firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 21 Oct 2022 23:52:32 GMT
Expires: Sat, 22 Oct 2022 00:50:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KimOEIG5-1qbhh6R_ubGFGbf7K5BCPBTeDVS-fKUWPWrwZ8-8itW4g==
Age: 1090
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c19f4a1def760c07cbc4aec1d0d6c050
6ad911a7c02f5e5fdd82fa86cae0453528d53a6d
750bba81910a4bbd78ab484ba03781a36459a0aec147d7c47424e9a9bf152b40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750BBA81910A4BBD78AB484BA03781A36459A0AEC147D7C47424E9A9BF152B40"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2168
Expires: Sat, 22 Oct 2022 00:46:50 GMT
Date: Sat, 22 Oct 2022 00:10:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9dc4f23f82148797f6d8041bdda3c7f7
6841ded3e2dd94fd762316d01efd43f7aafb8354
e229db1854a85b320cee574e805210f3adf5797136ea820c0a0ce9abcd63d4dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E229DB1854A85B320CEE574E805210F3ADF5797136EA820C0A0CE9ABCD63D4DD"
Last-Modified: Thu, 20 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4169
Expires: Sat, 22 Oct 2022 01:20:11 GMT
Date: Sat, 22 Oct 2022 00:10:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LNwoGwYU1b6EX2WYmUuQ/bepPY8/Dux9V/IfmNz1Ce5ZFV7qkRMVGNBLPnW6hFV/+keO7a6Q4eg=
x-amz-request-id: TX24EHQFBYWMHS8V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 21 Oct 2022 23:37:21 GMT
age: 2001
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 00:10:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 21 Oct 2022 23:43:40 GMT
Cache-Control: max-age=3600
Expires: Fri, 21 Oct 2022 23:54:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sw3EHg5zO0yHfR8SO6vBqVcaH9w_DRyNGxPKEXxkLDrabDZHi1hXjg==
Age: 1623
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f47cc320695635b544a761f72f3afc6f
b7cee764dcb0a625e0f8e0b4a4fce04548a1bf76
78608be3d0d6aaaf0364aed316b8676ab28d23c9b6a8ac6c147cf5d16e5cc283
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4172
Cache-Control: max-age=119136
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 00:10:43 GMT
Etag: "63525317-1d7"
Expires: Sun, 23 Oct 2022 09:16:19 GMT
Last-Modified: Fri, 21 Oct 2022 08:06:47 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
greentario.com/
216.145.105.7301 Moved Permanently 0 B IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 22 Oct 2022 00:10:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Redirect-By: WordPress
Location: https://www.greentario.com/
X-Powered-By: PHP/7.4.32, PleskLin
push.services.mozilla.com/
35.155.157.101101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.155.157.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vCA3iA6i1XBFu8qBjR/lDA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IapBW4ySSNoo8fOwfnnA08roH84=
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 899bb390345fcd60cb707263011f8d08
e9765839c72e2cae6a1d744f994f18e96b897f6b
befce56d98b2af1738edf7e69dec301ed7554a25e1797747137cc85e4a7623af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=168625
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 00:10:43 GMT
Etag: "635324b4-2d7"
Expires: Sun, 23 Oct 2022 23:01:08 GMT
Last-Modified: Fri, 21 Oct 2022 23:01:08 GMT
Server: nginx
Content-Length: 727
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15812
Expires: Sat, 22 Oct 2022 04:34:16 GMT
Date: Sat, 22 Oct 2022 00:10:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15812
Expires: Sat, 22 Oct 2022 04:34:16 GMT
Date: Sat, 22 Oct 2022 00:10:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15812
Expires: Sat, 22 Oct 2022 04:34:16 GMT
Date: Sat, 22 Oct 2022 00:10:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15812
Expires: Sat, 22 Oct 2022 04:34:16 GMT
Date: Sat, 22 Oct 2022 00:10:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cdaacab30d73a7d05180cc16f4a96a3f
6cc0e39e0decbc20c765f171f63affd85fc9e6da
f015c3b1d838bd7d100ee104551bed2bb06a512b20ce3e5ac419d54b747fadd0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10720
x-amzn-requestid: 96267527-f482-4bfa-ba7a-12467408efe9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-MvGutIAMFc8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b7-25f2624559b0fb7d62ced3a3;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:51 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4--AiSTKMMOm9HnJL_ervFnd5rkQ-WZfGM-FNkxXKO892SPw67cxXA==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:11:42 GMT
age: 7142
etag: "6cc0e39e0decbc20c765f171f63affd85fc9e6da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ef386b42bd6b9efb747cfeb3d64fb7a
db63f62383d513348c1ef231ea4fb58d7e1e044e
988cb73f0fef893d2d65a66fad0b171350102f4496fa5ba22e415d5929373d0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10684
x-amzn-requestid: 643c8e7b-15e9-4241-8ba1-e3f4a4592373
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-okE7AoAMFjDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-705159c619bc23880acd4d42;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Npq_KhYynsGPhwdVvIa_JeWi13m74Qgm7vw5GyWDydH7tzON7p0MYA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:32 GMT
age: 7812
etag: "db63f62383d513348c1ef231ea4fb58d7e1e044e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 616e14aee034bbf77c3b74b3ea53961b
ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c
0ae716474e2837c90c658d635fb9db2c8d4cdb7bf025b8e4e9e802e3ff56b0c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7372
x-amzn-requestid: 080f5f7f-51a8-4ef5-9acc-0c7f7f64defb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-ojEg2IAMFjPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-5106c8af6e77450c33a0c899;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -R91mOdVOCkUp-5vOpEyQactO7SrjtbYwxTsvbR1LP6fBlFZFDTP5A==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:32 GMT
age: 7812
etag: "ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d7888fa-b929-4b9c-b42a-48eeeefeb499.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d7888fa-b929-4b9c-b42a-48eeeefeb499.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc263c0f18e27e8b7f6b841c1e400069
06e91c12abd2c7182991312a4ca0a71c8c0b898d
98b8a8d1c1b279424ac967d0f6e333b5ba981450c3a5823695c5f4490f6d7330
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d7888fa-b929-4b9c-b42a-48eeeefeb499.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9534
x-amzn-requestid: ad6b6fb0-d36e-4aa4-abba-a931a040b0f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-czHZgoAMFX2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353111e-40f2629721fa12570aa1eb86;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:37:34 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CT7cukYC2rFTB2Je5RYw1qQBAzBSeb2sZMCdBNNCsZ346Lb89-Q_6Q==
via: 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:14:15 GMT
age: 6989
etag: "06e91c12abd2c7182991312a4ca0a71c8c0b898d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a361cef05d531426819a2bffd8ab1e47
9c8050ffd0de58005705219ec70b6e4352e35b5e
0c3c48b96adb7c1dc8a8c3771878dcbab80bbbb9f2d6998038bf5d43831b578b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8856
x-amzn-requestid: 84cc5c28-b71f-4ada-9d3b-e67e820cd080
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzHcsoAMFuNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-6b44e77726dc2003052ce387;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kV1qS7kI7-DRm5Su-p133YIf_m4n6i16uBSDrGdsbMDPxD_2v1a69Q==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:20:05 GMT
etag: "9c8050ffd0de58005705219ec70b6e4352e35b5e"
content-type: image/jpeg
age: 6639
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4fb0f4c9ac5a88678baf456107f5341
f6c54dbdfad7e243fe38c03f004c4c79f96b2892
b2fc6c453d7ed610521fcf34d7736a20191d86b485fd57236d2d2c4849cbb8d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7821
x-amzn-requestid: b3b72561-80fd-4b73-862c-ad070f135634
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzEkrIAMFmrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-73f427947c17f35667c0b443;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: LMoH9qNuDmuriAWS_UIw4XHAUcnNhvxI48pB39I68aypUxeorSft0A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:32 GMT
etag: "f6c54dbdfad7e243fe38c03f004c4c79f96b2892"
content-type: image/jpeg
age: 7812
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.greentario.com/
216.145.105.7200 OK 24 kB IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (25177)
Hash 72fd25c86d36f15aeb322e78770e31b2
8553935bfa1e3d738ab1897b18b0726fd6568056
2f2a6cf194f5142d8c6ba9b6dba3a98da8e521e9504a49acb919631b60388cde
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <https://www.greentario.com/wp-json/>; rel="https://api.w.org/", <https://www.greentario.com/wp-json/wp/v2/pages/42>; rel="alternate"; type="application/json", <https://www.greentario.com/>; rel=shortlink
X-Powered-By: PHP/7.4.32, PleskLin
Content-Encoding: br
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9f4b1d3c4fdfbd28fa4afc92115bd9f9
365125fe68f668bae6f3c13ef21d92bb00783ebe
92ea3ab34acb6f2464ef06496365dd1a54767519d3429346849898739bf05bb5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 00:10:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.greentario.com/wp-content/plugins/popups-for-divi/styles/front.min.css?ver=3.0.5
216.145.105.7200 OK 1.5 kB URL HTTP/1.1 www.greentario.com/wp-content/plugins/popups-for-divi/styles/front.min.css?ver=3.0.5
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type ASCII text, with very long lines (7327), with no line terminators
Hash 078d79ea06062f317e282fa38fcf4abc
8bba826def7fe1e92452a59ef7361f54792a6dd6
d985231f6022b018600dd2405698d2bfeb4b4b574943a153f28717af2d9325c7
GET /wp-content/plugins/popups-for-divi/styles/front.min.css?ver=3.0.5 HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: text/css
Last-Modified: Tue, 15 Mar 2022 19:46:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6230ed14-1c9f"
X-Powered-By: PleskLin
Content-Encoding: br
www.google.com/recaptcha/api.js?render=6LeCdtQZAAAAAIP5PbeZJYWdoYirrGbOo4jIxXHb&ver=4.10.8
142.250.74.164200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LeCdtQZAAAAAIP5PbeZJYWdoYirrGbOo4jIxXHb&ver=4.10.8
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash fd89761a4d6dccf58ac2a2ea1979d7da
1ae6a9181c861c66cd1ff5cc0b3afd1c90db16b5
b57595662617089879326fd9eb65b22a9b256f29b32d4e8d5b59e82dbd9d7d4e
GET /recaptcha/api.js?render=6LeCdtQZAAAAAIP5PbeZJYWdoYirrGbOo4jIxXHb&ver=4.10.8 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 22 Oct 2022 00:10:45 GMT
date: Sat, 22 Oct 2022 00:10:45 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b0cd7fce51616614b5ebb265d02c2f7
6748d7df7c347bbe06afb2155fff3bbc8bf50eb0
d41beb047830bdacb772b75123c39906db8edcd49fdc8c9a00258a2556efd1c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 00:10:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.greentario.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
216.145.105.7200 OK 30 kB URL HTTP/1.1 www.greentario.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type ASCII text, with very long lines (65447)
Hash c283771b68cf6ecfec9cce4f72b6fc03
951bf3241babd8058d2a5bebc151d5ed4af7cb2e
4fe86edfc77df7939593c25af0918243acde2c7deb879c0db2a2d66ee1a90c94
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 08 Sep 2021 23:16:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61394469-15db1"
X-Powered-By: PleskLin
Content-Encoding: br
www.greentario.com/wp-content/et-cache/42/et-divi-dynamic-42-late.css?ver=1665082223
216.145.105.7200 OK 189 B URL HTTP/1.1 www.greentario.com/wp-content/et-cache/42/et-divi-dynamic-42-late.css?ver=1665082223
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type ASCII text, with very long lines (668), with no line terminators
Hash ea4de5d795719cf246ce080506459d14
619574f36cddc40bd70b0fef8d714c3d50a32121
36e3aca1efb3b71a7808a52c46b040fd0da1944fbe9da08c24ad14d3b66eab22
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/et-cache/42/et-divi-dynamic-42-late.css?ver=1665082223 HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Thu, 06 Oct 2022 18:50:24 GMT
ETag: W/"29c-5ea622a82435c"
X-Powered-By: PleskLin
Content-Encoding: br
www.greentario.com/wp-content/et-cache/42/et-divi-dynamic-42.css?ver=1665082223
216.145.105.7200 OK 9.6 kB URL HTTP/1.1 www.greentario.com/wp-content/et-cache/42/et-divi-dynamic-42.css?ver=1665082223
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type ASCII text, with very long lines (38636)
Hash 86362437372fce67ec40239b1453d9e6
bbaa600fac392d20129db92f8368f177f5d8a8c4
82225a1ca0b4f07f3e2b4e7f5eb73c39be60acff20fe911b7a9439c5f53e18a4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/et-cache/42/et-divi-dynamic-42.css?ver=1665082223 HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: text/css
Last-Modified: Thu, 06 Oct 2022 18:50:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"633f236f-18873"
X-Powered-By: PleskLin
Content-Encoding: br
www.greentario.com/wp-content/plugins/popups-for-divi/scripts/ie-compat.min.js?ver=3.0.5
216.145.105.7200 OK 3.5 kB URL HTTP/1.1 www.greentario.com/wp-content/plugins/popups-for-divi/scripts/ie-compat.min.js?ver=3.0.5
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type ASCII text, with very long lines (10001)
Hash fd5856a412395819d0e80d408cb4d395
e70d1e6e409b11daf1c1e0e98efcebdca45b55e3
7d28a54c3a6333d9e62a981e6c5dad04678f4d5827e14d948eec1863e4e2c733
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/popups-for-divi/scripts/ie-compat.min.js?ver=3.0.5 HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Mar 2022 19:46:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6230ed14-2712"
X-Powered-By: PleskLin
Content-Encoding: br
www.greentario.com/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1665082223
216.145.105.7200 OK 1.4 kB URL HTTP/1.1 www.greentario.com/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1665082223
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type ASCII text, with very long lines (6024), with no line terminators
Hash b36a95a2c4db38d253e474162ec22d55
76c8bf108cd39534b1d27654d961d71a0b8f8b96
0ec5f8b150c6c0c6a94c545923d0bfa40fdea1a3676f3ce029f437e8173d2a0e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1665082223 HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: text/css
Last-Modified: Thu, 06 Oct 2022 18:50:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"633f236f-1788"
X-Powered-By: PleskLin
Content-Encoding: br
www.greentario.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
216.145.105.7200 OK 4.0 kB URL HTTP/1.1 www.greentario.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type ASCII text, with very long lines (11126)
Hash add44040f586702dc1c451ab92296499
d9c7ba287ba026b837e2452763be965ab0020534
33e3f641cfc7cc64ac828fb2109d67649610740d78e4f4380d6bf551327e354b
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 08 Sep 2021 23:16:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61394469-2bd8"
X-Powered-By: PleskLin
Content-Encoding: br
www.greentario.com/wp-content/plugins/popups-for-divi/scripts/front.min.js?ver=3.0.5
216.145.105.7200 OK 20 kB URL HTTP/1.1 www.greentario.com/wp-content/plugins/popups-for-divi/scripts/front.min.js?ver=3.0.5
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type Unicode text, UTF-8 text, with very long lines (65451), with no line terminators
Hash 76c163fca1d47958ace7b783f5e8045d
dd73c67e99178efceae867b4c2299cccee2ea6c3
bd5d52696102e677fa5c53e6d7754bc53d29fe2847461ef54fc793e4cf838028
GET /wp-content/plugins/popups-for-divi/scripts/front.min.js?ver=3.0.5 HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Mar 2022 19:46:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6230ed14-10394"
X-Powered-By: PleskLin
Content-Encoding: br
www.greentario.com/wp-content/themes/Divi/core/admin/js/es6-promise.auto.min.js?ver=4.10.8
216.145.105.7200 OK 2.6 kB URL HTTP/1.1 www.greentario.com/wp-content/themes/Divi/core/admin/js/es6-promise.auto.min.js?ver=4.10.8
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type ASCII text, with very long lines (6498)
Hash a4f12fe5fdfad3860d1e743f3cba8a6f
412a55a7b988348efab1c3054837a16ad84dda1c
3e88e2b1f137e57c6a4df66136edabc145eb9b9c10fc1177dfcd7eaad1840c58
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/core/admin/js/es6-promise.auto.min.js?ver=4.10.8 HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: application/javascript
Last-Modified: Thu, 23 Sep 2021 19:45:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"614cd95e-1aa1"
X-Powered-By: PleskLin
Content-Encoding: br
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 00:10:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.greentario.com/wp-content/themes/Divi/core/admin/js/recaptcha.js?ver=4.10.8
216.145.105.7200 OK 656 B URL HTTP/1.1 www.greentario.com/wp-content/themes/Divi/core/admin/js/recaptcha.js?ver=4.10.8
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
Hash 2970c9966909dc619516f2dc6bb95274
420c812140ce76046e29e10edae2968ed48369e8
208c1e06a9e5e519d84da92c1a7ae81fac7492d78b231cafdffef3638dd69911
GET /wp-content/themes/Divi/core/admin/js/recaptcha.js?ver=4.10.8 HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: application/javascript
Last-Modified: Thu, 23 Sep 2021 19:45:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"614cd95e-6a0"
X-Powered-By: PleskLin
Content-Encoding: br
www.greentario.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/hashchange.js?ver=4.10.8
216.145.105.7200 OK 5.0 kB URL HTTP/1.1 www.greentario.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/hashchange.js?ver=4.10.8
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
Hash a7849ad103bf381afdd02270f1598d08
c77aa2e2889b49e87072a70de9d99e0ec2279a43
ca79ce92511f0e72c5f9fcff8f71e89b7346fc4e7df21f5a8fecfba151bd8f4c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/hashchange.js?ver=4.10.8 HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: application/javascript
Last-Modified: Thu, 23 Sep 2021 19:45:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"614cd95f-3f97"
X-Powered-By: PleskLin
Content-Encoding: br
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 00:10:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.greentario.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.10.8
216.145.105.7200 OK 8.2 kB URL HTTP/1.1 www.greentario.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.10.8
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type ASCII text, with very long lines (21184)
Hash fcb7ff4a1d3520d06e9343879cae3e13
0e93118c7824cf79a4a9fc84deb910e0a54c7eeb
b9a6986b6218ead8dadbddf44ce8114c67dec97e8f5edec6f59b1e38d4b2d648
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.10.8 HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: application/javascript
Last-Modified: Thu, 23 Sep 2021 19:45:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"614cd95f-5902"
X-Powered-By: PleskLin
Content-Encoding: br
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 00:10:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 00:10:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w7.woff2
216.58.207.195200 OK 40 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w7.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 40236, version 1.0\012- data
Hash 5c283c768487bbacab2a3e33e3e39e3c
e4233b9d0137355f9522d7c5bf99d9c688617c6b
356e58889a7cf422acc2c715a26996890c929b9b3b8a0e124a9cf4a795734732
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.greentario.com
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 06:37:36 GMT
expires: Fri, 20 Oct 2023 06:37:36 GMT
cache-control: public, max-age=31536000
age: 149590
last-modified: Mon, 11 Jul 2022 19:01:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu170w7.woff2
216.58.207.195200 OK 40 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu170w7.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 39956, version 1.0\012- data
Hash afc099b271ff9df5bdda33beea60a772
9c56903effc03eb5b91b7552961a168a6d3db5f8
e58b260ced203e2ffce7aa502b51ebadb6ffee21b6d5cf72fc4c43b0e835d1bf
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu170w7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.greentario.com
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39956
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 17:01:45 GMT
expires: Fri, 20 Oct 2023 17:01:45 GMT
cache-control: public, max-age=31536000
age: 112141
last-modified: Mon, 11 Jul 2022 18:56:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.greentario.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.10.8
216.145.105.7200 OK 3.2 kB URL HTTP/1.1 www.greentario.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.10.8
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type ASCII text, with very long lines (6260)
Hash c5a7dc8f3bc7fe55905f5b2094c0d640
9846d7560daa119abbc5bcd1ada2bd61f83e81a4
ec15945659f0d55c566f10e64ba0176afe5c1fbd1a89662e3a01c68b6bf8341c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.10.8 HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: application/javascript
Last-Modified: Thu, 23 Sep 2021 19:45:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"614cd95f-213d"
X-Powered-By: PleskLin
Content-Encoding: br
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 00:10:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Ew7.woff2
216.58.207.195200 OK 40 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Ew7.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 40076, version 1.0\012- data
Hash 92d6477a2a7ef808586f3164e364ac86
566d14c121263de2ad3d6d32c738d178e3a85522
60a9cb6c3588b3674d7019bdd3ff5ce664f1ccc64c0abf722eb383976ff808d1
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Ew7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.greentario.com
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40076
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 16:47:51 GMT
expires: Fri, 20 Oct 2023 16:47:51 GMT
cache-control: public, max-age=31536000
age: 112975
last-modified: Mon, 11 Jul 2022 18:56:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Ew7.woff2
216.58.207.195200 OK 40 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Ew7.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 39864, version 1.0\012- data
Hash d82dd34007d719fb5af66fde9d92386b
f372dd8b6dfa08240d7ef8a9bb92233902a2e1ad
e0ab422e5b625fc05f96887b13d684026fce01130b3e4c01a928259f973b8b14
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Ew7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.greentario.com
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39864
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 16:40:20 GMT
expires: Fri, 20 Oct 2023 16:40:20 GMT
cache-control: public, max-age=31536000
age: 113426
last-modified: Mon, 11 Jul 2022 18:56:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq0N6aXo.woff2
216.58.207.195200 OK 41 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq0N6aXo.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 41204, version 1.0\012- data
Hash ee0eed933eba3e215522a7caaa6a7921
5a84e92295403c680cbc23e8bafd2fc1e2472322
59f2f6555d600667244e37ed09df1d904e18254d42201740bf9e6c42601d170d
GET /s/montserrat/v25/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq0N6aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.greentario.com
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 41204
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 02:29:31 GMT
expires: Tue, 17 Oct 2023 02:29:31 GMT
cache-control: public, max-age=31536000
age: 423675
last-modified: Mon, 11 Jul 2022 19:02:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Ew9.woff
216.58.207.195200 OK 51 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Ew9.woff
IP 216.58.207.195:0
File type Web Open Font Format, TrueType, length 50800, version 1.1\012- data
Hash 37100cf1fb86ad041b36c3f5f9446694
95be99c9ebcc1d45f63010d27a420dc6aa197718
6c5dce7b43c9844596cdcdafa40e29db17dc9d1a0ac521717241d65953479f5b
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Ew9.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.greentario.com
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 50800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 06:34:56 GMT
expires: Fri, 20 Oct 2023 06:34:56 GMT
cache-control: public, max-age=31536000
age: 149750
last-modified: Mon, 11 Jul 2022 18:56:36 GMT
content-type: font/woff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 00:10:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.greentario.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.10.8
216.145.105.7200 OK 491 B URL HTTP/1.1 www.greentario.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.10.8
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
Hash cfbc3f0e15de3e605b658c4cd29cf94e
16bd87afe7141c37d9f1e27cf59c954d484b9d55
3f46bf7f5d171aa75cb2d3355d418cb81a5ca2721366ef9be4c8a5e67c55af4c
GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.10.8 HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: application/javascript
Last-Modified: Thu, 23 Sep 2021 19:45:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"614cd95e-53f"
X-Powered-By: PleskLin
Content-Encoding: br
www.greentario.com/wp-includes/js/wp-embed.min.js?ver=5.8.6
216.145.105.7200 OK 664 B URL HTTP/1.1 www.greentario.com/wp-includes/js/wp-embed.min.js?ver=5.8.6
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type ASCII text, with very long lines (1391)
Hash c95cccff7c05f26d3070693d6a5ce96f
8ebbafb501600e5d0892dd9b636cf3cdeb55e1cb
8d190ca949bb37fd425cf50db8e1793187d2450b5ecafbdf232cc405f7b9b272
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=5.8.6 HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 08 Sep 2021 19:32:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61390fdf-592"
X-Powered-By: PleskLin
Content-Encoding: br
www.greentario.com/wp-content/uploads/2017/03/greentario_logo.png
216.145.105.7200 OK 12 kB URL HTTP/1.1 www.greentario.com/wp-content/uploads/2017/03/greentario_logo.png
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type PNG image data, 600 x 99, 8-bit/color RGBA, non-interlaced\012- data
Hash 5f160f333759c18545f4e18ce98e1ed7
bef53ff864dfcd1be7510b2bf799b9ee590b8aa0
6398b88cbd445625c80d99550dd11314b846814b8f8eb2550dd07e0f9de26ef9
GET /wp-content/uploads/2017/03/greentario_logo.png HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: image/png
Content-Length: 11723
Last-Modified: Wed, 08 Sep 2021 19:32:21 GMT
Connection: keep-alive
ETag: "61390fc5-2dcb"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.greentario.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6
216.145.105.7200 OK 9.8 kB URL HTTP/1.1 www.greentario.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash e7d69f514749efe21ac144099512ae87
1cf8257f2f14a7166e6a03c5994d05985bb56300
bcaab899d42d4ff16274c59aec1388e1b0d0af4f638fca233f48cd448faa2fe8
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.6 HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: text/css
Last-Modified: Wed, 08 Sep 2021 23:16:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61394469-13abe"
X-Powered-By: PleskLin
Content-Encoding: br
www.greentario.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.10.8
216.145.105.7200 OK 53 kB URL HTTP/1.1 www.greentario.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.10.8
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type ASCII text, with very long lines (65467)
Hash 686cfb17572e97de51a2a2620d0b07cf
2a546d6a59a57af9b9226551b8e5d33ffa6a1f1f
6892c80bb7630e1ef64d5f2922127c8084c369a0bcd66d08d78a4efcb1f9f7ad
GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.10.8 HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: application/javascript
Last-Modified: Thu, 23 Sep 2021 19:45:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"614cd960-3e24b"
X-Powered-By: PleskLin
Content-Encoding: br
www.greentario.com/wp-content/uploads/2017/03/greentario_truck_fpo-1.png
216.145.105.7200 OK 408 kB URL HTTP/1.1 www.greentario.com/wp-content/uploads/2017/03/greentario_truck_fpo-1.png
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type PNG image data, 1012 x 425, 8-bit/color RGBA, non-interlaced\012- data
Size 408 kB (407816 bytes)
Hash edaa4a3ea9125df9226302ece5e8c90b
1db5bf4d2afcc8866678431a494978006f1e14a0
035d0575fa9477c61dc9e83798073870b7adf97bf642c99c4afa29685ba1814e
GET /wp-content/uploads/2017/03/greentario_truck_fpo-1.png HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: image/png
Content-Length: 407816
Last-Modified: Wed, 08 Sep 2021 19:32:21 GMT
Connection: keep-alive
ETag: "61390fc5-63908"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.greentario.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
216.145.105.7206 Partial Content 60 kB URL HTTP/1.1 www.greentario.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
Hash ed41090c2680f4996923a9e533341e4f
d35d8fd8d5b7c4592c09d5fc615083dbe202b617
5c8c4b965270409afe7da7b7e98df198d66bbc50a4ea60202e66c66ff6dd28d9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/wp-content/et-cache/42/et-divi-dynamic-42-late.css?ver=1665082223
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Range: bytes=32497-
If-Range: "614cd95e-168f0"
HTTP/1.1 206 Partial Content
Server: nginx
Date: Sat, 22 Oct 2022 00:10:46 GMT
Content-Type: application/font-sfnt
Content-Length: 59903
Last-Modified: Thu, 23 Sep 2021 19:45:34 GMT
Connection: keep-alive
ETag: "614cd95e-168f0"
X-Powered-By: PleskLin
Content-Range: bytes 32497-92399/92400
www.greentario.com/wp-content/uploads/2017/03/backyard_swimming_pool-1.jpg
216.145.105.7200 OK 2.0 MB URL HTTP/1.1 www.greentario.com/wp-content/uploads/2017/03/backyard_swimming_pool-1.jpg
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1011, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920 DIY-Thermocam raw data\012- (Lepton 2.x), scale 26740-27759, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 75015107978938666485790277632.000000, slope 4230244640787989004288.000000], baseline, precision 8, 1920x1011, components 3\012- data
Size 2.0 MB (2000368 bytes)
Hash 633f4b92457fa1db31a03e5c89184d17
6e0b6aa9526655077e215cb9c7f55163a9358bc1
04f5eaef3548c851d9b41ccec89f5aab49d6e4f8b8279f92ce40059f117fb2b3
GET /wp-content/uploads/2017/03/backyard_swimming_pool-1.jpg HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: image/jpeg
Content-Length: 2000368
Last-Modified: Wed, 08 Sep 2021 19:32:22 GMT
Connection: keep-alive
ETag: "61390fc6-1e85f0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.greentario.com/wp-content/uploads/2017/03/swimming_pool_background.jpg
216.145.105.7200 OK 1.8 MB URL HTTP/1.1 www.greentario.com/wp-content/uploads/2017/03/swimming_pool_background.jpg
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=golero], baseline, precision 8, 1920x1282, components 3\012- data
Size 1.8 MB (1823289 bytes)
Hash a61a9aa4c78fece1ac98163734499cb3
521a052857d14e10ea05ee7b9fafec338e35fec3
5089f0c2ac3b076775f1573caf13f746210d95377c128a8131d71e4dd4691d3b
GET /wp-content/uploads/2017/03/swimming_pool_background.jpg HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: image/jpeg
Content-Length: 1823289
Last-Modified: Wed, 08 Sep 2021 19:32:19 GMT
Connection: keep-alive
ETag: "61390fc3-1bd239"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.greentario.com/wp-content/uploads/2017/03/stone_walkway.jpg
216.145.105.7200 OK 1.2 MB URL HTTP/1.1 www.greentario.com/wp-content/uploads/2017/03/stone_walkway.jpg
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x800, components 3\012- data
Size 1.2 MB (1183310 bytes)
Hash 3ecfde690c21fadc24bb8ee6c2b9818c
545f49e07641b06fdcadc221343629310abaa87e
3a4934dd58f024e6dd996e0aad1e0a1097f7e1ac4c17aed00121d7f885be0931
GET /wp-content/uploads/2017/03/stone_walkway.jpg HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: image/jpeg
Content-Length: 1183310
Last-Modified: Wed, 08 Sep 2021 19:32:17 GMT
Connection: keep-alive
ETag: "61390fc1-120e4e"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 94ee541bb392e5675c1e24c94c197f8b
bce18b05a24f5e2c6743cbbe849a733091586176
82f791c205847646216d72b4ce65bc3587ca69d1da17a3a2afb477640822c4dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 00:10:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
142.250.74.163200 OK 160 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (608)
Size 160 kB (159789 bytes)
Hash 1230a090d5cedcb9e764406ab9497c1b
3d175bcf4ad9957c3e32611713c01347299b173e
585cafe3d6a3b932804aaa5aeb19a650688a2c15767f513d0d60c1941475c428
GET /recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.greentario.com
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 159789
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 20:02:13 GMT
expires: Sat, 21 Oct 2023 20:02:13 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
content-type: text/javascript
age: 14914
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 21 Oct 2022 22:41:09 GMT
expires: Sat, 22 Oct 2022 00:41:09 GMT
cache-control: public, max-age=7200
age: 5378
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.greentario.com/wp-content/uploads/2017/03/greentario_favicon.png
216.145.105.7200 OK 16 kB URL HTTP/1.1 www.greentario.com/wp-content/uploads/2017/03/greentario_favicon.png
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash f23b2742c1a3574b438d169321e4e216
9946ce8ec77adeb83bea6ed9bc55cb3ae16ae275
bbf4ccb3dfbc4e3d01a742034770fd7029016a50dfafbf3c6db860cba0cac5c1
GET /wp-content/uploads/2017/03/greentario_favicon.png HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:46 GMT
Content-Type: image/png
Content-Length: 15469
Last-Modified: Wed, 08 Sep 2021 19:32:22 GMT
Connection: keep-alive
ETag: "61390fc6-3c6d"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 94ee541bb392e5675c1e24c94c197f8b
bce18b05a24f5e2c6743cbbe849a733091586176
82f791c205847646216d72b4ce65bc3587ca69d1da17a3a2afb477640822c4dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 00:10:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.greentario.com/wp-content/uploads/2017/03/property_mantenance_4.jpg
216.145.105.7200 OK 1.1 MB URL HTTP/1.1 www.greentario.com/wp-content/uploads/2017/03/property_mantenance_4.jpg
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x800, components 3\012- data
Size 1.1 MB (1081364 bytes)
Hash 30d26d0ab9c4486c817bb8e68c963dd7
b1c682c562dd7985ec292ed817aa2d3fcec01e78
faf773c7c52e9fce0f137b5ac607fb7b74f50902c57cbea5efb28ba519add976
GET /wp-content/uploads/2017/03/property_mantenance_4.jpg HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: image/jpeg
Content-Length: 1081364
Last-Modified: Wed, 08 Sep 2021 19:32:24 GMT
Connection: keep-alive
ETag: "61390fc8-108014"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.greentario.com/wp-content/uploads/2017/03/commercial_landscaping.jpg
216.145.105.7200 OK 2.3 MB URL HTTP/1.1 www.greentario.com/wp-content/uploads/2017/03/commercial_landscaping.jpg
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1011, components 3\012- data
Size 2.3 MB (2276011 bytes)
Hash 4014ed2c6fd836e1a6b90d769e6acd31
0425ca6fb2eeb77d004196b35b328b3cdbab16ef
58beb76df8f78cf268e20db4a8a6001f133cbd0285f1e61fc97eb2908401a8de
GET /wp-content/uploads/2017/03/commercial_landscaping.jpg HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:46 GMT
Content-Type: image/jpeg
Content-Length: 2276011
Last-Modified: Wed, 08 Sep 2021 19:32:22 GMT
Connection: keep-alive
ETag: "61390fc6-22baab"
X-Powered-By: PleskLin
Accept-Ranges: bytes
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 15 Oct 2022 12:31:58 GMT
expires: Sun, 15 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 560329
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 00:48:31 GMT
expires: Sat, 21 Oct 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 84136
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ee464d6a426da49571c97060e65a4e8
aef2208c82085b4dc8472ee28bc63b9a8832fe0e
704e9800cb12b9b2927e85901b21fbb22303f11bf4b052340d0fc610414e2a6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5517
x-amzn-requestid: 560e0ccc-0551-461d-98fd-f94d9a026fb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-pSExDIAMFpMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353116e-0420e4ac6cceec1749a44819;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hitgYm684zdpmL8IbPzFxhPWRrc2-VmnlofdTiPhJzkrc26mgXTTTA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:41 GMT
age: 7810
etag: "aef2208c82085b4dc8472ee28bc63b9a8832fe0e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.greentario.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
216.145.105.7200 OK 0 B URL HTTP/1.1 www.greentario.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf HTTP/1.1
Host: www.greentario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greentario.com/wp-content/et-cache/42/et-divi-dynamic-42-late.css?ver=1665082223
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 00:10:45 GMT
Content-Type: application/font-sfnt
Content-Length: 92400
Last-Modified: Thu, 23 Sep 2021 19:45:34 GMT
Connection: keep-alive
ETag: "614cd95e-168f0"
X-Powered-By: PleskLin
Accept-Ranges: bytes