r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2422
Expires: Sat, 26 Nov 2022 12:31:04 GMT
Date: Sat, 26 Nov 2022 11:50:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4723
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:50:42 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:59 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5095
Expires: Sat, 26 Nov 2022 13:15:37 GMT
Date: Sat, 26 Nov 2022 11:50:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 11:19:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1889
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BQB40y3ip/Tt1agGlSbVYq3fRFSCsG0VrUBksMXpObyiwplu2+VozOFRhLqOKEV0V/vxK7KQJGw=
x-amz-request-id: VK0DQZ5XM3DP6MK0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 11:44:13 GMT
age: 389
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/
192.185.48.199200 OK 20 kB URL HTTP/1.1 socklove.vegasfootlove.com/
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators
Hash d57a9d95938195dea0ec7d4fa7ef0b76
9e935ec91ca6bec1e7b2ee88c6337fcec8dcbf3f
95e25671be580cded68522d2af65470044e975e9eb861e211f1f6519166471d2
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 11:50:42 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 08 Nov 2022 22:44:37 GMT
Accept-Ranges: bytes
Cache-Control: max-age=300
Expires: Sat, 26 Nov 2022 11:55:42 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 0
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 11:50:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700&display=swap
142.250.74.10200 OK 818 B URL HTTP/1.1 fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700&display=swap
IP 142.250.74.10:0
Hash 55e7b7c8b472af2be2314cd0b6ff5f03
e801c9aae7e6ea0cde7a41e63ffa2032b5482e12
26bcfbd86117ba535d4a629e36b60b982a241112b2d4926009bd241876067bf7
GET /css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 26 Nov 2022 11:50:42 GMT
Date: Sat, 26 Nov 2022 11:50:42 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 38393e84de29f5b575dbfe2d4e482978
8d6cf9490ab68dbd557f23c5201064727eff643d
c0f3eeab01c21301e8907860be0ba37300df6d154edc838e9c4061355a3e4586
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0F3EEAB01C21301E8907860BE0BA37300DF6D154EDC838E9C4061355A3E4586"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 26 Nov 2022 17:50:43 GMT
Date: Sat, 26 Nov 2022 11:50:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 38393e84de29f5b575dbfe2d4e482978
8d6cf9490ab68dbd557f23c5201064727eff643d
c0f3eeab01c21301e8907860be0ba37300df6d154edc838e9c4061355a3e4586
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0F3EEAB01C21301E8907860BE0BA37300DF6D154EDC838E9C4061355A3E4586"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 26 Nov 2022 17:50:43 GMT
Date: Sat, 26 Nov 2022 11:50:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 38393e84de29f5b575dbfe2d4e482978
8d6cf9490ab68dbd557f23c5201064727eff643d
c0f3eeab01c21301e8907860be0ba37300df6d154edc838e9c4061355a3e4586
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0F3EEAB01C21301E8907860BE0BA37300DF6D154EDC838E9C4061355A3E4586"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21515
Expires: Sat, 26 Nov 2022 17:49:18 GMT
Date: Sat, 26 Nov 2022 11:50:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 38393e84de29f5b575dbfe2d4e482978
8d6cf9490ab68dbd557f23c5201064727eff643d
c0f3eeab01c21301e8907860be0ba37300df6d154edc838e9c4061355a3e4586
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0F3EEAB01C21301E8907860BE0BA37300DF6D154EDC838E9C4061355A3E4586"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21564
Expires: Sat, 26 Nov 2022 17:50:07 GMT
Date: Sat, 26 Nov 2022 11:50:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 11:08:54 GMT
cache-control: public,max-age=3600
age: 2509
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7c6a7b0663adab46bfa3a3e9bb6e97d
f20dd7e527426e6716726e9f4e3774da194b9d96
73ed1f41ea206c50315c74b87e7095db04988ab284ee34fb0ef2d22a4c11774f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73ED1F41EA206C50315C74B87E7095DB04988AB284EE34FB0EF2D22A4C11774F"
Last-Modified: Sat, 26 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 26 Nov 2022 17:50:43 GMT
Date: Sat, 26 Nov 2022 11:50:43 GMT
Connection: keep-alive
socklove.vegasfootlove.com/wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui-timepicker-addon.min.css?ver=6.1
192.185.48.199200 OK 576 B URL HTTP/2 socklove.vegasfootlove.com/wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui-timepicker-addon.min.css?ver=6.1
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1746), with CRLF line terminators
Hash 86b11f8e900283cf328cbe543663624a
e44655dd558e79eb8f3caffff4af6576070f5711
39a4642c27bdb584b5c487ec692bdb492484e0c4e70b4008f51c57c8c6524a69
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui-timepicker-addon.min.css?ver=6.1 HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 15 May 2022 18:45:25 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 576
content-type: text/css
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/plugins/wp-stats-manager/css/style.css?ver=1.2
192.185.48.199200 OK 2.3 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/plugins/wp-stats-manager/css/style.css?ver=1.2
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (344)
Hash 9208c38e64b5e781a03b9ec6e987e521
ce79e0a6d19987a82057f50e0a9c5a18994d30cd
d489446644b977b21d9b5354e300ea117db278ab172e65816e18c86e7093e91b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-stats-manager/css/style.css?ver=1.2 HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 04 Oct 2022 19:43:07 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 2263
content-type: text/css
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5093
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:50:43 GMT
Last-Modified: Sat, 26 Nov 2022 10:25:50 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/css/all.min.css
192.185.48.199200 OK 12 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/css/all.min.css
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (56656)
Hash 8c3d5cc5f854d153d48dbb407563a291
43c77ae71c15034c8e1197b2e0abd3eb224ff5e7
94486f4aebf14adb5a37cd182dd19dcd3757dc3a139e22870a11c09b42aa72fe
GET /wp-content/themes/gridmag/assets/css/all.min.css HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Jul 2021 07:35:28 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 12310
content-type: text/css
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.185.48.199200 OK 4.6 kB URL HTTP/2 socklove.vegasfootlove.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Dec 2020 08:34:45 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 4618
content-type: application/javascript
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/plugins/wp-file-upload/css/wordpress_file_upload_adminbarstyle.css?ver=6.1
192.185.48.199200 OK 92 B URL HTTP/2 socklove.vegasfootlove.com/wp-content/plugins/wp-file-upload/css/wordpress_file_upload_adminbarstyle.css?ver=6.1
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with no line terminators
Hash 5cb0f5038b643528a681b20178921ce0
b40b77eb4eb72e3b00fee493d406f984480d0199
1f16fd9fb42392922c2af8bec71a6b302d32d179b0bfdc20eab8f71e073cb1ec
GET /wp-content/plugins/wp-file-upload/css/wordpress_file_upload_adminbarstyle.css?ver=6.1 HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sun, 15 May 2022 18:45:25 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 92
content-type: text/css
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/js/jquery.fitvids.min.js
192.185.48.199200 OK 805 B URL HTTP/2 socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/js/jquery.fitvids.min.js
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (1781), with no line terminators
Hash 952f8d518d2444751faf0edbd03aeeb6
2c62aaadbab0ac5c016f787c1227317ad3319c83
76eb75169b78bf0a420da120e4276f077e7401d24888ffcbf6e598a034fee499
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/gridmag/assets/js/jquery.fitvids.min.js HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Jul 2021 07:35:28 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 805
content-type: application/javascript
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-includes/css/classic-themes.min.css?ver=1
192.185.48.199200 OK 189 B URL HTTP/2 socklove.vegasfootlove.com/wp-includes/css/classic-themes.min.css?ver=1
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 07:32:32 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 189
content-type: text/css
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/plugins/wp-file-upload/css/wordpress_file_upload_style_safe.css?ver=6.1
192.185.48.199200 OK 459 B URL HTTP/2 socklove.vegasfootlove.com/wp-content/plugins/wp-file-upload/css/wordpress_file_upload_style_safe.css?ver=6.1
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2988), with no line terminators
Hash a72f24570fef8f8ed3898b15d46fbd36
2d16ecedac698949d0b85bf8c2869a654e5177be
a433ff2e19a09d0e69616c1d6563764ad96c6875747a6f3a2c294c30a96cda1b
GET /wp-content/plugins/wp-file-upload/css/wordpress_file_upload_style_safe.css?ver=6.1 HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sun, 15 May 2022 18:45:25 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 459
content-type: text/css
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.2
192.185.48.199200 OK 1.2 kB URL HTTP/2 socklove.vegasfootlove.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.2
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3224)
Hash 87f4bed252eb77668e3636037c916000
19ac51a9adf3a496fbfc0e6dfb54952ef8fae188
a3b5817302966ca45859092e630e4e0e847f3c20b9ef7b285233aa7ecef5c8bb
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.2 HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 07:32:32 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 1229
content-type: application/javascript
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/js/theia-sticky-sidebar.min.js
192.185.48.199200 OK 2.0 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/js/theia-sticky-sidebar.min.js
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (5370)
Hash 022d9f0798231ffdde46d90e58bee2cd
eca312073213db08947b2ee849c65e830448c881
e964e56472275cc6d62749def21fbcddec63c12a76639db86c0f0c9578cf2235
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/gridmag/assets/js/theia-sticky-sidebar.min.js HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Jul 2021 07:35:28 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 1974
content-type: application/javascript
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/js/navigation.js
192.185.48.199200 OK 2.4 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/js/navigation.js
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 2bda3e7592decbf330a9f1fc24e1d7f2
af57710906435dee33dee7bbd56d7df414d2681f
8d30ccc0b12d6d8873510004687f0505513d3cc43833a4e1f4f3b28f2906fbe2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/gridmag/assets/js/navigation.js HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Jul 2021 07:35:28 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 2422
content-type: application/javascript
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/plugins/wp-file-upload/css/wordpress_file_upload_style.css?ver=6.1
192.185.48.199200 OK 308 B URL HTTP/2 socklove.vegasfootlove.com/wp-content/plugins/wp-file-upload/css/wordpress_file_upload_style.css?ver=6.1
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1020), with no line terminators
Hash be4a2a9c7356d8cfa298d9c1d084a741
71dd4ada10252ebea0014ae385e5158487a67ab4
a7087bc6a36a69187dc0d9bf0d4253e6424ecd6c264c6d25d5790eb74ad87a24
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-file-upload/css/wordpress_file_upload_style.css?ver=6.1 HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sun, 15 May 2022 18:45:25 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 308
content-type: text/css
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui.min.css?ver=6.1
192.185.48.199200 OK 9.3 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui.min.css?ver=6.1
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (29137), with CRLF line terminators
Hash bdfbbfcf1a94c02b9c6ff1ea56f43ba5
d59ab6a0f9f5930ab70b944c59452f16da156778
80d4dfe4c02308332c75573a7f496780459f511accfb12e5231262ba9d987403
GET /wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui.min.css?ver=6.1 HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sun, 15 May 2022 18:45:25 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 9262
content-type: text/css
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/js/skip-link-focus-fix.js
192.185.48.199200 OK 1.6 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/js/skip-link-focus-fix.js
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3478)
Hash cc80d426be4e2ddc6536146f5bc4f1af
daaf8362b2c8fcbb777346bd89a7724ec798ff70
4c498a7138806fc12514ee446a887608d321987bcdbf27b1dd6cfd56ac559e5b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/gridmag/assets/js/skip-link-focus-fix.js HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Jul 2021 07:44:28 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 1587
content-type: application/javascript
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/js/ResizeSensor.min.js
192.185.48.199200 OK 1.3 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/js/ResizeSensor.min.js
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3113), with no line terminators
Hash ae881567afa06f0981195587351441e3
cd0393c4271b825132532b337741430e4915b486
03cf6b9ae3766360fda4e86dd4efc91bcda0e846470331331881a27719eb4fb4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/gridmag/assets/js/ResizeSensor.min.js HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Jul 2021 07:35:28 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 1299
content-type: application/javascript
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
192.185.48.199200 OK 2.1 kB URL HTTP/2 socklove.vegasfootlove.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5477)
Hash f0bd7ad12acdee26cbb2701c1ba3610b
53c5d15129860868b60b74cb010b2c6050a64f69
e6d0cb19e56d22e8e511c23ca2bd233bedb40e3c7cf4ff38fe6f059bc7e0c64f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 12 Aug 2020 07:06:05 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 2103
content-type: application/javascript
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/js/custom.js
192.185.48.199200 OK 2.0 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/js/custom.js
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c90e41e56277b972c068e63051fcaece
ab435bfd54c019ff21bb5da99676213cabf889cd
f98686e7116ddf81208fd03ccf5bf519b49b93ad66e40d6b5e2a6e987355eef0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/gridmag/assets/js/custom.js HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Jul 2021 07:35:28 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 1996
content-type: application/javascript
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.2
192.185.48.199200 OK 3.7 kB URL HTTP/2 socklove.vegasfootlove.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.2
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10549)
Hash afa5c7f2959c8186ab6aa4a0d5cace29
65855ea278d5523322fe551682f46fb332d195ea
6ccd4efbdb93e9caa11376c2254a8a6b91e5b9586ab3489d59bac1283254b496
GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.13.2 HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 07:32:32 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 3714
content-type: application/javascript
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1
192.185.48.199200 OK 5.3 kB URL HTTP/2 socklove.vegasfootlove.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 06:50:50 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 5321
content-type: application/javascript
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui-timepicker-addon.min.js?ver=6.1
192.185.48.199200 OK 14 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui-timepicker-addon.min.js?ver=6.1
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32048), with CRLF line terminators
Hash 285ae0fcd95ea4d307c8ec868b74ffca
107d30eaed5268f76ba2671381fb45fdb150692a
5bfc994307e947241a9b6c46982b18cfc569fe3f98bd75bda16c648aa3ebd6cf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui-timepicker-addon.min.js?ver=6.1 HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 15 May 2022 18:45:25 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 13662
content-type: application/javascript
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2
192.185.48.199200 OK 14 kB URL HTTP/2 socklove.vegasfootlove.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (36548)
Hash fd78079b5bb7ba132ca4ff2b9a1d7a01
685463955947d5c2bd18ed2fa84bccb2e42eb381
0889031ef8e7431839189876b3f1ce668972c05db3fbc5b63f0d067d520f1bb8
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2 HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 07:32:32 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 13813
content-type: application/javascript
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
192.185.48.199200 OK 8.3 kB URL HTTP/2 socklove.vegasfootlove.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 07:32:32 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 8344
content-type: application/javascript
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/js/html5shiv.js
192.185.48.199200 OK 3.6 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/js/html5shiv.js
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text
Hash eda12c52f19c347a3d8d14c46c279722
02dcd94d371a9e82d9f6d83fae7fe09a47793a19
87a95fdd624d5a659afe1a62987ca1ea0d77fe17326492fb20e0a61c156a2437
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/gridmag/assets/js/html5shiv.js HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Jul 2021 07:35:28 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 3626
content-type: application/javascript
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.164.56.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.56.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fJuLElkG9bWEmTD+RvNH/w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2Eyzh2plb6DNQMzv6Bcb6nxe98s=
socklove.vegasfootlove.com/wp-content/uploads/2020/02/inbound9129501274617672387-480x360.jpg
192.185.48.199200 OK 49 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/uploads/2020/02/inbound9129501274617672387-480x360.jpg
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 480x360, components 3\012- data
Hash 2460ddcaa14d4828f7adebbb3820ef2b
4278e0f850dbce8939ecc44586131fc02d5371a6
13fc339225a051a37ee792f9735ed46ee67c5364dd865a8636b3f044bd805b94
GET /wp-content/uploads/2020/02/inbound9129501274617672387-480x360.jpg HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 21 Feb 2020 03:44:24 GMT
accept-ranges: bytes
content-length: 49245
cache-control: max-age=31536000
expires: Sun, 26 Nov 2023 11:50:43 GMT
x-endurance-cache-level: 0
content-type: image/jpeg
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
192.185.48.199200 OK 57 kB URL HTTP/2 socklove.vegasfootlove.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 91fbd74b06e3759499bcc36f61925a68
32093293833086b1bc37d3a7e04a6fa8b04dda3c
fd8d2461a60446b0a4f778a75c7f5eb80c061fe44323370e4ff52484bbf07fba
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 07:32:32 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-type: application/javascript
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/domine/v19/L0x8DFMnlVwD4h3hu_qn.woff2
216.58.207.195200 OK 28 kB URL HTTP/1.1 fonts.gstatic.com/s/domine/v19/L0x8DFMnlVwD4h3hu_qn.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 27624, version 1.0\012- data
Hash 1f72af2c5d07489f5ac244943db9d7eb
49aa6096e9b9b9d4949a79794a72cb31b744d0de
02fbcf6cd136ae3bfc98aecbbc0f0b1f348c05d96390d63a89cdc323a6dda70c
GET /s/domine/v19/L0x8DFMnlVwD4h3hu_qn.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://socklove.vegasfootlove.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 27624
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 26 Nov 2022 02:56:00 GMT
Expires: Sun, 26 Nov 2023 02:56:00 GMT
Cache-Control: public, max-age=31536000
Age: 32083
Last-Modified: Mon, 11 Jul 2022 19:06:59 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
216.58.207.195200 OK 36 kB URL HTTP/1.1 fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 35764, version 1.0\012- data
Hash 60f23230f1a8d5c3b7d25b73f5b5ce23
ed08ada85d017893b9bcb8224e99154c6708f5d2
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
GET /s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://socklove.vegasfootlove.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 35764
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 09:18:32 GMT
Expires: Fri, 24 Nov 2023 09:18:32 GMT
Cache-Control: public, max-age=31536000
Age: 181931
Last-Modified: Mon, 18 Jul 2022 19:06:36 GMT
Content-Type: font/woff2
socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/images/background.png
192.185.48.199200 OK 5.4 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/images/background.png
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit grayscale, non-interlaced\012- data
Hash 4fbe10ae7a8f7c25250019e4a1a78235
ffefb89629c29d2220f3a1d10da8cc8c7a5eb0a5
d3d758c3632f5ac1ef5b6cddf50941ca9b7997ffe48bef30229ebf8ee835cb50
GET /wp-content/themes/gridmag/assets/images/background.png HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Jul 2021 07:35:28 GMT
accept-ranges: bytes
content-length: 5425
cache-control: max-age=31536000
expires: Sun, 26 Nov 2023 11:50:43 GMT
x-endurance-cache-level: 0
content-type: image/png
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/images/gridmag-grid-post-thumbnail-bg.png
192.185.48.199200 OK 2.9 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/images/gridmag-grid-post-thumbnail-bg.png
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash fad04f60839d937fa6c1b9a6438d8c85
cad7cf71470493c988bac8a2980b05c31b9d6527
3e01a3fbd8319ba2676b357d971b5c31d7ce0829ea131ee1f5495c4c9bccda33
GET /wp-content/themes/gridmag/assets/images/gridmag-grid-post-thumbnail-bg.png HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://socklove.vegasfootlove.com/wp-content/themes/gridmag/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Jul 2021 07:35:28 GMT
accept-ranges: bytes
content-length: 2863
cache-control: max-age=31536000
expires: Sun, 26 Nov 2023 11:50:43 GMT
x-endurance-cache-level: 0
content-type: image/png
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/plugins/wp-file-upload/js/wordpress_file_upload_functions.js?ver=6.1
192.185.48.199200 OK 34 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/plugins/wp-file-upload/js/wordpress_file_upload_functions.js?ver=6.1
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash f2c2c9858bd9bb09093450b5d5e27410
456eb100cc426be592953c0f48afbfb98536b840
9d057103d1ac569c9fc0b4842b86d290acccbd3bd04afa62db036b37f5ef8fb5
GET /wp-content/plugins/wp-file-upload/js/wordpress_file_upload_functions.js?ver=6.1 HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 15 May 2022 18:45:25 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-type: application/javascript
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/uploads/2021/01/inbound8016366238880635323-480x360.jpg
192.185.48.199200 OK 30 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/uploads/2021/01/inbound8016366238880635323-480x360.jpg
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 480x360, components 3\012- data
Hash 9b9585c4e5bf1ff1079985d5269bf446
d87500d10a36c7f7f235a614dffaeedd140cd4df
a86f32226728dcc7a484acff35128b771ac436f62085c2ed5dd32369528ddb96
GET /wp-content/uploads/2021/01/inbound8016366238880635323-480x360.jpg HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 10 Jan 2021 10:36:33 GMT
accept-ranges: bytes
content-length: 29721
cache-control: max-age=31536000
expires: Sun, 26 Nov 2023 11:50:43 GMT
x-endurance-cache-level: 0
content-type: image/jpeg
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/uploads/2020/11/90E5D7CE-480F-4A80-828B-96A23B7D8806-480x360.jpeg
192.185.48.199200 OK 21 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/uploads/2020/11/90E5D7CE-480F-4A80-828B-96A23B7D8806-480x360.jpeg
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 480x360, components 3\012- data
Hash 6d4712fac0c155e0020a1619b14570e0
1d0796048845ec5345c4a35341e9b39525fb4798
b10464b567a0421658f360750d53507ffe10261d294be0f2d2aa1cb8a03acbbc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/11/90E5D7CE-480F-4A80-828B-96A23B7D8806-480x360.jpeg HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 11 Nov 2020 16:45:37 GMT
accept-ranges: bytes
content-length: 21295
cache-control: max-age=31536000
expires: Sun, 26 Nov 2023 11:50:43 GMT
x-endurance-cache-level: 0
content-type: image/jpeg
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/uploads/2020/11/3DFC6CA1-80AE-4CCB-85D3-4430446E6A3F-480x360.jpeg
192.185.48.199200 OK 20 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/uploads/2020/11/3DFC6CA1-80AE-4CCB-85D3-4430446E6A3F-480x360.jpeg
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 480x360, components 3\012- data
Hash 29e1901252de3c8e1990dde8a3ce1f0a
ec2ba948ea434fc81238d1b12fb55440290dd790
2471b7315ce5fe0be6bb41d8d9a4c6fa72973be893071a0c6f4e36a49446c5e9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/11/3DFC6CA1-80AE-4CCB-85D3-4430446E6A3F-480x360.jpeg HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 11 Nov 2020 17:11:48 GMT
accept-ranges: bytes
content-length: 20546
cache-control: max-age=31536000
expires: Sun, 26 Nov 2023 11:50:43 GMT
x-endurance-cache-level: 0
content-type: image/jpeg
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/uploads/2020/11/image-5-480x360.jpg
192.185.48.199200 OK 23 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/uploads/2020/11/image-5-480x360.jpg
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 480x360, components 3\012- data
Hash bc588499b25e627656fb175292282904
4bf996b54ac29a3eb401419d7c9b950a9e110c33
6a5e22614a48a97ee416868e189edb7bc5b70f1c2c04f5d8b0d2d6825fb4765f
GET /wp-content/uploads/2020/11/image-5-480x360.jpg HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 11 Nov 2020 16:20:43 GMT
accept-ranges: bytes
content-length: 22680
cache-control: max-age=31536000
expires: Sun, 26 Nov 2023 11:50:43 GMT
x-endurance-cache-level: 0
content-type: image/jpeg
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/uploads/2020/11/image-1-480x360.jpg
192.185.48.199200 OK 19 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/uploads/2020/11/image-1-480x360.jpg
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 480x360, components 3\012- data
Hash 164cf471152da96c152c4d27ad1e0228
c73a8464add05b8b02e42922ffe6a7b1c65e68fb
2279cab42c4a23ea2407c1ef4ef96a97d8b8c797cd995f7fb818e657f6afb7d7
GET /wp-content/uploads/2020/11/image-1-480x360.jpg HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 11 Nov 2020 15:11:43 GMT
accept-ranges: bytes
content-length: 19141
cache-control: max-age=31536000
expires: Sun, 26 Nov 2023 11:50:43 GMT
x-endurance-cache-level: 0
content-type: image/jpeg
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/uploads/2020/11/4643002A-9892-4C97-BA36-93945F6354FF-480x360.jpeg
192.185.48.199200 OK 32 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/uploads/2020/11/4643002A-9892-4C97-BA36-93945F6354FF-480x360.jpeg
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 480x360, components 3\012- data
Hash dee0f50f2e4932988f2e4d058aa8d4f1
a6277816ed257423d054f27012f2332c2fbd1c2e
dcb47a7e4a36d7574722d56b790626773ea26986c0803484bfac8e96e8f84c79
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/11/4643002A-9892-4C97-BA36-93945F6354FF-480x360.jpeg HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 11 Nov 2020 21:27:16 GMT
accept-ranges: bytes
content-length: 32042
cache-control: max-age=31536000
expires: Sun, 26 Nov 2023 11:50:43 GMT
x-endurance-cache-level: 0
content-type: image/jpeg
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/uploads/2020/08/8500C06C-2646-420A-8DBC-42A3228F6121-480x360.jpeg
192.185.48.199200 OK 20 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/uploads/2020/08/8500C06C-2646-420A-8DBC-42A3228F6121-480x360.jpeg
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 480x360, components 3\012- data
Hash db2859cc92b65cd03ff354a27802a138
913e75de4de75c454cf4b0ec5424d5e2552eb9ee
3c501c63d3c9355803fcc8f5b12641ae82856c47ba460607208fc024e8bb740c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/8500C06C-2646-420A-8DBC-42A3228F6121-480x360.jpeg HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 12 Aug 2020 15:34:55 GMT
accept-ranges: bytes
content-length: 20457
cache-control: max-age=31536000
expires: Sun, 26 Nov 2023 11:50:43 GMT
x-endurance-cache-level: 0
content-type: image/jpeg
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/uploads/2020/08/inbound2188803368039384829-480x360.jpg
192.185.48.199200 OK 21 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/uploads/2020/08/inbound2188803368039384829-480x360.jpg
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 480x360, components 3\012- data
Hash fc87b6a569d44edbc727e679e7e6de29
d0d9813f3c58e6685084ddeb6f0873d6e1b2e807
5f48b0afbda5dd9bcf86157d342272e5838c92743247cceb5b40bc75bd3169c2
GET /wp-content/uploads/2020/08/inbound2188803368039384829-480x360.jpg HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 12 Aug 2020 22:02:28 GMT
accept-ranges: bytes
content-length: 21285
cache-control: max-age=31536000
expires: Sun, 26 Nov 2023 11:50:43 GMT
x-endurance-cache-level: 0
content-type: image/jpeg
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/uploads/2020/08/A68C7395-665C-4F20-9441-61F5FD8635D3-480x360.jpeg
192.185.48.199200 OK 29 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/uploads/2020/08/A68C7395-665C-4F20-9441-61F5FD8635D3-480x360.jpeg
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 480x360, components 3\012- data
Hash 16d5c3f7c96e9551103f3a3f9756b315
57a38de0575156c82e250f42865435f0f1a6331f
5fbe63d7b384b50584ea17c849096e5f8c8cc329df9a2fdcb77e3e9e4ab4c5f7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/A68C7395-665C-4F20-9441-61F5FD8635D3-480x360.jpeg HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 13 Aug 2020 23:28:14 GMT
accept-ranges: bytes
content-length: 28894
cache-control: max-age=31536000
expires: Sun, 26 Nov 2023 11:50:43 GMT
x-endurance-cache-level: 0
content-type: image/jpeg
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/uploads/2020/08/107846577_100765368394800_4850598561608865103_o-480x360.jpg
192.185.48.199200 OK 46 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/uploads/2020/08/107846577_100765368394800_4850598561608865103_o-480x360.jpg
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 480x360, components 3\012- data
Hash b54ec432ec92b6b550fd24035fb70d58
60ef95c9a8cfc7cda578a3aabb9bf20ed0db833d
d8b91e1400b420a5fa661dbd38246efb0e67a162fbc40c85cb84b9f7b5cd8204
GET /wp-content/uploads/2020/08/107846577_100765368394800_4850598561608865103_o-480x360.jpg HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 13 Aug 2020 00:29:54 GMT
accept-ranges: bytes
content-length: 46464
cache-control: max-age=31536000
expires: Sun, 26 Nov 2023 11:50:43 GMT
x-endurance-cache-level: 0
content-type: image/jpeg
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/webfonts/fa-regular-400.woff
192.185.48.199200 OK 17 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/webfonts/fa-regular-400.woff
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 16804, version 330.32571\012- data
Hash 14f22fbed8146dbf3b497bb32d8491b0
59439d3ad31d856d78ec3e2bd9f1eafa2c7a581c
ff48439c9d1d26f9a9c1645a083d1b5fa9753c9e7fdc519818ee9316c699cc35
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/gridmag/assets/webfonts/fa-regular-400.woff HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://socklove.vegasfootlove.com
Connection: keep-alive
Referer: https://socklove.vegasfootlove.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Jul 2021 07:35:28 GMT
accept-ranges: bytes
content-length: 16804
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
x-endurance-cache-level: 0
content-type: font/woff
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/webfonts/fa-solid-900.woff2
192.185.48.199200 OK 140 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/webfonts/fa-solid-900.woff2
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 75620, version 330.32571\012- data
Size 140 kB (139696 bytes)
Hash a5119eba757ec0f86b96563da5677462
d54a0d759bf0c48a530b48408f380def38301778
326b5591b985a05c4e3d9c0e9440b52357507018a4c04b1965c84b2a1ce165ba
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/gridmag/assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://socklove.vegasfootlove.com
Connection: keep-alive
Referer: https://socklove.vegasfootlove.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Jul 2021 07:35:28 GMT
accept-ranges: bytes
content-length: 75620
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
x-endurance-cache-level: 0
content-type: font/woff2
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/webfonts/fa-regular-400.ttf
192.185.48.199200 OK 34 kB URL HTTP/2 socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/webfonts/fa-regular-400.ttf
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type TrueType Font data, 13 tables, 1st "FFTM", 28 names, Macintosh\012- data
Hash 9230982faf6ed4d1dab07babfb813777
0f4bd02942a54a6b3200d9078adff88c2812e751
9acf244ad788a3b85024428193027b70763720cfc65a2d8f07b054dbe51cc84b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/gridmag/assets/webfonts/fa-regular-400.ttf HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://socklove.vegasfootlove.com
Connection: keep-alive
Referer: https://socklove.vegasfootlove.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Jul 2021 07:35:28 GMT
accept-ranges: bytes
content-length: 34096
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:44 GMT
x-endurance-cache-level: 0
content-type: font/ttf
date: Sat, 26 Nov 2022 11:50:44 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/favicon.ico
192.185.48.199200 OK 79 kB URL HTTP/1.1 socklove.vegasfootlove.com/favicon.ico
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65230), with CRLF line terminators
Hash 77bf807cdbedcaeab3137cc65338908b
527edcb6cfde0edee39b8755a149ca112ce649be
aadb972a1ca0a5bbeba30dc418e213a57dec57dd327dc3460f1eee66730d09a6
GET /favicon.ico HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Cookie: _wsm_id_1_40dc=f4ef03060ffa4994.1669463443.1.1669463443.1669463443; _wsm_ses_1_40dc=*
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 11:50:44 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Cache-Control: max-age=300
Expires: Sat, 26 Nov 2022 11:55:44 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 0
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4449
Expires: Sat, 26 Nov 2022 13:04:53 GMT
Date: Sat, 26 Nov 2022 11:50:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4449
Expires: Sat, 26 Nov 2022 13:04:53 GMT
Date: Sat, 26 Nov 2022 11:50:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 926df9839ec3d924b563b55d8bccace8
c47a3884465fc02b5c57faa5ffbd986ba29c64c2
a97cd625959aa81bc516024628315b2c6e2ce94f76cd579751a686a6611cc4d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: eede6332-5376-4f9c-83fc-f894430c1f4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWYFFgoAMFhaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-66d7ffc70f7d901420a503da;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yM8EHyxy6pUHVZhGUOHuFOU-Z4eTyL2N3Ooa6QMrPlIfp6X5I_JBRw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 50678
etag: "c47a3884465fc02b5c57faa5ffbd986ba29c64c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0f860248042a8499ffb1701a880b2ba
845842c789e6e97fd1687e668d446bbb8309ffc7
9eca5258c7b6e4e145ca6576a3f3791f1324714404ffd7a56a61961f81e7bd44
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11150
x-amzn-requestid: 0b773c28-feda-41a2-9de6-8b559bd773eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVC5EukoAMFxfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813545-3bfe118939abc352072c5af1;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TpEr70sCNigNhVg7rDFIUG12AVpzC0BUW6-xW3QTvjLcBUrpehjJbQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 50678
etag: "845842c789e6e97fd1687e668d446bbb8309ffc7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SRN-oOfa8Z0mQZFYkWAv32XFiXChfGjfwZkfWz-IzHubwrKgzwoTxQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 03:55:38 GMT
age: 28506
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8dc4b8a7e9f7f4f84f0da568b43392b
3d32bff85cb7ec118c4496d0c3802829fdc9af3b
4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: utbUF-6Z7rMqPNdRKHJyI-IZoyTy6HpkNBY-60xcZ-6NDXBz1XN6-Q==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:48:40 GMT
age: 50524
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-includes/js/masonry.min.js?ver=4.2.2
192.185.48.199200 OK 9.8 kB URL HTTP/2 socklove.vegasfootlove.com/wp-includes/js/masonry.min.js?ver=4.2.2
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 95101ded0fe92a85649a086992948008
afed98649590f2524a9e530c53eebbc1ba36da6a
7f754cb2105494045efe657c47313e77bb26361ca45a6f8cbce1fdb52a15ba01
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 12 Aug 2020 07:06:05 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-length: 9216
content-type: application/javascript
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/?wmcAction=wmcTrack&action_name=Sock%20Love%20Market%20Place%20%E2%80%93%20Well%20Worn%20Womens%20Socks%20For%20Sale&siteId=1&rec=1&rand=073398&h=11&m=50&s=43&url=http%3A%2F%2Fsocklove.vegasfootlove.com%2F&uid=0&pid=0&visitorId=f4ef03060ffa4994&fvts=1669463443&vc=1&idn=0&refts=0&lvts=1669463443&fullRef=socklove.vegasfootlove.com%2F&send_image=1&cookie=1&res=1280x1024>ms=260&pvId=FSug7C&browser=Firefox_105&os=Windows_10&device=Desktop
192.185.48.199200 OK 83 kB URL HTTP/2 socklove.vegasfootlove.com/?wmcAction=wmcTrack&action_name=Sock%20Love%20Market%20Place%20%E2%80%93%20Well%20Worn%20Womens%20Socks%20For%20Sale&siteId=1&rec=1&rand=073398&h=11&m=50&s=43&url=http%3A%2F%2Fsocklove.vegasfootlove.com%2F&uid=0&pid=0&visitorId=f4ef03060ffa4994&fvts=1669463443&vc=1&idn=0&refts=0&lvts=1669463443&fullRef=socklove.vegasfootlove.com%2F&send_image=1&cookie=1&res=1280x1024>ms=260&pvId=FSug7C&browser=Firefox_105&os=Windows_10&device=Desktop
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3bce1c9ba5aef9400fcc06108315abd3
b81086eae7f4d78ebc1f684d8469033bb3655ecf
0afdadb9d063fb59f65b64ba45e8463436a86c03cdebb7dc8c333f8cf5baf0d1
GET /?wmcAction=wmcTrack&action_name=Sock%20Love%20Market%20Place%20%E2%80%93%20Well%20Worn%20Womens%20Socks%20For%20Sale&siteId=1&rec=1&rand=073398&h=11&m=50&s=43&url=http%3A%2F%2Fsocklove.vegasfootlove.com%2F&uid=0&pid=0&visitorId=f4ef03060ffa4994&fvts=1669463443&vc=1&idn=0&refts=0&lvts=1669463443&fullRef=socklove.vegasfootlove.com%2F&send_image=1&cookie=1&res=1280x1024>ms=260&pvId=FSug7C&browser=Firefox_105&os=Windows_10&device=Desktop HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=300
expires: Sat, 26 Nov 2022 11:55:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-type: text/html; charset=UTF-8
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 89527e097435c7a069d744dbdd2b7549
8e30d0c18d1888bf7fcaa02b421b3d6876fc43b6
83a0f18ebac9e4bda39239e4e94e789150415700df65809e9f960a9cf8a2a070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83A0F18EBAC9E4BDA39239E4E94E789150415700DF65809E9F960A9CF8A2A070"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9897
Expires: Sat, 26 Nov 2022 14:35:41 GMT
Date: Sat, 26 Nov 2022 11:50:44 GMT
Connection: keep-alive
aws-wwcloud.net/async/?id=3422stfn3ykkra98z8f2deh1e3ais12t
146.0.77.131200 OK 177 B URL HTTP/1.1 aws-wwcloud.net/async/?id=3422stfn3ykkra98z8f2deh1e3ais12t
IP 146.0.77.131:0
File type PNG image data, 1 x 1, 4-bit colormap, non-interlaced\012- data
Hash a9428714a3fc96dda46bf3dcb266266a
ccdf71be456f9f753967364b9b0ef38c1159d5ed
4f078541628ddaeeb2c66ef06b22c95df4ff9deb16a68554d4ad2f78380c42c2
Analyzer Verdict Alert fortinet Phishing
GET /async/?id=3422stfn3ykkra98z8f2deh1e3ais12t HTTP/1.1
Host: aws-wwcloud.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://socklove.vegasfootlove.com
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.1
Date: Sat, 26 Nov 2022 11:50:45 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Access-Control-Allow-Origin: *
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=e5b8djhfkbuj7utvrqhn2udk40; path=/
_subid=3fk8c9q8fkc7o; expires=Sun, 27-Nov-2022 11:50:45 GMT; path=/; domain=.aws-wwcloud.net
fcada=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjM3MVwiOjE2Njk0NjM0NDV9LFwiY2FtcGFpZ25zXCI6e1wiMjJcIjoxNjY5NDYzNDQ1fSxcInRpbWVcIjoxNjY5NDYzNDQ1fSJ9.lsENhogfS33Pv_IOAMibPi0-ZMxQpxrD3-bkvkNIyuI; expires=Sun, 27-Nov-2022 11:50:45 GMT; path=/; domain=.aws-wwcloud.net
Strict-Transport-Security: max-age=31536000;
socklove.vegasfootlove.com/wp-content/themes/gridmag/style.css
192.185.48.199200 OK 0 B URL HTTP/2 socklove.vegasfootlove.com/wp-content/themes/gridmag/style.css
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/themes/gridmag/style.css HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Jul 2021 07:35:28 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-type: text/css
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/plugins/wp-stats-manager/js/wsm_new.js
192.185.48.199200 OK 0 B URL HTTP/2 socklove.vegasfootlove.com/wp-content/plugins/wp-stats-manager/js/wsm_new.js
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-stats-manager/js/wsm_new.js HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 04 Oct 2022 19:43:07 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-type: application/javascript
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/webfonts/fa-solid-900.ttf
192.185.48.199200 OK 0 B URL HTTP/2 socklove.vegasfootlove.com/wp-content/themes/gridmag/assets/webfonts/fa-solid-900.ttf
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/gridmag/assets/webfonts/fa-solid-900.ttf HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://socklove.vegasfootlove.com
Connection: keep-alive
Referer: https://socklove.vegasfootlove.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Jul 2021 07:35:28 GMT
accept-ranges: bytes
content-length: 192472
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:50:44 GMT
x-endurance-cache-level: 0
content-type: font/ttf
date: Sat, 26 Nov 2022 11:50:44 GMT
server: Apache
X-Firefox-Spdy: h2
socklove.vegasfootlove.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1
192.185.48.199200 OK 0 B URL HTTP/2 socklove.vegasfootlove.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1
IP 192.185.48.199:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1 HTTP/1.1
Host: socklove.vegasfootlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://socklove.vegasfootlove.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 15 Nov 2022 20:13:53 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:50:43 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
content-type: text/css
date: Sat, 26 Nov 2022 11:50:43 GMT
server: Apache
X-Firefox-Spdy: h2