: 62906
etag: "e5532a3fed552246e8a63ea2ba75e174273a7b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a940b362660fdee25faaa51e08c439b
85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c
18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFESEDGoAMFQ8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hZeMhs-Z5fNn0pvRUSkNcGau_K6EG9EQtDktbLUth0uEveafUgCxeQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:07:00 GMT
age: 61832
etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e5f234aedfabd736b50fef3017380f9
71672a6c3523d9999522e005091863d07ea0e94a
3314df7a93e317d509aeffc1cde69ec450ddad116a27dc197db1abce966da344
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6511
x-amzn-requestid: 82d12180-bdcb-4ce0-8588-4239ee27f236
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI_E_eoAMF3sA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-2f5df7cd5f6cee4762703d29;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: sTt0-W1XE7yUFGFXg2nPnKw5tKKkrw-cH_TCIbQy8JL-k0QtCNZS8w==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:52:08 GMT
age: 62724
etag: "71672a6c3523d9999522e005091863d07ea0e94a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0e5cb0b321323913460ba1efd6b7b63
701eb0eb86c6673bbb6e85cf933bea53187b6048
150d0e93b808b222fcb4b58f0f4a78a403517b84461cb3029fc71c30930bb11b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4712
x-amzn-requestid: 3c0b3a28-a1a9-4ba0-94ad-29156c2d83c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9yGEE8SIAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641563c0-1937b8bc1e42142720eddd7b;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:09:52 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: a-jsgTjZQKzBK_IFEYlrxbjpk6zou_7vbQe4ptwA1IOtUdlqDG2uWA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 13:27:42 GMT
age: 6590
etag: "701eb0eb86c6673bbb6e85cf933bea53187b6048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f73dbc0fc3d196647ddc1e30450989d4
75d0a1414a5d350ba426dc37333a6ea131f66753
2a6954b3ccf01567c0c0c2911dd8b02c1cd264fc78178cef2eef6a6796c16c3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10855
x-amzn-requestid: bb845712-834d-49b1-97f0-f3750f132741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CEZD0GCHIAMFq6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418087e-4361bbd40ec5f0d10dabdf85;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 07:17:18 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: d81ObS_T4QBMAr1KU_lJ1hJC4FMqpJNCreDNuU481S4RZo3aQxMkaQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 6bdc2963c9ed59b475ec36c35e5932a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 07:20:22 GMT
age: 28630
etag: "75d0a1414a5d350ba426dc37333a6ea131f66753"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2