www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
200 OK 3.6 kB URL User Request GET HTTP/1.1 www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
IP
Certificate IssuerLet's Encrypt
Subjectwww.jbaddoclothiers.com
Fingerprint4C:BF:7A:80:58:34:3A:72:21:CC:C9:7B:95:0C:05:7B:2D:12:74:8C
ValiditySun, 19 Nov 2023 05:31:36 GMT - Sat, 17 Feb 2024 05:31:35 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7968)
Hash 098d4c55405daf744b685e918f6a8518
7c73ed379a974339b80c0cd10d391c398ca3e291
c8bc70e7c158659522d2feddbca81702b2cb07d47b253ce72325a08eaab1a5e1
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
GET /wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/ HTTP/1.1
Host: www.jbaddoclothiers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 15:31:54 GMT
Server: Apache
Last-Modified: Thu, 16 Nov 2023 08:43:44 GMT
ETag: "25e0-60a4104721000-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3637
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html
www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/_6X1Yz9OdXS.css
200 OK 4.6 kB URL GET HTTP/1.1 www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/_6X1Yz9OdXS.css
IP
Requested by https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
Certificate IssuerLet's Encrypt
Subjectwww.jbaddoclothiers.com
Fingerprint4C:BF:7A:80:58:34:3A:72:21:CC:C9:7B:95:0C:05:7B:2D:12:74:8C
ValiditySun, 19 Nov 2023 05:31:36 GMT - Sat, 17 Feb 2024 05:31:35 GMT
File type ASCII text, with very long lines (3845)
Hash ea469ee0eaadb46dd3dea5a765163695
60529985646b72086a6aa8bf00fef9c730680cec
377011ad65485a43c144e17ede0e1a546805ced26dabf7012dc6b17dbee61e2f
GET /wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/_6X1Yz9OdXS.css HTTP/1.1
Host: www.jbaddoclothiers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 15:31:54 GMT
Server: Apache
Last-Modified: Thu, 16 Nov 2023 00:36:44 GMT
ETag: "4772-60a3a36cc3f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4620
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/css
www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/GWkTLZI8Uwb.css
200 OK 1.6 kB URL GET HTTP/1.1 www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/GWkTLZI8Uwb.css
IP
Requested by https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
Certificate IssuerLet's Encrypt
Subjectwww.jbaddoclothiers.com
Fingerprint4C:BF:7A:80:58:34:3A:72:21:CC:C9:7B:95:0C:05:7B:2D:12:74:8C
ValiditySun, 19 Nov 2023 05:31:36 GMT - Sat, 17 Feb 2024 05:31:35 GMT
File type ASCII text, with very long lines (919)
Hash 28503c69f0f90dedd8a88d6fce38dd49
188a651f3e44a9f1bd449d17854fce2ebc75c106
1753449362e1b67f207d76fe61821d681a94f6b2bcc9dedb082c96199331a424
GET /wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/GWkTLZI8Uwb.css HTTP/1.1
Host: www.jbaddoclothiers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 15:31:54 GMT
Server: Apache
Last-Modified: Thu, 16 Nov 2023 00:36:42 GMT
ETag: "eae-60a3a36adba80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1567
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/css
www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/Xwuiz-eD1or.css
200 OK 648 B URL GET HTTP/1.1 www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/Xwuiz-eD1or.css
IP
Requested by https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
Certificate IssuerLet's Encrypt
Subjectwww.jbaddoclothiers.com
Fingerprint4C:BF:7A:80:58:34:3A:72:21:CC:C9:7B:95:0C:05:7B:2D:12:74:8C
ValiditySun, 19 Nov 2023 05:31:36 GMT - Sat, 17 Feb 2024 05:31:35 GMT
File type ASCII text, with very long lines (1400)
Hash 9a0af9f955c0ca075cafe0bb11c7e012
2cff0a046d58280e1c2ce820395f875733642c2d
f778944563d98d8104746c3cf54a60d8d52a7df0c9b73d86cf5679e184d2295c
GET /wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/Xwuiz-eD1or.css HTTP/1.1
Host: www.jbaddoclothiers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 15:31:55 GMT
Server: Apache
Last-Modified: Thu, 16 Nov 2023 00:36:44 GMT
ETag: "758-60a3a36cc3f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 648
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/css
www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/6Iat9vceOOw.css
200 OK 8.9 kB URL GET HTTP/1.1 www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/6Iat9vceOOw.css
IP
Requested by https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
Certificate IssuerLet's Encrypt
Subjectwww.jbaddoclothiers.com
Fingerprint4C:BF:7A:80:58:34:3A:72:21:CC:C9:7B:95:0C:05:7B:2D:12:74:8C
ValiditySun, 19 Nov 2023 05:31:36 GMT - Sat, 17 Feb 2024 05:31:35 GMT
File type ASCII text, with very long lines (4583)
Hash c0b9f05aed021b5402b6a9c0caf55762
e06da0c123d6a258c919455ce26067b74dc7cd65
2abce7f120d207f2f9db00e4fc8ae7ac1262d0d567bc537d30a15e0efced8db9
GET /wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/6Iat9vceOOw.css HTTP/1.1
Host: www.jbaddoclothiers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 15:31:55 GMT
Server: Apache
Last-Modified: Thu, 16 Nov 2023 00:36:44 GMT
ETag: "925b-60a3a36cc3f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8921
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/css
www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/kmPnw_xy3PP.css
200 OK 1.3 kB URL GET HTTP/1.1 www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/kmPnw_xy3PP.css
IP
Requested by https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
Certificate IssuerLet's Encrypt
Subjectwww.jbaddoclothiers.com
Fingerprint4C:BF:7A:80:58:34:3A:72:21:CC:C9:7B:95:0C:05:7B:2D:12:74:8C
ValiditySun, 19 Nov 2023 05:31:36 GMT - Sat, 17 Feb 2024 05:31:35 GMT
File type ASCII text, with very long lines (3253)
Hash 2d5f5b8f6492db332d37db7e1fb2a291
226ee9d43e3a46f2e688aeb5650683c1b723c09e
19e45501a86fbc33ce44ee262a2a74a309682d48656215b6277ba12108808cae
GET /wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/kmPnw_xy3PP.css HTTP/1.1
Host: www.jbaddoclothiers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 15:31:55 GMT
Server: Apache
Last-Modified: Thu, 16 Nov 2023 00:36:44 GMT
ETag: "12d7-60a3a36cc3f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1254
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/css
www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/jUHn-1PzXx7.css
200 OK 917 B URL GET HTTP/1.1 www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/jUHn-1PzXx7.css
IP
Requested by https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
Certificate IssuerLet's Encrypt
Subjectwww.jbaddoclothiers.com
Fingerprint4C:BF:7A:80:58:34:3A:72:21:CC:C9:7B:95:0C:05:7B:2D:12:74:8C
ValiditySun, 19 Nov 2023 05:31:36 GMT - Sat, 17 Feb 2024 05:31:35 GMT
File type ASCII text, with very long lines (943)
Hash a308535c832686478bcb17fc48e3851d
e9b1328cbf64addb91f8d4e240f4b746d7a2641d
71abe6e93371510b542e14f7f1e188ca0e3b99648ac7eed179351cda7cd77d89
GET /wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/jUHn-1PzXx7.css HTTP/1.1
Host: www.jbaddoclothiers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 15:31:55 GMT
Server: Apache
Last-Modified: Thu, 16 Nov 2023 00:36:44 GMT
ETag: "894-60a3a36cc3f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 917
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/css
www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/hsts-pixel.gif
200 OK 43 B URL GET HTTP/1.1 www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/hsts-pixel.gif
IP
Requested by https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
Certificate IssuerLet's Encrypt
Subjectwww.jbaddoclothiers.com
Fingerprint4C:BF:7A:80:58:34:3A:72:21:CC:C9:7B:95:0C:05:7B:2D:12:74:8C
ValiditySun, 19 Nov 2023 05:31:36 GMT - Sat, 17 Feb 2024 05:31:35 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Analyzer Verdict Alert urlquery phishing Phishing - Facebook
GET /wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/hsts-pixel.gif HTTP/1.1
Host: www.jbaddoclothiers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 15:31:55 GMT
Server: Apache
Last-Modified: Thu, 16 Nov 2023 00:36:44 GMT
ETag: "2b-60a3a36cc3f00"
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/gif
www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/4lCu2zih0ca.svg
200 OK 2.5 kB URL GET HTTP/1.1 www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/4lCu2zih0ca.svg
IP
Requested by https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
Certificate IssuerLet's Encrypt
Subjectwww.jbaddoclothiers.com
Fingerprint4C:BF:7A:80:58:34:3A:72:21:CC:C9:7B:95:0C:05:7B:2D:12:74:8C
ValiditySun, 19 Nov 2023 05:31:36 GMT - Sat, 17 Feb 2024 05:31:35 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2439)
Hash ecd94021d2c853c3b8deb8203ba17300
6f0e24baf66ae386041e8faf42363418a4c96144
0d6f8d206a6bd8b60a2048a3df206ac956a2f633786e4af1c02057f81758ad7a
GET /wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/4lCu2zih0ca.svg HTTP/1.1
Host: www.jbaddoclothiers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 15:31:55 GMT
Server: Apache
Last-Modified: Thu, 16 Nov 2023 00:36:44 GMT
ETag: "9f5-60a3a36cc3f00"
Accept-Ranges: bytes
Content-Length: 2549
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/O7nelmd9XSI.png
200 OK 95 B URL GET HTTP/1.1 www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/O7nelmd9XSI.png
IP
Requested by https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
Certificate IssuerLet's Encrypt
Subjectwww.jbaddoclothiers.com
Fingerprint4C:BF:7A:80:58:34:3A:72:21:CC:C9:7B:95:0C:05:7B:2D:12:74:8C
ValiditySun, 19 Nov 2023 05:31:36 GMT - Sat, 17 Feb 2024 05:31:35 GMT
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 39c11d656220efd52f4965400d14900a
327050099cee8d1ad81e7bfbe5ca2ea057780a87
c0f9968d0fa5f4deff86babccd6df52306138314607a6f3f0acd2e7afc783d1c
GET /wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/O7nelmd9XSI.png HTTP/1.1
Host: www.jbaddoclothiers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/_6X1Yz9OdXS.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 15:31:55 GMT
Server: Apache
Last-Modified: Thu, 16 Nov 2023 00:36:44 GMT
ETag: "5f-60a3a36cc3f00"
Accept-Ranges: bytes
Content-Length: 95
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/oLQ2XLos1GB.png
200 OK 31 kB URL GET HTTP/1.1 www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/oLQ2XLos1GB.png
IP
Requested by https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
Certificate IssuerLet's Encrypt
Subjectwww.jbaddoclothiers.com
Fingerprint4C:BF:7A:80:58:34:3A:72:21:CC:C9:7B:95:0C:05:7B:2D:12:74:8C
ValiditySun, 19 Nov 2023 05:31:36 GMT - Sat, 17 Feb 2024 05:31:35 GMT
File type PNG image data, 849 x 942, 8-bit colormap, non-interlaced\012- data
Hash 53c223e7b9ba9892e131f996a12b95d3
832303f12d73895822772878ef39d412460e3e88
7e01409adcfa7be88df347204a543a8d53b1d7a4852757a7e248dc5765a91d33
GET /wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/oLQ2XLos1GB.png HTTP/1.1
Host: www.jbaddoclothiers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/6Iat9vceOOw.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 15:31:55 GMT
Server: Apache
Last-Modified: Thu, 16 Nov 2023 00:36:44 GMT
ETag: "7968-60a3a36cc3f00"
Accept-Ranges: bytes
Content-Length: 31080
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/hLRJ1GG_y0J.ico
200 OK 4.3 kB URL GET HTTP/1.1 www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/hLRJ1GG_y0J.ico
IP
Requested by https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
Certificate IssuerLet's Encrypt
Subjectwww.jbaddoclothiers.com
Fingerprint4C:BF:7A:80:58:34:3A:72:21:CC:C9:7B:95:0C:05:7B:2D:12:74:8C
ValiditySun, 19 Nov 2023 05:31:36 GMT - Sat, 17 Feb 2024 05:31:35 GMT
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 8cddca427dae9b925e73432f8733e05a
1999a6f624a25cfd938eef6492d34fdc4f55dedc
89676a3fb8639d6531c525e5800ff4cc44d06d27ff5607922d27e390eb5b6e62
Analyzer Verdict Alert urlquery phishing Phishing - Facebook
GET /wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/hLRJ1GG_y0J.ico HTTP/1.1
Host: www.jbaddoclothiers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jbaddoclothiers.com/wp-content/uploads/gravity_forms/f/d/c/h/test/configXFE/FaceBook/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 15:31:55 GMT
Server: Apache
Last-Modified: Thu, 16 Nov 2023 00:36:42 GMT
ETag: "10be-60a3a36adba80"
Accept-Ranges: bytes
Content-Length: 4286
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: image/x-icon
54.83.152.79