firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 02 Sep 2022 03:41:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TIg7dpJCmvPLCm-otMiybXI9l1zYctcU9ggFudrbsJWOV5uq4gIHww==
Age: 2710
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17079
Expires: Fri, 02 Sep 2022 09:11:28 GMT
Date: Fri, 02 Sep 2022 04:26:49 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 01:15:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sLO5zpVjapFyrQ6PlfTDM3vYVs3ZW5Nq8nqk7olSl6kazxrunxyJbQ==
age: 11492
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 04:26:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
200 OK 32 kB URL HTTP/1.1 cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
IP
ASN #21499 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (51628)
Hash fb6a481c66432b65c21505e27bd3c9cb
1aef84eb59139299b45ac9de5c08e88863beda0f
bb396d3e07c30683216a0b6d157f456c2918e8055a757001e4703c194ca75c3f
Analyzer Verdict Alert fortinet Phishing
GET /r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/ HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:48 GMT
Server: Apache
X-Powered-By: PHP/7.3.33
X-Pingback: http://cpstest.xyz/xmlrpc.php
Link: <http://cpstest.xyz/wp-json/>; rel="https://api.w.org/", <http://cpstest.xyz/?p=18080>; rel=shortlink
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 32450
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
cpstest.xyz/wp-includes/css/dist/block-library/style.min.css?ver=5.2.2
200 OK 4.8 kB URL HTTP/1.1 cpstest.xyz/wp-includes/css/dist/block-library/style.min.css?ver=5.2.2
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (29295), with no line terminators
Hash c98102a34a13aeced6a1f63308940690
d070d292bbc359bf9b3c8754dbc05e8cbbb715ec
82ca143e1a51b275518ef53c4029ff8a3e194e4eb0d2e7dcece0df336071bfa6
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.2.2 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Tue, 16 Jul 2019 07:36:04 GMT
ETag: "6202d39-726f-58dc76dd16100-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4767
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
cpstest.xyz/wp-content/plugins/if-menu/assets/if-menu-site.css?ver=5.2.2
200 OK 484 B URL HTTP/1.1 cpstest.xyz/wp-content/plugins/if-menu/assets/if-menu-site.css?ver=5.2.2
IP
ASN #21499 Host Europe GmbH
Hash fd3d1e0df2e8147a3c6b4b581770ad18
b7c4798e187c3c3fd2d51dec5c5d6fdef25436e4
01a761e99476e93d8082bd681c2c49297c26ebfd1d0b6d8cb31e2b44b1dd4f8b
GET /wp-content/plugins/if-menu/assets/if-menu-site.css?ver=5.2.2 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 18 Jul 2019 11:23:38 GMT
ETag: "6203949-3a1-58df2d757a280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 484
Keep-Alive: timeout=5
Content-Type: text/css
cpstest.xyz/wp-content/plugins/wp-views/vendor/toolset/toolset-common/res/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
200 OK 7.1 kB URL HTTP/1.1 cpstest.xyz/wp-content/plugins/wp-views/vendor/toolset/toolset-common/res/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-views/vendor/toolset/toolset-common/res/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 18 Jul 2019 11:23:06 GMT
ETag: "6260c8c-7918-58df2d56f5a80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7053
Keep-Alive: timeout=5
Content-Type: text/css
cpstest.xyz/wp-content/themes/salient-child/style.css?ver=10.0.2
200 OK 152 B URL HTTP/1.1 cpstest.xyz/wp-content/themes/salient-child/style.css?ver=10.0.2
IP
ASN #21499 Host Europe GmbH
Hash 1a705df0c6e8402fbdeda4d89728301c
1198e0aaa809ac55d24d73c7ebcf24c81cb150c2
25f6c3f71dcb85c0059ec9d64cb663e734c3dc0190ce3e0da7f203db4f3d37ba
GET /wp-content/themes/salient-child/style.css?ver=10.0.2 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 18 Jul 2019 11:25:43 GMT
ETag: "622133f-cd-58df2decafbc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 152
Keep-Alive: timeout=5
Content-Type: text/css
cpstest.xyz/wp-content/themes/salient/css/jquery.fancybox.css?ver=9.0
200 OK 4.2 kB URL HTTP/1.1 cpstest.xyz/wp-content/themes/salient/css/jquery.fancybox.css?ver=9.0
IP
ASN #21499 Host Europe GmbH
Hash 840bfec2233b85ea8bdcf2af9b00e987
7e8f9be937576e4cc0c28569fa4872264be3661c
6f0d1213576346fcb60a0b282776981d134f96a76b5edbff4bfa619dda37c597
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/salient/css/jquery.fancybox.css?ver=9.0 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 18 Jul 2019 11:25:04 GMT
ETag: "6203006-50a2-58df2dc77e400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4201
Keep-Alive: timeout=5
Content-Type: text/css
cpstest.xyz/wp-content/themes/salient/css/responsive.css?ver=10.0.2
200 OK 29 kB URL HTTP/1.1 cpstest.xyz/wp-content/themes/salient/css/responsive.css?ver=10.0.2
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (445), with CRLF line terminators
Hash 62d676066c6a7674caf5b2c4b2034f05
0d1789deb67b0050334215677e42afb53ced7477
4c4ff41db2d866be3d6a16768c573a2a3ddc1f619b2715eeafed2a84b896c258
GET /wp-content/themes/salient/css/responsive.css?ver=10.0.2 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Thu, 18 Jul 2019 11:25:05 GMT
ETag: "6203045-31682-58df2dc872640-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 28687
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
cpstest.xyz/wp-content/plugins/wp-views/vendor/toolset/toolset-common/res/lib/select2/select2.css?ver=5.2.2
200 OK 2.3 kB URL HTTP/1.1 cpstest.xyz/wp-content/plugins/wp-views/vendor/toolset/toolset-common/res/lib/select2/select2.css?ver=5.2.2
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (362)
Hash e13b12016d14077d5ca7b4be5283790c
4304bd0290b4e5445feda82d996b9ddb2eb961da
f5788fbfd0c1d57d2a1c790f978e322590fd537bbab7d5efa200f7cac8a41467
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-views/vendor/toolset/toolset-common/res/lib/select2/select2.css?ver=5.2.2 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Thu, 18 Jul 2019 11:23:05 GMT
ETag: "6260da3-4e5c-58df2d5601840-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2275
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
cpstest.xyz/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.6-78496d1
200 OK 2.6 kB URL HTTP/1.1 cpstest.xyz/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.6-78496d1
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (11232), with no line terminators
Hash 32ddff47911411a1e7685adb9b5dc293
542dd289e007fcab44021724159568f33523aee8
6319be54a637315646bb05a597015dbb5ff79af4f7fc7c4a14416183292eb7f9
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.6-78496d1 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2019 10:51:43 GMT
ETag: "620339a-2be0-5859e0a054dc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2585
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
cpstest.xyz/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.2.2
200 OK 1.1 kB URL HTTP/1.1 cpstest.xyz/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.2.2
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (4163), with no line terminators
Hash dcb69e9298cb966d1a9875df8d6e2032
24ab2d72e0fc7324be99528fc214d4f0b1548d04
96eab68e1338db6123a16b34c30c2cdad14bbef84bfb69557160ba023fc08912
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.2.2 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2019 10:51:43 GMT
ETag: "62033d1-1043-5859e0a054dc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1142
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
cpstest.xyz/wp-content/plugins/wp-views/embedded/res/css/wpv-pagination.css?ver=2.8.4
200 OK 1.3 kB URL HTTP/1.1 cpstest.xyz/wp-content/plugins/wp-views/embedded/res/css/wpv-pagination.css?ver=2.8.4
IP
ASN #21499 Host Europe GmbH
Hash f1cb0cabb4741fb9b60079fd6ea20abf
da4e3e5489de639fd8eda5f4a77701eefd936ce5
c8c18e92e19a3f827b98e4545d7fb0e6cd0e39d275304c00df0970234cb8eb3d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-views/embedded/res/css/wpv-pagination.css?ver=2.8.4 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Thu, 18 Jul 2019 11:23:13 GMT
ETag: "62411e2-11fc-58df2d5da2a40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1297
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
cpstest.xyz/wp-includes/css/dashicons.min.css?ver=5.2.2
200 OK 28 kB URL HTTP/1.1 cpstest.xyz/wp-includes/css/dashicons.min.css?ver=5.2.2
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (47523)
Hash 264395c727b1f47f9322bded96f78503
7fefe7dee9f653f3342861b730b23d6e552f1343
9ca58fd97cfa7146bdc9a4da48bde18cf831ffabf661712b3f8618a09fc78849
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dashicons.min.css?ver=5.2.2 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Tue, 16 Jul 2019 07:36:04 GMT
ETag: "6202c11-b9c6-58dc76dd16100-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
cpstest.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
200 OK 4.0 kB URL HTTP/1.1 cpstest.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2019 10:51:43 GMT
ETag: "62032a5-2748-5859e0a054dc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4014
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
cpstest.xyz/wp-content/themes/salient/css/skin-material.css?ver=10.0.2
200 OK 18 kB URL HTTP/1.1 cpstest.xyz/wp-content/themes/salient/css/skin-material.css?ver=10.0.2
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (447), with CRLF line terminators
Hash 44441abff48ee8a4c12faebafea629b0
3c14eb9044e686e61cefddcad9059a1463d96cf4
bcfda87acee2ec3838175ea13f0c869640e1c2315caa114fe70c954134ca5446
GET /wp-content/themes/salient/css/skin-material.css?ver=10.0.2 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 18 Jul 2019 11:25:04 GMT
ETag: "6203068-2004c-58df2dc77e400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 18402
Keep-Alive: timeout=5
Content-Type: text/css
cpstest.xyz/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.2.2
200 OK 551 B URL HTTP/1.1 cpstest.xyz/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.2.2
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (1193), with no line terminators
Hash 2f198247159358c97acb1750c59b1ab5
5dbc36778fe163d998f295095ddc5c73895f0daa
edb7abae43f424a4af8fe4d1e823ca6b383758efef9c1caa53c0ea85100b87eb
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.2.2 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2019 10:51:43 GMT
ETag: "6203383-4a9-5859e0a054dc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 551
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
cpstest.xyz/wp-content/themes/salient/css/rgs.css?ver=10.0.2
200 OK 1.4 kB URL HTTP/1.1 cpstest.xyz/wp-content/themes/salient/css/rgs.css?ver=10.0.2
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash 93f8989b6bbe27bc2dd2e7fc1e3922a4
2952463eebc24d6c35e318eab27d59a538db1d5e
2c468e01a031cc1cac4afe935eb3f038ad7ab80f1b2178d549f1103e282b3802
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/salient/css/rgs.css?ver=10.0.2 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Thu, 18 Jul 2019 11:25:04 GMT
ETag: "620305b-19af-58df2dc77e400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1412
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
cpstest.xyz/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
200 OK 34 kB URL HTTP/1.1 cpstest.xyz/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (31997)
Hash acf54950dfb2d6981e941d733b377591
340de686aecd9e6246a32c71e7de63ed69229ceb
d97f66caea5260bc71609f0da43ac0d937ecc09253910e5dda4c9fe4dbde20fc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Tue, 16 Jul 2019 07:36:03 GMT
ETag: "62032c0-17a69-58dc76dc21ec0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 33776
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
cpstest.xyz/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.6-78496d1
200 OK 38 kB URL HTTP/1.1 cpstest.xyz/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.6-78496d1
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (65266)
Hash 41fc857312dc632e17b5622c845b46b2
e01db357c907260107de3084e14ba7653192c195
1fe191de98595dcde27b948075d6c702d117219e47c281f1a8d279205c1f72d7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.6-78496d1 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2019 10:51:43 GMT
ETag: "6203378-2638f-5859e0a054dc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 38128
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
cpstest.xyz/wp-content/themes/salient/js/imagesLoaded.min.js?ver=4.1.4
200 OK 1.8 kB URL HTTP/1.1 cpstest.xyz/wp-content/themes/salient/js/imagesLoaded.min.js?ver=4.1.4
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (5477), with CRLF line terminators
Hash f5e2c2fec902e06cca8a2ecf652aad7f
2717affe594a9d7eeb1e400a7e4f6a240d05719d
a6d9a28b7647db71d49b17e33550c3c56b8d71ef3523199e66223758a6f19739
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/salient/js/imagesLoaded.min.js?ver=4.1.4 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Thu, 18 Jul 2019 11:25:05 GMT
ETag: "6220563-15e0-58df2dc872640-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1814
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
cpstest.xyz/wp-content/themes/salient/js/priority.js?ver=10.0.2
200 OK 3.9 kB URL HTTP/1.1 cpstest.xyz/wp-content/themes/salient/js/priority.js?ver=10.0.2
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (618), with CRLF line terminators
Hash b7e0e41095557577daecbb0c54c9126d
4f13167c95118baa0ffe184f00be1ea9c65d63e8
b2e8929804d1bc43e02593962d3207741a74af196d2902daf87bfe02f1ffa377
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/salient/js/priority.js?ver=10.0.2 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Thu, 18 Jul 2019 11:25:05 GMT
ETag: "622061d-4c43-58df2dc872640-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3889
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
use.typekit.net/zqu6mad.css
200 OK 1.3 kB URL HTTP/2 use.typekit.net/zqu6mad.css
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash 0dc4389644b3a4562d508c9a48ce52e3
cbb8b61f29d4dc6aba2cadcaab826c11a9e94790
cac37dd81ca0d4dc764ccf76de0b3798fd263b54c81eaac98db84e322b5d6958
GET /zqu6mad.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cpstest.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 1328
date: Fri, 02 Sep 2022 04:26:49 GMT
X-Firefox-Spdy: h2
cpstest.xyz/wp-content/themes/salient/js/jquery.fancybox.min.js?ver=7.0.1
200 OK 20 kB URL HTTP/1.1 cpstest.xyz/wp-content/themes/salient/js/jquery.fancybox.min.js?ver=7.0.1
IP
ASN #21499 Host Europe GmbH
File type Unicode text, UTF-8 text, with very long lines (32088)
Hash b4b7d41d77464ab28fd3f0fcb0f131b6
0e9e98277b808747275ef7dbf3369187f419205e
6bec6d699f379e13eb36491ad379c615c51db2532a7b08f67f8f55c9812e1043
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/salient/js/jquery.fancybox.min.js?ver=7.0.1 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Thu, 18 Jul 2019 11:25:05 GMT
ETag: "622058e-e979-58df2dc872640-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19603
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
cpstest.xyz/wp-content/themes/salient/js/touchswipe.min.js?ver=1.0
200 OK 3.3 kB URL HTTP/1.1 cpstest.xyz/wp-content/themes/salient/js/touchswipe.min.js?ver=1.0
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (9357), with CRLF line terminators
Hash d5fc822bd5bee1d6461b23d1d4ab831c
aa8b40e61c2a4875503d346346808238907b9668
780c8b9cfbc9ee58c32f657ab214f7f7e86957e177297e219bb1b63e2bd013ec
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/salient/js/touchswipe.min.js?ver=1.0 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Thu, 18 Jul 2019 11:25:05 GMT
ETag: "6220649-24a0-58df2dc872640-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3293
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
cpstest.xyz/wp-includes/js/comment-reply.min.js?ver=5.2.2
200 OK 1.1 kB URL HTTP/1.1 cpstest.xyz/wp-includes/js/comment-reply.min.js?ver=5.2.2
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (2234), with no line terminators
Hash 7eaaf86a282a83ab094b99c911a037e3
b371d6690d9d23c1dab42a25b89fb3e0725cd19b
549a4fb84c087201833a03d6d2a7fcfff995e7cd3beb0b331d0601932e285394
GET /wp-includes/js/comment-reply.min.js?ver=5.2.2 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2019 10:51:34 GMT
ETag: "6202d00-8ba-5859e097bf980-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1093
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
p.typekit.net/p.css?s=1&k=zqu6mad&ht=tk&f=139.140.175.176.143.144.147.148.156.157.161.162.8482.8483.8484.8485.8486.8487&a=16500242&app=typekit&e=css
200 OK 5 B URL HTTP/2 p.typekit.net/p.css?s=1&k=zqu6mad&ht=tk&f=139.140.175.176.143.144.147.148.156.157.161.162.8482.8483.8484.8485.8486.8487&a=16500242&app=typekit&e=css
IP
ASN #20940 Akamai International B.V.
Hash 83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=zqu6mad&ht=tk&f=139.140.175.176.143.144.147.148.156.157.161.162.8482.8483.8484.8485.8486.8487&a=16500242&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Fri, 02 Sep 2022 04:26:49 GMT
X-Firefox-Spdy: h2
cpstest.xyz/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
200 OK 1.8 kB URL HTTP/1.1 cpstest.xyz/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (3775)
Hash 4664a831e60a807962a0341122693831
0c582fa939884d543af617c2bad977157f8c319b
f1320f1c4d030cd930d721d93ea112dc789295f06afc8a3381c922a92b077f0d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2019 10:51:47 GMT
ETag: "6203303-fa0-5859e0a4256c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1821
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
cpstest.xyz/wp-content/themes/salient/style.css?ver=10.0.2
200 OK 122 kB URL HTTP/1.1 cpstest.xyz/wp-content/themes/salient/style.css?ver=10.0.2
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (770), with CRLF line terminators
Size 122 kB (122271 bytes)
Hash 0bcbb2980a642cb008bbbda2c47706aa
f070f91137d64fa07261ee7736ea16a6f4506a3a
d6be094c261ae349f7b4c7c23cabb19788919a1a6582155e97270c1666bd36fb
GET /wp-content/themes/salient/style.css?ver=10.0.2 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Thu, 18 Jul 2019 11:25:23 GMT
ETag: "6202f62-e4cc5-58df2dd99cec0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
cpstest.xyz/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
200 OK 11 kB URL HTTP/1.1 cpstest.xyz/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (32023)
Hash 7484242ff5a85dc5045cae39b0d92b83
fb37cdd31bed5000e19b5496c26d5cf1a41ba1fa
4c0240495d2e9529cfe0faf96fe388edb200823a110b966c671aead0b519c9dd
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2019 10:51:47 GMT
ETag: "6203306-8e9c-5859e0a4256c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11002
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
cpstest.xyz/wp-includes/js/underscore.min.js?ver=1.8.3
200 OK 5.7 kB URL HTTP/1.1 cpstest.xyz/wp-includes/js/underscore.min.js?ver=1.8.3
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (16184), with no line terminators
Hash 9e5400a0eef0288a5d0f5ffab4d4947e
a327ef7c54bee02e20e40aa510a162edd580b710
41ad1b6c8175739d9e256cf01f31acb23fe722900484b6d96d44d9335ae76446
GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2019 10:51:35 GMT
ETag: "6202e61-3f38-5859e098b3bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5711
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
cpstest.xyz/wp-includes/js/jquery/suggest.min.js?ver=1.1-20110113
200 OK 1.3 kB URL HTTP/1.1 cpstest.xyz/wp-includes/js/jquery/suggest.min.js?ver=1.1-20110113
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (2992)
Hash 061be3fe2134e92fc2ab46b5e82240dd
fa98944d8f680b4a1e18defbf73090f1bb2f36a5
2c22e116e4d36cfc52f77ffd02e8bf8179e449c0a4275ae976678a948f8905ef
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/suggest.min.js?ver=1.1-20110113 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2019 10:51:43 GMT
ETag: "62032ec-bb1-5859e0a054dc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1340
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
cpstest.xyz/wp-content/plugins/wp-views/vendor/toolset/toolset-common/toolset-forms/js/main.js?ver=0.1.2
200 OK 5.8 kB URL HTTP/1.1 cpstest.xyz/wp-content/plugins/wp-views/vendor/toolset/toolset-common/toolset-forms/js/main.js?ver=0.1.2
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (758)
Hash 2872cfafe87c93282bc66fa41f1804f5
a7b95d4adf3813afcff55edfd95abea319c5f40e
92732ac43c75380f5061bc947c48aff0d7e415dbef84891a55f2ed887ac5fd03
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-views/vendor/toolset/toolset-common/toolset-forms/js/main.js?ver=0.1.2 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Thu, 18 Jul 2019 11:23:00 GMT
ETag: "6261005-6656-58df2d513cd00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5833
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
cpstest.xyz/wp-content/themes/salient/js/init.js?ver=10.0.2
200 OK 139 kB URL HTTP/1.1 cpstest.xyz/wp-content/themes/salient/js/init.js?ver=10.0.2
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (8863), with CRLF line terminators
Size 139 kB (138922 bytes)
Hash 9b1b983a99bc1642550b288d65271f75
bf90d084b3a9543c46796ef6dae5337bb50e8e5a
b0469d344446028db1af2428fa79b2c07bca098f01a4f37e6a9f9e58d37d4c33
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/salient/js/init.js?ver=10.0.2 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Thu, 18 Jul 2019 11:25:23 GMT
ETag: "6220571-a8c22-58df2dd99cec0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
cpstest.xyz/wp-content/plugins/wp-views/vendor/toolset/toolset-common/toolset-forms/js/date.js?ver=0.1.2
200 OK 2.4 kB URL HTTP/1.1 cpstest.xyz/wp-content/plugins/wp-views/vendor/toolset/toolset-common/toolset-forms/js/date.js?ver=0.1.2
IP
ASN #21499 Host Europe GmbH
Hash 5a8deb38a22eac67cce1474b13138009
61c844c58b58ee6ddac9505b8e7ca55acce01ae0
bd3a54798a5db91c292ee4a1d4997d696072d861847dd6f20d02a83670e00eae
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-views/vendor/toolset/toolset-common/toolset-forms/js/date.js?ver=0.1.2 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Thu, 18 Jul 2019 11:22:59 GMT
ETag: "6260fda-2229-58df2d5048ac0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2398
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
cpstest.xyz/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.2.2
200 OK 481 B URL HTTP/1.1 cpstest.xyz/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.2.2
IP
ASN #21499 Host Europe GmbH
File type HTML document, ASCII text, with very long lines (914), with no line terminators
Hash bd1336e7056ac5a40f0b7ad428fb943e
c7e67695c8b623ad31ad42497841510946192cae
100a43ce4da4bbbc881b44eacbdd7105b639499c0d1940098ba8d7c279b4de8b
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.2.2 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2019 10:51:43 GMT
ETag: "62033d9-392-5859e0a054dc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 481
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
cpstest.xyz/wp-includes/js/wp-util.min.js?ver=5.2.2
200 OK 575 B URL HTTP/1.1 cpstest.xyz/wp-includes/js/wp-util.min.js?ver=5.2.2
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (1046), with no line terminators
Hash 41f1839861857c5a6ad36d9c275d3974
4591d04f5f2ceccd66f5e1f605a85fd450bf7620
abd2ead7799837adc96cab2f17f1938b03db00f383a7ec9600f5f56a985ca50e
GET /wp-includes/js/wp-util.min.js?ver=5.2.2 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2019 10:51:36 GMT
ETag: "6202f31-416-5859e099a7e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 575
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
cpstest.xyz/wp-includes/js/mediaelement/wp-playlist.min.js?ver=5.2.2
200 OK 1.1 kB URL HTTP/1.1 cpstest.xyz/wp-includes/js/mediaelement/wp-playlist.min.js?ver=5.2.2
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (3435), with no line terminators
Hash 330a97a22b60254ba981bfe8ea3f840b
6f83bca688847a0093c1b084e992993b6d178022
46ad119636dae0ed006e0a19efb3138e6f60bc6c6b28e12fffbea268e462f724
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-playlist.min.js?ver=5.2.2 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2019 10:51:43 GMT
ETag: "62033e6-d6b-5859e0a054dc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1144
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
cpstest.xyz/wp-includes/js/backbone.min.js?ver=1.2.3
200 OK 7.6 kB URL HTTP/1.1 cpstest.xyz/wp-includes/js/backbone.min.js?ver=1.2.3
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (22466), with no line terminators
Hash f370940ddb127076598f131d941a2c01
1eca21c71262a3d77ea75d0fe8110cc0ef2a7e2b
42c7b839613f377d41f6fe2b6af6849a1663803b582b9e4c05110040ec292de5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/backbone.min.js?ver=1.2.3 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2019 10:51:34 GMT
ETag: "6202cce-57c2-5859e097bf980-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7551
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
cpstest.xyz/wp-includes/js/wp-embed.min.js?ver=5.2.2
200 OK 753 B URL HTTP/1.1 cpstest.xyz/wp-includes/js/wp-embed.min.js?ver=5.2.2
IP
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (1403), with no line terminators
Hash 8151177dccb399a75164172bb63b0491
0a2a5bf7eaa29bb8690a657bbc982360802ab41b
71d58666e959b9ea4a90f83fa5926fced7f92c084a098ee23ec450054b7292a8
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=5.2.2 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2019 10:51:36 GMT
ETag: "6202ed6-57b-5859e099a7e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 753
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
cpstest.xyz/wp-content/uploads/2019/06/UK-AEA_294_DIGI_AW_extra_padding.png
200 OK 18 kB URL HTTP/1.1 cpstest.xyz/wp-content/uploads/2019/06/UK-AEA_294_DIGI_AW_extra_padding.png
IP
ASN #21499 Host Europe GmbH
File type PNG image data, 800 x 125, 8-bit/color RGBA, non-interlaced\012- data
Hash d513a3eb7be10d1fe54e5f53f4958458
b9581c11ca6f92581b6a82ec95495d9948d73438
2929815ce16e12f13af8ba03c349c27cb4b0a59541ccbbb44a0fa7385277378e
GET /wp-content/uploads/2019/06/UK-AEA_294_DIGI_AW_extra_padding.png HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Thu, 27 Jun 2019 08:49:18 GMT
ETag: "620344c-46cd-58c4a3cbc5f80"
Accept-Ranges: bytes
Content-Length: 18125
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
cpstest.xyz/wp-content/plugins/wp-views/embedded/res/js/wpv-pagination-embedded.js?ver=2.8.4
200 OK 25 kB URL HTTP/1.1 cpstest.xyz/wp-content/plugins/wp-views/embedded/res/js/wpv-pagination-embedded.js?ver=2.8.4
IP
ASN #21499 Host Europe GmbH
Hash e1d5bd39e1927cf16eee67b3406a65bf
3ddb4ba29023fdec28369c4504ebfc2e7c50c4d8
899944b11ff1858ed2b1eb8012ae0c86497e733826ddb0cbb5029cda2d9348e4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-views/embedded/res/js/wpv-pagination-embedded.js?ver=2.8.4 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Thu, 18 Jul 2019 11:23:07 GMT
ETag: "6241326-25022-58df2d57e9cc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 24756
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
cpstest.xyz/wp-content/uploads/2019/06/UK-AEA_294_DIGI_AW_WHITE-1.png
200 OK 41 kB URL HTTP/1.1 cpstest.xyz/wp-content/uploads/2019/06/UK-AEA_294_DIGI_AW_WHITE-1.png
IP
ASN #21499 Host Europe GmbH
File type PNG image data, 1492 x 168, 8-bit/color RGBA, non-interlaced\012- data
Hash 85bc361d9bbca250ef9e7b94b5ee8f5c
71c059530bd12376f17e3501665d84752dfc892b
e01563c7dc88240205501f27a0e0137052108d15640e342713b800850035ade5
GET /wp-content/uploads/2019/06/UK-AEA_294_DIGI_AW_WHITE-1.png HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Tue, 18 Jun 2019 09:59:13 GMT
ETag: "62033f9-9e99-58b962a349e40"
Accept-Ranges: bytes
Content-Length: 40601
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 02 Sep 2022 03:38:16 GMT
Expires: Fri, 02 Sep 2022 04:10:21 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oyAskrcBlfoViuHIhWaLOO-C5sleDYv4CA8Rwt0pDOI62AxuPxQuhQ==
Age: 2913
cpstest.xyz/wp-content/uploads/2019/07/Asset-4.png
200 OK 8.4 kB URL HTTP/1.1 cpstest.xyz/wp-content/uploads/2019/07/Asset-4.png
IP
ASN #21499 Host Europe GmbH
File type PNG image data, 139 x 139, 8-bit/color RGBA, non-interlaced\012- data
Hash 888c7f14cc5e759c0b088afe348ff23b
157db3291e5e21be377cfefb35087947c00571cc
be7f1928fbe4de94d0cd47d8feaf532c2027f7446c750141ee096fff479b1f94
GET /wp-content/uploads/2019/07/Asset-4.png HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Fri, 12 Jul 2019 13:55:38 GMT
ETag: "6203873-20d7-58d7c43e38a80"
Accept-Ranges: bytes
Content-Length: 8407
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
cpstest.xyz/wp-content/themes/salient/css/fonts/OpenSans-Regular-webfont.woff
200 OK 14 kB URL HTTP/1.1 cpstest.xyz/wp-content/themes/salient/css/fonts/OpenSans-Regular-webfont.woff
IP
ASN #21499 Host Europe GmbH
File type Web Open Font Format, TrueType, length 13988, version 1.0\012- data
Hash 5a232d0daaf2562bf4910c1f699eeaab
a07f3daa46691580836acb6ca6b38fcc89602856
3b4ae61d6e9fb6fa5d10b2390885f2e68f4443285d5b2e17c782393c6acf793f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/salient/css/fonts/OpenSans-Regular-webfont.woff HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://cpstest.xyz/wp-content/themes/salient/style.css?ver=10.0.2
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:49 GMT
Server: Apache
Last-Modified: Thu, 18 Jul 2019 11:25:05 GMT
ETag: "62030d5-36a4-58df2dc872640"
Accept-Ranges: bytes
Content-Length: 13988
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff
zhwpic.zuhaowan.com/images/account_img/2022-06-26/62b851ecd170e.jpg
200 OK 352 kB URL HTTP/1.1 zhwpic.zuhaowan.com/images/account_img/2022-06-26/62b851ecd170e.jpg
IP
ASN #135391 AOFEI DATA INTERNATIONAL COMPANY LIMITED
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1080x962, components 3\012- data
Size 352 kB (352159 bytes)
Hash 75b96569b3a2fb10fd85e74096399803
4c37f138c06fad6abcb30233754737929d78d8ba
e5ccc4b8c4f660493022419eb3eb4a7baaae9a4f5a850f79e308ef5525c32fe4
GET /images/account_img/2022-06-26/62b851ecd170e.jpg HTTP/1.1
Host: zhwpic.zuhaowan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/
HTTP/1.1 200 OK
Server: marco/2.17
Date: Fri, 02 Sep 2022 04:26:49 GMT
Content-Type: image/jpeg
Content-Length: 352159
Connection: keep-alive
X-Request-Id: 5b1bcccc7c074d4785ac34b60f08a11c; bdc449ab0a6cd15cb3b6568cb181a8cd; f2879f0688d6c6955851b4ce3c94f149
X-Source: U/304
X-Upyun-Content-Length: 352159
ETag: "75b96569b3a2fb10fd85e74096399803"
X-Upyun-Content-Type: image/jpeg
Last-Modified: Sun, 26 Jun 2022 12:32:45 GMT
Expires: Fri, 02 Sep 2022 20:27:52 GMT
Cache-Control: max-age=691200
Accept-Ranges: bytes
Age: 633537
Via: T.206.H, V.403-zj-fud-205, S.pcw-cn-hkg-166, T.166.H, V.pcw-cn-hkg-164, T.132.H, M.gtt-de-fra2-132
cpstest.xyz/wp-content/plugins/wp-views/vendor/toolset/toolset-common/res/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/1.1 cpstest.xyz/wp-content/plugins/wp-views/vendor/toolset/toolset-common/res/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
ASN #21499 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/plugins/wp-views/vendor/toolset/toolset-common/res/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://cpstest.xyz/wp-content/plugins/wp-views/vendor/toolset/toolset-common/res/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:50 GMT
Server: Apache
Last-Modified: Thu, 18 Jul 2019 11:23:06 GMT
ETag: "6260cda-12d68-58df2d56f5a80"
Accept-Ranges: bytes
Content-Length: 77160
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff2
ocsp.digicert.com/
200 OK 471 B IP
Hash 2eb022bbcb69557dc09477b624814e87
6030f2c630a01fbc027c887d31e696f84cc60c97
d7a508e276f0ca1b58b6af39720fb7ebb26fb38df50a159eb82d1d2542610b85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3083
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 04:26:50 GMT
Last-Modified: Fri, 02 Sep 2022 03:35:28 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
static.hotjar.com/c/hotjar-1323253.js?sv=5
301 Moved Permanently 183 B URL HTTP/1.1 static.hotjar.com/c/hotjar-1323253.js?sv=5
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash e4e384d6672787c1bb2a9b500114f1f5
cf909e7937cd3f312c434367b732a53d7a6cbf14
80785f5520097dde3b28c617171415cd690cbf1e0353a5f3e348c83a4656ea0f
GET /c/hotjar-1323253.js?sv=5 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 02 Sep 2022 04:26:50 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://static.hotjar.com/c/hotjar-1323253.js?sv=5
X-Cache: Redirect from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: e5FwV0fj3rTIdrfdffy-3RL7B9KEA0iDjZbSUTvKZlHy5dX6TwJ7wQ==
cpstest.xyz/wp-content/uploads/2019/07/cropped-asdAsset-5@4x-1-192x192.png
200 OK 33 kB URL HTTP/1.1 cpstest.xyz/wp-content/uploads/2019/07/cropped-asdAsset-5@4x-1-192x192.png
IP
ASN #21499 Host Europe GmbH
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash a34887796dcf0bd2f915be1bb7b8dcf9
950cdb2f6b2034264798ec6a44f72a8e312d00e9
4140b3fb89e3ea211b96a691e60b2fdc5e4abfa565654f30b7f235d3a7091844
GET /wp-content/uploads/2019/07/cropped-asdAsset-5@4x-1-192x192.png HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:50 GMT
Server: Apache
Last-Modified: Fri, 12 Jul 2019 14:01:43 GMT
ETag: "6203b6d-8164-58d7c59a4ffc0"
Accept-Ranges: bytes
Content-Length: 33124
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
cpstest.xyz/wp-content/uploads/2019/07/cropped-asdAsset-5@4x-1-32x32.png
200 OK 2.5 kB URL HTTP/1.1 cpstest.xyz/wp-content/uploads/2019/07/cropped-asdAsset-5@4x-1-32x32.png
IP
ASN #21499 Host Europe GmbH
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ba1f917d7e234a09567e528be377eee
00a167c7db2b7ed92859f13c721c10618e9844c9
eb76408da4ddb9817195829e19e08085be02550bf918797c28fce97411a25449
GET /wp-content/uploads/2019/07/cropped-asdAsset-5@4x-1-32x32.png HTTP/1.1
Host: cpstest.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/r%E8%A1%80%E5%8D%B0-bloody-spell-dlc-%C6%B9%E5%87%89%E8%82%9A%E5%85%9C-product-key-x64/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:26:50 GMT
Server: Apache
Last-Modified: Fri, 12 Jul 2019 14:01:43 GMT
ETag: "6203b85-9f0-58d7c59a4ffc0"
Accept-Ranges: bytes
Content-Length: 2544
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nTTvgEwaMxNVNl9sZ1MzKw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QISEcBHVPSIdj6C35VsDHPDknTg=
code.tidio.co/tenuqd61zzptfehodgiu6hojno0qfrix.js
301 Moved Permanently 134 B URL HTTP/1.1 code.tidio.co/tenuqd61zzptfehodgiu6hojno0qfrix.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /tenuqd61zzptfehodgiu6hojno0qfrix.js HTTP/1.1
Host: code.tidio.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpstest.xyz/
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Sep 2022 04:26:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://code.tidio.co:443/tenuqd61zzptfehodgiu6hojno0qfrix.js
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wcafKYPmLdV7UjX%2F%2FMA9zGG2OVj7AdHFkov8DMBqMIdsBFPYoVxyGj%2FtjD3%2B4tXwNt2AbC3dFuTnY30LHnpyC5Vdy5iYjhlEFzXbqETkfUwdFSUmuO2dWtjmRm7LHM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74437d615a5f0b61-OSL
code.tidio.co/tenuqd61zzptfehodgiu6hojno0qfrix.js
302 Found 13 kB URL HTTP/2 code.tidio.co/tenuqd61zzptfehodgiu6hojno0qfrix.js
IP
Hash 474623eb6e5f8ec65e456d0d1d5af010
5668844f71c584c4823e9f8d9a41e7d7d6b25799
1a0f4669aa5148674153ad920bd7a0e0827e44572f163c234bde61438a880552
GET /tenuqd61zzptfehodgiu6hojno0qfrix.js HTTP/1.1
Host: code.tidio.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cpstest.xyz/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 02 Sep 2022 04:26:50 GMT
content-type: text/html
location: https://widget-v4.tidiochat.com/1_109_0/static/js/render.ab79717f7151353390a1.js
cache-control: private, no-cache, no-store, must-revalidate
widget-cache-status: HIT
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eor5t2uHDU%2FPRftbeRBRa3osgQR100TVeDXqTP2UT3YDQKm6YzyCXJzVkj2k%2FuImlDaCjH7hnPbMoZd8vzs6mDsxni1JVpZq1E6%2B%2Bo3IHaH63j6NcjCcAAXhMuLhNts%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74437d621eb90b4d-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 45592db5d645bc2012a6bea8bb944913
cbbfedba6b579dc8edc11d5ff4393d96776cb6e0
5074bcc102cefc6b0754ebb05bf325e84924bb94a5f0a994959dd700610430eb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 04:26:51 GMT
Last-Modified: Fri, 02 Sep 2022 02:53:06 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9cF2QzgZ_qcIMuwh_cUXkyMtFi34uEsQfyZpvA7ze_GjY3DHc81RYA==
Age: 5625
socket.tidio.co/socket.io/?ppk=tenuqd61zzptfehodgiu6hojno0qfrix&device=desktop&EIO=3&transport=websocket
101 Switching Protocols 0 B URL HTTP/1.1 socket.tidio.co/socket.io/?ppk=tenuqd61zzptfehodgiu6hojno0qfrix&device=desktop&EIO=3&transport=websocket
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?ppk=tenuqd61zzptfehodgiu6hojno0qfrix&device=desktop&EIO=3&transport=websocket HTTP/1.1
Host: socket.tidio.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://cpstest.xyz
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1VtNZOFy+u6OkZS5YfPxZQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 02 Sep 2022 04:26:51 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rQtwghAjJaONabmX3HS3hxmCSMM=
Sec-WebSocket-Extensions: permessage-deflate
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6c2e5114156ac45cec856f3ea7f45872
011859d6358ad9298b557c1a4b33b80a7a5411ab
3a17c68f9f6cb51ef5c39157a5cae6526f7efae019cc9ae96706da80aea667da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 04:26:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6c2e5114156ac45cec856f3ea7f45872
011859d6358ad9298b557c1a4b33b80a7a5411ab
3a17c68f9f6cb51ef5c39157a5cae6526f7efae019cc9ae96706da80aea667da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 04:26:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap
200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap
IP
Hash 4ac2f6600aa9c71c15fb98783ce7b337
77f51163d038750d95e584958e9b34cc238a98ba
36edd696f37f91a2907b6248b823448ac1341562f4a9d40f042cd75f60fc99b4
GET /css2?family=Mulish:wght@400;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cpstest.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 04:26:51 GMT
date: Fri, 02 Sep 2022 04:26:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12064
Expires: Fri, 02 Sep 2022 07:47:55 GMT
Date: Fri, 02 Sep 2022 04:26:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4448f0ed-ddec-4668-bd40-5fbe46656300.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4448f0ed-ddec-4668-bd40-5fbe46656300.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0fe035175dde92a1aad136d9a9cf92fe
6d4394252bb2ba429cf050d1b8e6ab272f915a5d
d6f8887a2d25f62c35d5ea1a487b982bab32d281cd2d2267213cd5c60b2e1a80
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4448f0ed-ddec-4668-bd40-5fbe46656300.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6136
x-amzn-requestid: f1eabc71-e312-4081-8e8f-272917738523
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0GGv2IAMFfXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-69bd9f574a2d7a1e6c760e66;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: AkUwWs2mrN060d3zmt7VVYagbwyWOLkiWuPYRvq28ZOIZ_6gB0DLBA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 08:02:28 GMT
age: 73463
etag: "6d4394252bb2ba429cf050d1b8e6ab272f915a5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43d94e54-2c67-403b-b94b-ef5e36cb5e26.jpeg
200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43d94e54-2c67-403b-b94b-ef5e36cb5e26.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14e82032ab44011167c9d2d9695a3198
d3fda6718ab89268e82bde16b06a96354fa3d57b
2f073e250e9956e82038d29df1de50df864e2c22e4604bbd78d1e62188ae9197
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43d94e54-2c67-403b-b94b-ef5e36cb5e26.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7156
x-amzn-requestid: e2b38429-0492-4319-9c72-5a1619c78420
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMO2EKcoAMFrrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311272b-69d66f695cf1a07f0fae433c;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kpPP3oOPJ0CPFcrn_69SQa_tDp3VGWYBSX2_LVD-wT0tUuQCUkQoAQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:54:17 GMT
age: 23554
etag: "d3fda6718ab89268e82bde16b06a96354fa3d57b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
widget-v4.tidiochat.com//1_109_0/static/js/widget.ab79717f7151353390a1.js
200 OK 175 kB URL HTTP/2 widget-v4.tidiochat.com//1_109_0/static/js/widget.ab79717f7151353390a1.js
IP
File type ASCII text, with very long lines (65451)
Size 175 kB (174792 bytes)
Hash 060905c61f7468fecc7102fc2bd31e4b
764abe28f1c578bd2e955198d3a3e7663e1970e0
24038aaf2630a9a4c74117ef81ab258d95cffd7047404f13a43745a3c4e067e9
GET //1_109_0/static/js/widget.ab79717f7151353390a1.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 04:26:50 GMT
content-type: application/javascript
last-modified: Thu, 18 Aug 2022 10:12:36 GMT
vary: Accept-Encoding
etag: W/"62fe1094-81be9"
cache-control: max-age=691200
cf-cache-status: HIT
age: 6619
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcJr7FuK1vJnLI2gDtV%2B9pCEZUT51Ecor6QpXDOLg2uC66TTPBp0bSwp6PE6U%2B69PFzZaQE1uIZ%2BXWIeKkLp2f%2F0LLDwbBqT1pQE5HRz%2BvkWIaxxnAG1Wx0uI8w6w8j9xurJ%2BhlUiTBq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74437d63ad5e1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: n6DJbsUGTdXT42cNLTDq6Uz28H2SDhwq6drdKP4axAHsBz471X7r_g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
age: 24565
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92e93c5d-fd27-4eb2-b92a-cb36c0a9dd5a.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92e93c5d-fd27-4eb2-b92a-cb36c0a9dd5a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ab0ab1c19ba075fb2824d46c54df9f71
a914438297847f1de165c8ec8b67d4204cfb8aa0
603c5ab17b63559dedb5d0fb7df703406ea3f0c5af64f794ba19523b887f346f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92e93c5d-fd27-4eb2-b92a-cb36c0a9dd5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9960
x-amzn-requestid: 50b32ec4-bc0d-4688-a57f-3a2be28296e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzL6_EaxoAMFh0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631126ac-6e34c4b477bee94b43ac67ed;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: m4O94k0M1ODXowQJCRLhRrkQuG2oW9BG88wvoKOwFSynVVvgzf3M9Q==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:12:19 GMT
age: 22472
etag: "a914438297847f1de165c8ec8b67d4204cfb8aa0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0c1e7f6c9e17585905fdbe9ae4da50b
67192f5be476ac4dada66dc9fbe26469d62e2d78
21ca880b36bbb7791f8df2bf9830f11a960692123dd6dde5be42bda004dc428b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9642
x-amzn-requestid: 52c698d7-6419-4614-9c53-68a265266337
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjbEvgoAMFkKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-547a72850cce71da013383f5;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: I3pDTq3EeJJtzJFsAFaym7cV5nCrwFailDRzgA3QkAFOYj3xV43v2w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
etag: "67192f5be476ac4dada66dc9fbe26469d62e2d78"
content-type: image/jpeg
age: 24565
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 04:26:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 27428, version 1.0\012- data
Hash e6d08c334958c128b793b570a7dce066
081111500e97a7663ff936f847e050fee6b8be2b
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
GET /s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cpstest.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27428
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 Aug 2022 04:28:20 GMT
expires: Sun, 27 Aug 2023 04:28:20 GMT
cache-control: public, max-age=31536000
age: 518311
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 04:26:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.hotjar.com/c/hotjar-1323253.js?sv=5
200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-1323253.js?sv=5
IP
GET /c/hotjar-1323253.js?sv=5 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cpstest.xyz/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Fri, 02 Sep 2022 04:26:50 GMT
cache-control: max-age=60
etag: W/49e64748c071d06bf659b3e7f758fb3b
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MRHVW2O09Kc_MhKxl3pMqOgbgVltAowMxuE6Ju4imwTWTbb7embAvQ==
X-Firefox-Spdy: h2
widget-v4.tidiochat.com/1_109_0/static/js/chunk-WidgetIframe-ab79717f7151353390a1.js
200 OK 0 B URL HTTP/2 widget-v4.tidiochat.com/1_109_0/static/js/chunk-WidgetIframe-ab79717f7151353390a1.js
IP
GET /1_109_0/static/js/chunk-WidgetIframe-ab79717f7151353390a1.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 04:26:50 GMT
content-type: application/javascript
last-modified: Thu, 18 Aug 2022 10:12:36 GMT
vary: Accept-Encoding
etag: W/"62fe1094-54cab"
cache-control: max-age=691200
cf-cache-status: HIT
age: 6625
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsgkrzC0QFbu8aa2Uej3eE%2FGJgd7saQApGbtfc0BQLfl%2BlGoZJVao4gu2J2fzXRHIisUVvGUWQVdu99xy9txE89un6WVojZvk3BMvTqd%2FQn6Txw6%2BpMigXLVhzoeTO3031bsd%2F0slKoc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74437d639d511c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
92.205.3.88
142.250.74.163
23.36.77.32
54.171.220.19
185.232.59.134
93.184.220.29
0.0.0.0