roanoke.family/
301 Moved Permanently 162 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Location: https://roanoke.family/
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-FW-Server: Flywheel/5.1.0
X-FW-Hash: ug6mlb3sfo
X-Hits: 3
X-FW-Version: 5.0.0
Server: Flywheel/5.1.0
Accept-Ranges: bytes
Date: Mon, 28 Nov 2022 14:15:24 GMT
X-Served-By: cache-bma1676-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 0
X-Timer: S1669644924.181891,VS0,VE122
Vary: Authorization
X-FW-Serve: TRUE
X-FW-Static: NO
X-FW-Type: VISIT
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10724
Expires: Mon, 28 Nov 2022 17:14:08 GMT
Date: Mon, 28 Nov 2022 14:15:24 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4933
Cache-Control: max-age=164290
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:24 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:53:34 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 13:19:32 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3352
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8694
Expires: Mon, 28 Nov 2022 16:40:18 GMT
Date: Mon, 28 Nov 2022 14:15:24 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5tb2LHdFuys6IiEhfkG39n5B8RQ0DCv+XNzBvgtQzLYZTyPNXbWb/r1wBbA3h1li9K/n5nb0axU=
x-amz-request-id: VYK98K0ZS43JNG0P
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 13:45:03 GMT
age: 1821
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 14:15:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 14:11:12 GMT
cache-control: public,max-age=3600
age: 253
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3396
Cache-Control: max-age=157686
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:25 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:03:31 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Du/IO8gXbOKSlVyMHeBD/g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6HuUghzVKkakT99+313oBljxnrA=
ocsp.digicert.com/
200 OK 280 B IP
Hash c621d4c62f1b73d7db42f083617dc8db
1a78ba537afba7aea6308288c5c41c90de74b3ba
d7b3c5b2e9ea4ad8e5c33649a912d471545651f643b62238beb7d33188146322
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3176
Cache-Control: max-age=111756
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:25 GMT
Etag: "6383c7a1-118"
Expires: Tue, 29 Nov 2022 21:18:01 GMT
Last-Modified: Sun, 27 Nov 2022 20:25:05 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash c621d4c62f1b73d7db42f083617dc8db
1a78ba537afba7aea6308288c5c41c90de74b3ba
d7b3c5b2e9ea4ad8e5c33649a912d471545651f643b62238beb7d33188146322
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3176
Cache-Control: max-age=111756
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:25 GMT
Etag: "6383c7a1-118"
Expires: Tue, 29 Nov 2022 21:18:01 GMT
Last-Modified: Sun, 27 Nov 2022 20:25:05 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
roanoke.family/wp-content/plugins/contentstudio-plugin-master/_inc/main.css?ver=1.0.0
200 OK 250 B URL HTTP/2 roanoke.family/wp-content/plugins/contentstudio-plugin-master/_inc/main.css?ver=1.0.0
IP
Hash 8336a34ef2e0fe1ddfbc5c262111ec38
55db8f07318bbb5e2877611c9e4c205f6df9872f
68ac68d2730b683ccb6fad6d969af71a65d8403c12b9d301004adfb72ed811c2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contentstudio-plugin-master/_inc/main.css?ver=1.0.0 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 03 Jun 2020 18:45:01 GMT
etag: W/"5ed7efad-19e"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 48
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644925.475581,VS0,VE122
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 250
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/foundation-icons.woff
200 OK 32 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/foundation-icons.woff
IP
File type Web Open Font Format, TrueType, length 32020, version 0.0\012- data
Hash da4fa13556b21375d2772c512fa17a83
b29ccdf05c69e905904bdc0a4e0a42bc1689dd16
4fc9cc26a4d380b75ff7d1a1f07b11e73ee320f9fa246f7cd888f9731d8871f6
GET /ajax/libs/foundicons/3.0.0/foundation-icons.woff HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://roanoke.family
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 14:15:25 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 31590
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e66-7d14"
last-modified: Mon, 04 May 2020 16:10:14 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6033946
expires: Sat, 18 Nov 2023 14:15:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBejFOdzfAyCtoT1Os6SPVwT1%2F7WAe%2B8T68X5ucjVORzLtzX8XsrieM2utflOUr7uKfiJJJ9wy9puYRjkJK841vcITm3%2B9R%2FWKqOjp%2BPSnSIyFP8zkf8Pl5yskIWkj%2FAQGmcRamO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7713b7314d001c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/foundation-icons.css?ver=2.6.0.3
200 OK 2.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/foundation-icons.css?ver=2.6.0.3
IP
Hash bf1391b615ae5584f9dd9ce0dadf80d8
5c1ac10b4ced91893f7ead8ccae6144b24e16005
61ed77d9060b46122faab2a431b523f33353943595600c7fed2238155fd462d5
GET /ajax/libs/foundicons/3.0.0/foundation-icons.css?ver=2.6.0.3 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 14:15:25 GMT
content-type: text/css; charset=utf-8
content-length: 2855
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e66-4c34"
last-modified: Mon, 04 May 2020 16:10:14 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2890117
expires: Sat, 18 Nov 2023 14:15:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGA%2BjfGSw%2FA3R0ZCwi7Km9KvTQanNoGODE4u%2F%2Bf%2BJgWSu12%2F9hUkJzPbTa6A0C%2FqSkEQfbVzcEx1MXGlG3f99LptdKul%2FTrHCKGg2yuLlDyR7W2l%2BV4aMuxRoCD0%2FObtSPDR8EL5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7713b7314d13b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/js/300/addthis_widget.js
200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP
File type ASCII text, with very long lines (54602)
Size 116 kB (116388 bytes)
Hash fef08c9f8bacc1b0eed3950dbe7d0f87
e9a3b98cad1e2d58eab1e2cbaa51cb979dc45075
55b3d5b3acd46444cc1844a676c75ba25209ce371065791cd4fbdc9da60aea34
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116388
date: Mon, 28 Nov 2022 14:15:25 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.imgur.com/min/embed.js
200 OK 433 B IP
File type ASCII text, with very long lines (399)
Hash 35a7c25618062b8160cabdc53e2f03a1
205e835e3b6664b69ef2f991f7a5ccc6d01cfaec
2832c93ada0b6b4cecfc1cb12191921dcdd570fc5fcc54f7a5da359df716a061
GET /min/embed.js HTTP/1.1
Host: s.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 23 Nov 2022 14:08:33 GMT
etag: "35a7c25618062b8160cabdc53e2f03a1"
content-type: application/javascript
accept-ranges: bytes
date: Mon, 28 Nov 2022 14:15:25 GMT
via: 1.1 varnish
age: 20
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669644926.694383,VS0,VE1
vary: Accept-Encoding
content-length: 433
X-Firefox-Spdy: h2
cdn.cityspark.com/wid/get.js
200 OK 919 B URL HTTP/2 cdn.cityspark.com/wid/get.js
IP
File type ASCII text, with very long lines (2239), with no line terminators
Hash 39f7e4c2d72a1d17e1ccf860c6c6e34d
686800a01fe7e6a30bff97107062b14a2d4d7769
f112c4ab6b1d03729125152cbd7881167baef45e4e65bc80cc29c82aeb05fbd2
GET /wid/get.js HTTP/1.1
Host: cdn.cityspark.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 338497
content-md5: DgH26NwpVpUJ7mY3mCxUbA==
content-type: application/x-javascript
date: Mon, 28 Nov 2022 14:15:25 GMT
etag: "0x8D7F2927FD84964+gzip"
last-modified: Thu, 07 May 2020 14:25:32 GMT
server: ECAcc (ska/F760)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 9bbea331-f01e-0002-221f-0046b5000000
x-ms-version: 2014-02-14
content-length: 919
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash c621d4c62f1b73d7db42f083617dc8db
1a78ba537afba7aea6308288c5c41c90de74b3ba
d7b3c5b2e9ea4ad8e5c33649a912d471545651f643b62238beb7d33188146322
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3176
Cache-Control: max-age=111756
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:25 GMT
Etag: "6383c7a1-118"
Expires: Tue, 29 Nov 2022 21:18:01 GMT
Last-Modified: Sun, 27 Nov 2022 20:25:05 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
www.googletagmanager.com/gtag/js?id=UA-34515977-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-34515977-1
IP
File type ASCII text, with very long lines (1921)
Hash 1b1992c8785cd08a04f55694b1d2541d
689e4b75e323ab22741154e3e39bb4c2dfe852e1
8de2c8b0cfe686c882859612c50069324536099d4fe7f5e277c90cef883b99c9
GET /gtag/js?id=UA-34515977-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 14:15:25 GMT
expires: Mon, 28 Nov 2022 14:15:25 GMT
cache-control: private, max-age=900
last-modified: Mon, 28 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43615
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
roanoke.family/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
200 OK 5.5 kB URL HTTP/2 roanoke.family/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP
File type ASCII text, with very long lines (15660)
Hash 17db16eba9de064a60b18a592b36634a
82fc955209623803111e48d5be3cf345315be6f5
1144901adf4e1d54838e6e04a2b75314f3b95518ee654d8c1742af50e355b433
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-48b9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-hits: 49
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.595921,VS0,VE122
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 5515
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-994247477
200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-994247477
IP
File type ASCII text, with very long lines (1921)
Hash 6d5e6572de56afcd5b6f90d0114dabcd
b5e4b3ae78a7117b4b81b7d1855fd00b3ef4484a
f59aac4957a91877f5bb81b4bee3b374ecb1811624a0fdf41f17bd47b07ecd43
GET /gtag/js?id=AW-994247477 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 14:15:25 GMT
expires: Mon, 28 Nov 2022 14:15:25 GMT
cache-control: private, max-age=900
last-modified: Mon, 28 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53032
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
roanoke.family/wp-content/plugins/embedpress/Gutenberg/dist/blocks.style.build.css?ver=1666408144
200 OK 1.6 kB URL HTTP/2 roanoke.family/wp-content/plugins/embedpress/Gutenberg/dist/blocks.style.build.css?ver=1666408144
IP
File type ASCII text, with very long lines (2438)
Hash 3f3e99fc25ea02ac18f373ce228d2b40
154b1ce72e1d3325500352eaffb8048f9e854965
0bf787081715c28f4bd95d77c8b74094f5919c11800ec5779a1ed0edb5157f3d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/embedpress/Gutenberg/dist/blocks.style.build.css?ver=1666408144 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Sat, 22 Oct 2022 03:09:04 GMT
etag: W/"63535ed0-15fb"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 47
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644925.476640,VS0,VE359
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1582
X-Firefox-Spdy: h2
roanoke.family/
200 OK 28 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047)
Hash 65df22acc2b42c9afdf4177c2a30631a
6950cb35cc697461aa762d5f1b9f6f09d753db1b
119392fd2dfa87d94a50c7c564c0dea6bee02b840fd1f8f1b9e8640dbae49482
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://roanoke.family/wp-json/>; rel="https://api.w.org/", <https://roanoke.family/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://roanoke.family/>; rel=shortlink
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: MISS, MISS
x-cache-hits: 0
x-timer: S1669644925.550087,VS0,VE818
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/business-directory-plugin/assets/css/widgets.min.css?ver=6.2.10
200 OK 599 B URL HTTP/2 roanoke.family/wp-content/plugins/business-directory-plugin/assets/css/widgets.min.css?ver=6.2.10
IP
File type ASCII text, with very long lines (3439), with no line terminators
Hash 9f1287f4f2d44b7af2c3c321e7fbf642
24dfb3034c72069f7aa514e02e3ca387f621583d
6b3d0a2f60266f83dc22e8b7879c5def94171e4b9f7b2bd9a291a3db21b911ae
GET /wp-content/plugins/business-directory-plugin/assets/css/widgets.min.css?ver=6.2.10 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 21 Oct 2022 17:45:58 GMT
etag: W/"6352dad6-d6f"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 48
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644925.484642,VS0,VE358
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 599
X-Firefox-Spdy: h2
roanoke.family/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.3
200 OK 1.3 kB URL HTTP/2 roanoke.family/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.3
IP
File type ASCII text, with very long lines (4186), with no line terminators
Hash 03a555a725babd3469688ac7a1a11e23
3cca490396dc08d1ec484e431ba3efe876c5fa25
a9159931c913ec5fa911b8db4a52fadb74689b598fd7a60d0cab24406175c9d7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.3 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-105a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-hits: 48
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644925.489728,VS0,VE358
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1265
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/wp-views/embedded/res/css/wpv-pagination.css?ver=2.8.0.1
200 OK 1.4 kB URL HTTP/2 roanoke.family/wp-content/plugins/wp-views/embedded/res/css/wpv-pagination.css?ver=2.8.0.1
IP
Hash c24301d2e4dbc55652b93a3804cb09ca
627fc29790f3fc46d3d42cd76d8a1cf0269e1a4c
9e629f2df2fb8758399d1982f5b01bb0135aee963dfb48869cef5873298eadc0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-views/embedded/res/css/wpv-pagination.css?ver=2.8.0.1 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 15 Jan 2020 14:27:02 GMT
etag: W/"5e1f2136-11fc"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 48
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644925.490172,VS0,VE358
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1401
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.6.0.3
200 OK 1.8 kB URL HTTP/2 roanoke.family/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.6.0.3
IP
File type ASCII text, with very long lines (5788), with no line terminators
Hash f71e7ce04683e8557167234843265fa0
5d3b6af3ede405c3c78ae8c020b7ff087fd5ce3f
e338380debcc979feba250af09c15fcff9b0e7a58b3670bd4d738b1eb87af86b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.6.0.3 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 21 Oct 2022 22:02:44 GMT
etag: W/"63531704-169c"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 48
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644925.490545,VS0,VE359
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1770
X-Firefox-Spdy: h2
roanoke.family/wp-includes/js/imagesloaded.min.js?ver=6.0.3
200 OK 1.9 kB URL HTTP/2 roanoke.family/wp-includes/js/imagesloaded.min.js?ver=6.0.3
IP
File type ASCII text, with very long lines (5477)
Hash fcf12c7d3f5778470877aff26bdb3040
b8cc6b30eb49ef014651e6f22e4a33b74a3fde1e
2b6a1c6d97acd8b8f1460d8e4acbac8f911aa950c482ab794888f40c63fb2d6f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=6.0.3 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-15fd"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-hits: 52
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.504498,VS0,VE359
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1946
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/embedpress/assets/js/pdfobject.min.js?ver=3.5.2
200 OK 4.7 kB URL HTTP/2 roanoke.family/wp-content/plugins/embedpress/assets/js/pdfobject.min.js?ver=3.5.2
IP
Hash f0ec129758804a690bc8c9f2bfe3a74e
a0d44ff4227a966ac6d511ed9f80ee3c1f6a2aec
2fb20bd788046179a8430426571a9ada35ee2621b678182924ff73cbf30b0e34
GET /wp-content/plugins/embedpress/assets/js/pdfobject.min.js?ver=3.5.2 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Sat, 22 Oct 2022 03:09:04 GMT
etag: W/"63535ed0-34d3"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 52
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.509568,VS0,VE358
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4701
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3
200 OK 890 B URL HTTP/2 roanoke.family/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3
IP
File type ASCII text, with very long lines (1709), with no line terminators
Hash 2dd9724d952494cfb993d39878f76d70
03fe6647291691dcf5e4e281785ddbea581a3948
45b06ec86afb838ec3e9935f222f6b651b131be8c16533fbf135b6a65360209e
GET /wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Sat, 22 Oct 2022 04:03:29 GMT
etag: W/"63536b91-6ad"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 52
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.510493,VS0,VE359
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 890
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.0.3
200 OK 698 B URL HTTP/2 roanoke.family/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.0.3
IP
File type ASCII text, with very long lines (1146)
Hash bdf8abffece5f517d0f8c7a83b3363ef
3507bbdf54ce7563b6f5baf1cc3a87b91bee8cdf
2c4985e6a6191ff982a62a03526463edcc65d1c2061a9a7827746459d9f33a60
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.0.3 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Sat, 22 Oct 2022 04:03:29 GMT
etag: W/"63536b91-525"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 52
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.510956,VS0,VE359
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 698
X-Firefox-Spdy: h2
roanoke.family/wp-content/uploads/2021/02/image0-9-150x150.jpeg
200 OK 7.8 kB URL HTTP/2 roanoke.family/wp-content/uploads/2021/02/image0-9-150x150.jpeg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=Apple, model=iPhone 7, orientation=upper-left, xresolution=162, yresolution=170, resolutionunit=2, software=14.2, datetime=2020:12:25 19:44:19, hostcomputer=iPhone 7], baseline, precision 8, 150x150, components 3\012- data
Hash 4f0310e7d41d6eb9fb33de556eb84355
37bd1161fa110761dfe612f20b803af09d77de28
d8941bab7d638319fe24190366f7ca17c24f1f2430e411bf0428f9b36cbd82cd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2021/02/image0-9-150x150.jpeg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Tue, 09 Feb 2021 14:15:16 GMT
etag: W/"602298f4-225f"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 10
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.540753,VS0,VE359
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7846
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.6.0.3
200 OK 462 B URL HTTP/2 roanoke.family/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.6.0.3
IP
File type ASCII text, with very long lines (479)
Hash 1801cbd5f162b6cfff17b576b9e1790e
a124a5c928059065b1062024ff55240284e6a0cb
66dc9e93d476201c0069d92a5a019bb1812ddebc87bfa9eaa93d0da39e3d3feb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.6.0.3 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 21 Oct 2022 22:02:51 GMT
etag: W/"6353170b-2db"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 50
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.584228,VS0,VE359
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 462
X-Firefox-Spdy: h2
roanoke.family/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.3
200 OK 552 B URL HTTP/2 roanoke.family/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.3
IP
File type ASCII text, with very long lines (1191), with no line terminators
Hash 38a91d57968c26a664af09881b630b79
56a5b7d46f998016208e1e52140d3504daec6267
751e391979a5cd04e2a168a7cf8e7f4cfd41d830faed64abc0fc60a594557ff2
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.3 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-4a7"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-hits: 52
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.585178,VS0,VE359
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 552
X-Firefox-Spdy: h2
roanoke.family/wp-content/uploads/bb-plugin/cache/147b49b19e0cad98854f0240bc722577-layout-bundle.js?ver=2.6.0.3-1.4.3.2
200 OK 12 kB URL HTTP/2 roanoke.family/wp-content/uploads/bb-plugin/cache/147b49b19e0cad98854f0240bc722577-layout-bundle.js?ver=2.6.0.3-1.4.3.2
IP
File type ASCII text, with very long lines (1517)
Hash 6512fa8716d548dd292f0341bef1f178
d1ef99119b4aaec74697d871d92fac81882dfdcf
526cfdbdf54cc60dd8a3a08c4993d7d0ff9e1f3eb16c8223ba208ce538dca8d8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/bb-plugin/cache/147b49b19e0cad98854f0240bc722577-layout-bundle.js?ver=2.6.0.3-1.4.3.2 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 21 Oct 2022 22:20:31 GMT
etag: W/"63531b2f-117b5"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 9
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.584382,VS0,VE359
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 11748
X-Firefox-Spdy: h2
roanoke.family/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.3
200 OK 479 B URL HTTP/2 roanoke.family/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.3
IP
File type HTML document, ASCII text, with very long lines (906), with no line terminators
Hash 894b58b901d74ef19b8e3c1de185a9ba
f0788359e70f149047b25b0738721077590e5f3b
c499b4d3d293eed189544d1a3d24c7bd2397eb833916fc4a4ed8ea48a4263680
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.3 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-38a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-hits: 52
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.585276,VS0,VE359
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 479
X-Firefox-Spdy: h2
roanoke.family/wp-includes/js/underscore.min.js?ver=1.13.3
200 OK 7.8 kB URL HTTP/2 roanoke.family/wp-includes/js/underscore.min.js?ver=1.13.3
IP
File type ASCII text, with very long lines (18876)
Hash a8f99c32a628461f9c7500e76e604567
88ab3c370bc896f5580065d601b7496a7b66bb56
9cf8b992dc38ff9be1ec3c2d5a31d69ec491db09eaa287a71f490df0edb1b139
GET /wp-includes/js/underscore.min.js?ver=1.13.3 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-49df"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-hits: 52
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.585533,VS0,VE360
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7791
X-Firefox-Spdy: h2
roanoke.family/wp-includes/js/backbone.min.js?ver=1.4.1
200 OK 8.6 kB URL HTTP/2 roanoke.family/wp-includes/js/backbone.min.js?ver=1.4.1
IP
File type ASCII text, with very long lines (23894)
Hash f0c52df9e4525066794f970aa004c65a
31bfdb997625d8afcbf003f90588f1d9c9a147ab
568e0c230f65e3f2c01580147b82a42ac7bcf569b92996a941f21d49befed3e1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/backbone.min.js?ver=1.4.1 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-5d79"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-hits: 51
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.591881,VS0,VE358
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 8646
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/wp-views/embedded/res/js/wpv-pagination-embedded.js?ver=2.8.0.1
200 OK 1 B URL HTTP/2 roanoke.family/wp-content/plugins/wp-views/embedded/res/js/wpv-pagination-embedded.js?ver=2.8.0.1
IP
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-views/embedded/res/js/wpv-pagination-embedded.js?ver=2.8.0.1 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 04 Oct 2019 02:41:02 GMT
etag: "5d96b13e-1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
x-hits: 52
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.593389,VS0,VE359
vary: Authorization, Accept-Encoding
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1
X-Firefox-Spdy: h2
roanoke.family/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.11
200 OK 6.2 kB URL HTTP/2 roanoke.family/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.11
IP
File type ASCII text, with very long lines (22786), with no line terminators
Hash 492192a397dd98257510db2c3f4ad70f
4014fa611a629a452869e64a2bf14f884c323e2b
3f4c48a58b67b85093934127362204777894ffbba85a3325a242752321f11e6f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.11 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Sat, 22 Oct 2022 13:24:23 GMT
etag: W/"6353ef07-5902"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 52
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.595258,VS0,VE358
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 6180
X-Firefox-Spdy: h2
roanoke.family/wp-content/uploads/bb-plugin/cache/5-layout.css?ver=32f3bcad982bcd37b6987f6b3ae4716f
200 OK 17 kB URL HTTP/2 roanoke.family/wp-content/uploads/bb-plugin/cache/5-layout.css?ver=32f3bcad982bcd37b6987f6b3ae4716f
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 425c497bdacc54bd70bdad6b1f5d1038
d766ba3f9a71a3f52f61617bf4903f243aabba48
38081837e6d3d41be0bfa9567677bd90978c91bdfd31de5bbf08cc109f45c649
GET /wp-content/uploads/bb-plugin/cache/5-layout.css?ver=32f3bcad982bcd37b6987f6b3ae4716f HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Sat, 22 Oct 2022 13:29:33 GMT
etag: W/"6353f03d-1bf0e"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 9
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644925.479023,VS0,VE360
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 17151
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/wp-views/vendor/toolset/toolset-common/res/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
200 OK 7.8 kB URL HTTP/2 roanoke.family/wp-content/plugins/wp-views/vendor/toolset/toolset-common/res/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP
File type ASCII text, with very long lines (30837)
Hash d2e8f813d9cb5468ffe853ba079e2b47
e21887874be3bb19bdbdc09684390834dd066fd9
bd257751a9617f85486149e064c6b57ff10f0b098fd16d4b27179bf4a8aee43e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-views/vendor/toolset/toolset-common/res/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 15 Jan 2020 14:28:38 GMT
etag: W/"5e1f2196-7918"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 48
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644925.484032,VS0,VE475
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7781
X-Firefox-Spdy: h2
roanoke.family/wp-content/uploads/bb-plugin/cache/24c8b22b6af93d5c878a9719fb11ac81-layout-bundle.css?ver=2.6.0.3-1.4.3.2
200 OK 28 kB URL HTTP/2 roanoke.family/wp-content/uploads/bb-plugin/cache/24c8b22b6af93d5c878a9719fb11ac81-layout-bundle.css?ver=2.6.0.3-1.4.3.2
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4cec85367fd17898b590d733ec8a304c
30cfa98d69261802355eb2754b7ef19aed2f2ba9
e80ac60092c59d18b5ec51648363469511c5823562f678c667ba71ac681bc31b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/bb-plugin/cache/24c8b22b6af93d5c878a9719fb11ac81-layout-bundle.css?ver=2.6.0.3-1.4.3.2 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 21 Oct 2022 22:30:22 GMT
etag: W/"63531d7e-3c986"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 9
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644925.484334,VS0,VE358
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 27819
X-Firefox-Spdy: h2
roanoke.family/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
200 OK 2.9 kB URL HTTP/2 roanoke.family/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
IP
File type ASCII text, with very long lines (11256), with no line terminators
Hash fb368bbe71fa1b870e4faaa08e0e480d
fb1d98a028de9afb2356c9e9543e0ec83cc9db3c
f28edbf24ba549420a79c49b421902928c8521d2b3bcb4070975e40e36e9a84d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-2bf8"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-hits: 48
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644925.489464,VS0,VE477
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2865
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/simple-social-buttons/assets/css/front.css?ver=4.0.2
200 OK 12 kB URL HTTP/2 roanoke.family/wp-content/plugins/simple-social-buttons/assets/css/front.css?ver=4.0.2
IP
Hash 43a564ce2ccedbd52d2500583e7cd128
5128cfb8c416016eeb64fc32cc088af77ff5f550
50d20293a97a3f5756734cb1d982e14120f8220d4a19868df2d7c501d0924d1b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/simple-social-buttons/assets/css/front.css?ver=4.0.2 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 04 Aug 2022 14:15:20 GMT
etag: W/"62ebd478-17f90"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 48
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644925.483677,VS0,VE484
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 12447
X-Firefox-Spdy: h2
roanoke.family/wp-content/uploads/bb-theme/skin-6353ef1280dfb.css?ver=1.7.11
200 OK 10 kB URL HTTP/2 roanoke.family/wp-content/uploads/bb-theme/skin-6353ef1280dfb.css?ver=1.7.11
IP
File type ASCII text, with very long lines (57720), with no line terminators
Hash a8dc72d3983b2f0ab3dd4ed2641771e8
bae3a1fe8e01fef801ab20646670e2cdea54c725
81b9b472431624b82bec22ea303c18e545c58ebb1bb4d5cbc8289a18a54860af
GET /wp-content/uploads/bb-theme/skin-6353ef1280dfb.css?ver=1.7.11 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Sat, 22 Oct 2022 13:24:34 GMT
etag: W/"6353ef12-e178"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 48
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644925.496579,VS0,VE477
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 10053
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/business-directory-plugin/themes/default/assets/styles.css?ver=6.2.10
200 OK 390 B URL HTTP/2 roanoke.family/wp-content/plugins/business-directory-plugin/themes/default/assets/styles.css?ver=6.2.10
IP
Hash 9728008883af8a3b064e53fcd51ee1ad
b8b229465e0163413446dd4d852e6e8d944e70c6
c8355a7b0e05a8b9510e87546836fd51aa27c72febc90aaaa79162cf931263cf
GET /wp-content/plugins/business-directory-plugin/themes/default/assets/styles.css?ver=6.2.10 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 21 Oct 2022 17:46:02 GMT
etag: W/"6352dada-406"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 48
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.502615,VS0,VE476
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 390
X-Firefox-Spdy: h2
roanoke.family/wp-content/themes/bb-theme-child/style.css?ver=6.0.3
200 OK 228 B URL HTTP/2 roanoke.family/wp-content/themes/bb-theme-child/style.css?ver=6.0.3
IP
Hash 6f47efebebdd6fc5d7a064d97e96e9e2
d138f9d1ac443806514626ccbf0a3e99a94c1db6
776791082ce219f5e28b192f498735a482e493e307b65d7be1a8935c67b68956
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/bb-theme-child/style.css?ver=6.0.3 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 15 Jan 2020 14:21:36 GMT
etag: W/"5e1f1ff0-147"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 48
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.502938,VS0,VE475
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 228
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/simple-social-buttons/assets/js/frontend-blocks.js?ver=4.0.2
200 OK 0 B URL HTTP/2 roanoke.family/wp-content/plugins/simple-social-buttons/assets/js/frontend-blocks.js?ver=4.0.2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/simple-social-buttons/assets/js/frontend-blocks.js?ver=4.0.2 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 14:15:20 GMT
etag: "62ebd478-0"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
x-hits: 52
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.503943,VS0,VE477
vary: Authorization, Accept-Encoding
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 0
X-Firefox-Spdy: h2
roanoke.family/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.4 kB URL HTTP/2 roanoke.family/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
File type ASCII text, with very long lines (11126)
Hash 24957bc8161f979c6e661f46fdc3974f
fa1237ffe8b3745baa78ac481239038e133fcc17
46acf87c90961d413ac24eace25b77a8d5236daf38799fec2daf0bc350cc6ebe
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-2bd8"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-hits: 52
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.504400,VS0,VE477
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4405
X-Firefox-Spdy: h2
roanoke.family/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
200 OK 34 kB URL HTTP/2 roanoke.family/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
File type ASCII text, with very long lines (65447)
Hash 22b0253c0ecce70e41e296d176b0d972
a161c363d2092739db21bfeb2cf23c980ec71580
181967b7928e133789c8edbb8bdcb73d44a0328d884b613f8ebfb182b4c3c52e
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-15db1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-hits: 52
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.504160,VS0,VE360
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 34060
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/simple-social-buttons/assets/js/front.js?ver=4.0.2
200 OK 2.2 kB URL HTTP/2 roanoke.family/wp-content/plugins/simple-social-buttons/assets/js/front.js?ver=4.0.2
IP
File type ASCII text, with very long lines (360)
Hash de6c85cebd28d64658f75db5c85dfb94
4f65b6e4897d0fb6b52c7da4902b8d6bd1f28583
b229f95689d246b904fb353fbdd0d048db3b25207ea53fb8c5e222efb9bfccaf
GET /wp-content/plugins/simple-social-buttons/assets/js/front.js?ver=4.0.2 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 14:15:20 GMT
etag: W/"62ebd478-1d3b"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 52
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.509992,VS0,VE477
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2216
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.2.0
200 OK 18 kB URL HTTP/2 roanoke.family/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.2.0
IP
File type C source, Unicode text, UTF-8 text
Hash 741ffbc47eb099f881c239952c712c91
c45a505a0c036a8393f753c44d5de56404a86d41
20932c86c822fd4ef867cc62369966730964789cd1cba566651801f6a9b125cb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.2.0 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Sat, 22 Oct 2022 04:03:29 GMT
etag: W/"63536b91-16e06"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 52
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.514658,VS0,VE358
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 17670
X-Firefox-Spdy: h2
roanoke.family/wp-content/uploads/2021/01/e0eb110636aab332fab6593947793b1e5a4f62ed-150x150.jpg
200 OK 7.6 kB URL HTTP/2 roanoke.family/wp-content/uploads/2021/01/e0eb110636aab332fab6593947793b1e5a4f62ed-150x150.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 2511edfb4d96589062d4b601ec703637
21bb29800ccab4a4731d43f9740efe801e82c71b
9cdbd5e566ae1c3160b32b3be0ee5fdd0b9ece96348429c7e5378f9a9cbbb640
GET /wp-content/uploads/2021/01/e0eb110636aab332fab6593947793b1e5a4f62ed-150x150.jpg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Sun, 31 Jan 2021 18:30:07 GMT
etag: W/"6016f72f-1dbe"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 9
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.540791,VS0,VE476
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7612
X-Firefox-Spdy: h2
roanoke.family/wp-content/uploads/bb-plugin/cache/5-layout.js?ver=f6895918ae1f9946b42f470e20892523
200 OK 14 kB URL HTTP/2 roanoke.family/wp-content/uploads/bb-plugin/cache/5-layout.js?ver=f6895918ae1f9946b42f470e20892523
IP
File type Unicode text, UTF-8 text, with very long lines (2443)
Hash 2917d0f99f81657c9726cb134aa54e79
366ffa05f9c4b6dbc2fef3595a41530e9712702a
1b0d4306965853e968ecfb4c6b6ddd02ba560d0abdbdaf57a96cb6597be73938
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/bb-plugin/cache/5-layout.js?ver=f6895918ae1f9946b42f470e20892523 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Sat, 22 Oct 2022 13:29:33 GMT
etag: W/"6353f03d-eb34"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 9
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.583824,VS0,VE359
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 13615
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/bb-plugin/js/jquery.mosaicflow.min.js?ver=2.6.0.3
200 OK 1.9 kB URL HTTP/2 roanoke.family/wp-content/plugins/bb-plugin/js/jquery.mosaicflow.min.js?ver=2.6.0.3
IP
File type ASCII text, with very long lines (5394), with no line terminators
Hash bc691500bb26b19335fdd8db92ae3f15
ff3162c05e152fdd600a9c74078c1a87c47fbcfb
7c1631a1c11a6e85295ce598d7c61e9c21df59cf1379a7697393d6b5496ba0a0
GET /wp-content/plugins/bb-plugin/js/jquery.mosaicflow.min.js?ver=2.6.0.3 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 21 Oct 2022 22:02:51 GMT
etag: W/"6353170b-1512"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 9
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.583297,VS0,VE478
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1898
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/embedpress/assets/js/front.js?ver=3.5.2
200 OK 3.0 kB URL HTTP/2 roanoke.family/wp-content/plugins/embedpress/assets/js/front.js?ver=3.5.2
IP
Hash ddd403174f1ccfcac2ab904c90ab4a6f
fee159a587c42efafb35198e5287a29d21d2945e
99afc4f85fec7361dccf68f15cd3c5450b0c96ded372dfba37565ee07541bd12
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/embedpress/assets/js/front.js?ver=3.5.2 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Sat, 22 Oct 2022 03:09:04 GMT
etag: W/"63535ed0-2540"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 50
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.584208,VS0,VE477
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2966
X-Firefox-Spdy: h2
roanoke.family/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
200 OK 12 kB URL HTTP/2 roanoke.family/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
IP
File type ASCII text, with very long lines (36560)
Hash 451bc5baa70fdfb648138a320fa3c1cd
8c3f9655750cf7334e4d8b2ed2c219fc32a2c40a
ac5a2b0ef9b2443a4aa4aa8584a3d2e17a95c871b69334b5e0c6e220d9bd28ba
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-8f87"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-hits: 51
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.584655,VS0,VE476
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 12055
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/bb-ultimate-addon/assets/js/global-scripts/jquery-masonary.js?ver=6.0.3
200 OK 11 kB URL HTTP/2 roanoke.family/wp-content/plugins/bb-ultimate-addon/assets/js/global-scripts/jquery-masonary.js?ver=6.0.3
IP
File type ASCII text, with very long lines (32014), with CRLF line terminators
Hash 96a8748e86f9172f16490e1312014d82
1910d7b4f460b452ccf063e7fd0e96fba62ee051
21fbc39bc425e559edd6a025a7f6c548d271c7db4161fb75e5f1186fd00d9c36
GET /wp-content/plugins/bb-ultimate-addon/assets/js/global-scripts/jquery-masonary.js?ver=6.0.3 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 21 Oct 2022 22:04:20 GMT
etag: W/"63531764-89fc"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 9
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.583441,VS0,VE478
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 10938
X-Firefox-Spdy: h2
roanoke.family/wp-includes/js/wp-util.min.js?ver=6.0.3
200 OK 718 B URL HTTP/2 roanoke.family/wp-includes/js/wp-util.min.js?ver=6.0.3
IP
File type ASCII text, with very long lines (1305)
Hash 31e7f275636fe6733bafba2b77ce9ec0
9e2f9b8bfc9bf8910f6cc7068ea83ef379c6696f
08685fe4df303f97dd8f256b468000568635d59480e36784a8908a2d18c641e7
GET /wp-includes/js/wp-util.min.js?ver=6.0.3 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-53c"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-hits: 52
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.585748,VS0,VE477
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 718
X-Firefox-Spdy: h2
roanoke.family/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
200 OK 7.4 kB URL HTTP/2 roanoke.family/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 7070cf6c839a09af2a84f926dd2f95e1
2ac5f6312b4cc85f39804d4a61eeb00c2cced58e
ed584ebba9826c2d9fb5078ca275ce47d05b2a9a1f075e7493526fe7fe458c4c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-50eb"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-hits: 50
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.584511,VS0,VE479
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7442
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.6.0.3
200 OK 7.7 kB URL HTTP/2 roanoke.family/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.6.0.3
IP
File type ASCII text, with very long lines (19875), with no line terminators
Hash 66b22edbd74025f18a6925a7f0d21f8f
132886b083e78eb4057bb8c35f5ab72411455f1d
8662072c37ebdfaa846eb41b96158e882e71e1849ffa53014b9a3cd0c1769c95
GET /wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.6.0.3 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 21 Oct 2022 22:02:51 GMT
etag: W/"6353170b-4da3"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 52
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.594797,VS0,VE475
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7740
X-Firefox-Spdy: h2
roanoke.family/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
200 OK 14 kB URL HTTP/2 roanoke.family/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP
File type ASCII text, with very long lines (43771)
Hash 1047dd6779111ec73736abd71a40fef9
e08643922ce9a1a488f2a72c0341807f59f7528e
d85287eacda4e97356cf1b53ec765e34c8913558d6fb485b334debf78c89a3bf
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-15b64"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-hits: 48
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644925.476186,VS0,VE477
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 13906
X-Firefox-Spdy: h2
roanoke.family/wp-includes/js/mediaelement/wp-playlist.min.js?ver=6.0.3
200 OK 1.2 kB URL HTTP/2 roanoke.family/wp-includes/js/mediaelement/wp-playlist.min.js?ver=6.0.3
IP
File type ASCII text, with very long lines (3431), with no line terminators
Hash 5f530107a62cb814591c70780aafddce
257bd8854ffd38028703729a796ab792f9ede0c9
a72c115a859b6cdd6a4755598fb4ed70122e28f9e31f6e851a51dd6c70509b9a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-playlist.min.js?ver=6.0.3 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-d67"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-hits: 52
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.591989,VS0,VE479
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1228
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.6.0.3
200 OK 14 kB URL HTTP/2 roanoke.family/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.6.0.3
IP
File type ASCII text, with very long lines (59119)
Hash 0a194885188e9a881b32f2ec5fc89862
de618328e6cd1b899f8d9fcb87ac1ea0079690f3
acd1a177d91bcea2dc4d71764e5771d12532d24d6211a9d91897cb44776f9c47
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.6.0.3 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 21 Oct 2022 22:02:48 GMT
etag: W/"63531708-e7a9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 48
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644925.477477,VS0,VE476
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 14273
X-Firefox-Spdy: h2
roanoke.family/wp-content/themes/bb-theme/js/bootstrap.min.js?ver=1.7.11
200 OK 12 kB URL HTTP/2 roanoke.family/wp-content/themes/bb-theme/js/bootstrap.min.js?ver=1.7.11
IP
File type ASCII text, with very long lines (39553)
Hash 3ca06003790c90f0694264b3e249811b
baf6f28dfd42dbebd6308a0ff6e4593cb0245c65
d2151ef4b1e1b4c10b1a567e56ff242a6cb1ce3b57383f8d30940db939bfc5a3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/bb-theme/js/bootstrap.min.js?ver=1.7.11 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Sat, 22 Oct 2022 13:24:23 GMT
etag: W/"6353ef07-9b01"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 52
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.594959,VS0,VE476
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 12327
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/woobox/woobox_requiresdk.js?ver=6.0.3
200 OK 409 B URL HTTP/2 roanoke.family/wp-content/plugins/woobox/woobox_requiresdk.js?ver=6.0.3
IP
File type HTML document, ASCII text, with CRLF line terminators
Hash ef58998ef95a7cb2d416a3903660da4d
347513d2a5c8729c59a8a0e0188b3b2ba309ac93
dd8b22d131ef3389e45ba1788ad7ff4cf52f98ae997b808a78ac53e45d909bda
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woobox/woobox_requiresdk.js?ver=6.0.3 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 14:21:51 GMT
etag: W/"62ebd5ff-2b7"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 9
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.595539,VS0,VE478
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 409
X-Firefox-Spdy: h2
roanoke.family/wp-includes/css/dashicons.min.css?ver=6.0.3
200 OK 37 kB URL HTTP/2 roanoke.family/wp-includes/css/dashicons.min.css?ver=6.0.3
IP
File type ASCII text, with very long lines (58981)
Hash 004101af9c3befba2e10d525146a727f
077953fb6eed94ca90e8b301ec23fa9d0308587f
1fcba3a13205f4a577119cfebcb57d9c5519956f8e972c7fb8d9ce4fca557206
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dashicons.min.css?ver=6.0.3 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-e688"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-hits: 49
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644925.490375,VS0,VE477
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 36596
X-Firefox-Spdy: h2
roanoke.family/wp-content/themes/bb-theme/css/bootstrap.min.css?ver=1.7.11
200 OK 23 kB URL HTTP/2 roanoke.family/wp-content/themes/bb-theme/css/bootstrap.min.css?ver=1.7.11
IP
File type ASCII text, with very long lines (65369)
Hash 51845f410fb1b0eeef58da80c2d44470
9183b6ec9fe49b1f2645940687c557c36448c379
5748dff062f32a83685d0ffde90ab383b77f9ca0f17c0234876c866b6b938371
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/bb-theme/css/bootstrap.min.css?ver=1.7.11 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Sat, 22 Oct 2022 13:24:22 GMT
etag: W/"6353ef06-1da44"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 48
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644925.496418,VS0,VE478
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 23191
X-Firefox-Spdy: h2
roanoke.family/wp-content/uploads/2021/01/snowman-150x150.jpg
200 OK 19 kB URL HTTP/2 roanoke.family/wp-content/uploads/2021/01/snowman-150x150.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.2 (Macintosh), datetime=2021:01:30 19:52:51], baseline, precision 8, 150x150, components 3\012- data
Hash f081ff9296558b708b6011cd8fcdc8a6
bca0164a5e0bd17c3295e33b57d1a4e55adf7ba7
2c25d80d44ba7a90c7867ca3255dbf09e3e46040cd04cbf11e04cd89b8a4d557
GET /wp-content/uploads/2021/01/snowman-150x150.jpg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Sun, 31 Jan 2021 18:30:07 GMT
etag: W/"6016f72f-5993"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 9
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.540908,VS0,VE475
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 18762
X-Firefox-Spdy: h2
roanoke.family/wp-content/uploads/2021/08/LittleGreenHive1-225x300.jpg
200 OK 32 kB URL HTTP/2 roanoke.family/wp-content/uploads/2021/08/LittleGreenHive1-225x300.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, manufacturer=Apple, model=iPhone 6s, orientation=upper-left, xresolution=174, yresolution=182, resolutionunit=2, software=14.6, datetime=2021:07:05 16:08:22, hostcomputer=iPhone 6s, GPS-Data], baseline, precision 8, 225x300, components 3\012- data
Hash 63cd3ed9d1d3e82f0b3a342ca5d34b37
b1c50e5a1edb5a12104fdc552baa307679cb5395
88c5c9319f5f18095f63c4dabb23ac90b4a49a806f582a1723eaa1d6ca4cab39
GET /wp-content/uploads/2021/08/LittleGreenHive1-225x300.jpg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Thu, 19 Aug 2021 22:06:54 GMT
etag: W/"611ed5fe-88fe"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 10
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.535998,VS0,VE479
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 32453
X-Firefox-Spdy: h2
roanoke.family/wp-content/uploads/2021/02/disney-150x150.jpg
200 OK 24 kB URL HTTP/2 roanoke.family/wp-content/uploads/2021/02/disney-150x150.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.2 (Macintosh), datetime=2021:02:17 15:23:35], baseline, precision 8, 150x150, components 3\012- data
Hash d733066ac77b6ae5514f94ebbc7d143a
09d1e1ffedd8f08d41cf4bd2bc4e7e00d1aeb7b8
454c6f4b77277b9b67c983996c45b67cedf5849e4850c504b049071d24b5cc98
GET /wp-content/uploads/2021/02/disney-150x150.jpg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 26 Feb 2021 14:45:06 GMT
etag: W/"60390972-6d17"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 9
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.540767,VS0,VE477
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 23992
X-Firefox-Spdy: h2
roanoke.family/wp-content/uploads/2021/10/Screen-Shot-2021-10-27-at-9.27.25-AM-300x219.png
200 OK 161 kB URL HTTP/2 roanoke.family/wp-content/uploads/2021/10/Screen-Shot-2021-10-27-at-9.27.25-AM-300x219.png
IP
File type PNG image data, 300 x 219, 8-bit/color RGBA, non-interlaced\012- data
Size 161 kB (160860 bytes)
Hash 6e64b50850ef9ef082be8b2ef263c892
273d96b84bb3d257faf4cef1c6ac9118f0ae0c82
1dcc88af431ca013ffd750cf43736e389338b9708463f1665b168fa51ac8e971
GET /wp-content/uploads/2021/10/Screen-Shot-2021-10-27-at-9.27.25-AM-300x219.png HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 27 Oct 2021 13:27:19 GMT
etag: W/"617953b7-27418"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 10
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.536522,VS0,VE358
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 160860
X-Firefox-Spdy: h2
roanoke.family/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
200 OK 44 kB URL HTTP/2 roanoke.family/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
IP
File type ASCII text, with very long lines (65266)
Hash 32fe4d57a2e813b3e959e34209158ede
c812df020c7759be5923be493827d859c11c845d
80c68ef081d6e29f7e4aca7f1ef2320da0d45ba3f56a542bb5cb2f6677bb5e9e
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-267aa"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-hits: 52
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.584892,VS0,VE481
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 43772
X-Firefox-Spdy: h2
roanoke.family/wp-content/uploads/2021/10/Screen-Shot-2021-10-27-at-9.43.22-AM-300x195.png
200 OK 98 kB URL HTTP/2 roanoke.family/wp-content/uploads/2021/10/Screen-Shot-2021-10-27-at-9.43.22-AM-300x195.png
IP
File type PNG image data, 300 x 195, 8-bit/color RGBA, non-interlaced\012- data
Hash 56d59b2bd905ad7141f884d2c766dd9e
bee931b89294d9db97cb20f5b2775cc4cba6a8b7
3a4adb44a7529ebf3b8a501409c1cda1565077fd6560a91d5a56daffc7d8263a
GET /wp-content/uploads/2021/10/Screen-Shot-2021-10-27-at-9.43.22-AM-300x195.png HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 27 Oct 2021 13:42:42 GMT
etag: W/"61795752-17f0c"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 10
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.533096,VS0,VE482
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 98108
X-Firefox-Spdy: h2
roanoke.family/wp-content/uploads/2018/05/water-fight-children-water-play-51349.jpeg
200 OK 429 kB URL HTTP/2 roanoke.family/wp-content/uploads/2018/05/water-fight-children-water-play-51349.jpeg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1778x1500, components 3\012- data
Size 429 kB (428778 bytes)
Hash 08999aabd2aa73e095998fcd40ca036e
2b0adeacead3e0675c8930c34b0caaa4bf3ecf09
e6b25f832bb2b309540f27d3f89cda7f0ef020cb9960fa5ce828e2c45a6296f2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2018/05/water-fight-children-water-play-51349.jpeg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 04 Oct 2019 02:13:34 GMT
etag: W/"5d96aace-68c12"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 16
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.581621,VS0,VE358
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 428778
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.imgur.com/min/embed-controller.js
200 OK 2.8 kB URL HTTP/2 s.imgur.com/min/embed-controller.js
IP
File type ASCII text, with very long lines (2809), with no line terminators
Hash 9ed8fe2752ce22d6cdf0488bd3ad0802
25ac19a88d23f2b17b9cee3a5532b92cf64eae87
4d5630e6cb7cdcca363cf81a7eb4a09202835166a613c002a27fac54fa87ba50
GET /min/embed-controller.js HTTP/1.1
Host: s.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 15:54:16 GMT
etag: "9ed8fe2752ce22d6cdf0488bd3ad0802"
content-type: application/javascript
accept-ranges: bytes
date: Mon, 28 Nov 2022 14:15:26 GMT
via: 1.1 varnish
age: 59
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669644927.515359,VS0,VE1
vary: Accept-Encoding
content-length: 2809
X-Firefox-Spdy: h2
roanoke.family/wp-content/uploads/2019/04/Cover-apr-19BG.jpg
200 OK 48 kB URL HTTP/2 roanoke.family/wp-content/uploads/2019/04/Cover-apr-19BG.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x944, components 3\012- data
Hash 3e3256e165ca8a5f925b61b0870333d2
dc2c37450a35ae8e3017f8c17cbd3f554f6e7641
18501c399f6cb552e2efb2feff805769040b198852787e206fb0ac63e8b1a8e5
GET /wp-content/uploads/2019/04/Cover-apr-19BG.jpg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/uploads/bb-plugin/cache/5-layout.css?ver=32f3bcad982bcd37b6987f6b3ae4716f
Connection: keep-alive
Cookie: pys_session_limit=true; pys_start_session=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 04 Oct 2019 02:27:17 GMT
etag: W/"5d96ae05-fa2e"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 9
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.399208,VS0,VE120
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 47859
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roanoke.family
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 376355
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roanoke.family
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 21:14:39 GMT
expires: Tue, 21 Nov 2023 21:14:39 GMT
cache-control: public, max-age=31536000
age: 579647
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/aleo/v11/c4mg1nF8G8_syLbsxDJJnw.woff2
200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/aleo/v11/c4mg1nF8G8_syLbsxDJJnw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 25184, version 1.0\012- data
Hash 2b11d37c52a63b34b94a9f41d7e44569
8ce6d0ac53a5dcd6a8f88f63d145fc6a1f4a47d3
b8d66ac9fd1ff6e3a9e3bd50dec6c269697787363cdc1e42d1fbb470f1f61ad9
GET /s/aleo/v11/c4mg1nF8G8_syLbsxDJJnw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roanoke.family
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 01:42:57 GMT
expires: Wed, 22 Nov 2023 01:42:57 GMT
cache-control: public, max-age=31536000
age: 563549
last-modified: Tue, 19 Apr 2022 18:52:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
roanoke.family/wp-content/plugins/wp-views/vendor/toolset/toolset-common/res/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/2 roanoke.family/wp-content/plugins/wp-views/vendor/toolset/toolset-common/res/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/plugins/wp-views/vendor/toolset/toolset-common/res/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://roanoke.family/wp-content/plugins/wp-views/vendor/toolset/toolset-common/res/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Connection: keep-alive
Cookie: pys_session_limit=true; pys_start_session=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Fri, 04 Oct 2019 02:43:04 GMT
etag: "5d96b1b8-12d68"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hits: 48
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.430733,VS0,VE121
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 77160
X-Firefox-Spdy: h2
roanoke.family/wp-content/uploads/2020/10/firsthomecare-web.jpg
200 OK 21 kB URL HTTP/2 roanoke.family/wp-content/uploads/2020/10/firsthomecare-web.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.2 (Macintosh), datetime=2020:10:09 10:16:45], baseline, precision 8, 300x250, components 3\012- data
Hash b243254a70b594f8f78fef1c8622c540
506306ce0524723c518f9edc33c8388de0cb8bb8
b175461d02c48fae8b0f76a0ab6f79b692913fd32432ceebf2483e3eedc46430
GET /wp-content/uploads/2020/10/firsthomecare-web.jpg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Cookie: pys_session_limit=true; pys_start_session=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 30 Oct 2020 03:49:55 GMT
etag: W/"5f9b8d63-6ecc"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 9
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644927.567142,VS0,VE120
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 20747
X-Firefox-Spdy: h2
roanoke.family/wp-content/uploads/2018/03/RVFMMAG-BANNER-1536x768.jpg
200 OK 44 kB URL HTTP/2 roanoke.family/wp-content/uploads/2018/03/RVFMMAG-BANNER-1536x768.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Macintosh), datetime=2020:01:07 12:38:33], baseline, precision 8, 1536x768, components 3\012- data
Hash f05ae3bbf23502d21f27139b5c740166
78b58b3e4ec7342855efc5b0608210d9a7b66879
26bf36d098a50014468785f77d463d6ebd1b3caf6b0f71a53bf0df3f9f8f753c
GET /wp-content/uploads/2018/03/RVFMMAG-BANNER-1536x768.jpg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Cookie: pys_session_limit=true; pys_start_session=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Tue, 17 Mar 2020 17:39:02 GMT
etag: W/"5e710b36-e5b1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 37
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644927.567517,VS0,VE122
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 43565
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 28 Nov 2022 14:15:26 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3400
Expires: Mon, 28 Nov 2022 15:12:06 GMT
Date: Mon, 28 Nov 2022 14:15:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3400
Expires: Mon, 28 Nov 2022 15:12:06 GMT
Date: Mon, 28 Nov 2022 14:15:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3400
Expires: Mon, 28 Nov 2022 15:12:06 GMT
Date: Mon, 28 Nov 2022 14:15:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3400
Expires: Mon, 28 Nov 2022 15:12:06 GMT
Date: Mon, 28 Nov 2022 14:15:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3400
Expires: Mon, 28 Nov 2022 15:12:06 GMT
Date: Mon, 28 Nov 2022 14:15:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:43 GMT
age: 59023
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1f41832-bc78-4527-a3e7-8099266ecb52.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1f41832-bc78-4527-a3e7-8099266ecb52.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 577b69fd08ad8368ea5a94fe41476c1c
9442f111d329f721ddc55100cd246586d8204048
bdafc5068032dcf5e207cf2685a1b9350dbe8d990ba181520ff47889524532f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1f41832-bc78-4527-a3e7-8099266ecb52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8517
x-amzn-requestid: 12456791-0e7f-45d7-97ae-d663c8fa841d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMozvHHLoAMFVqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb4a-54ed1ec101789247052c9ec8;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:07:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UzzTPZIBjoow9PK-oM9rfGh5HkrivyPDofbTXy-I-9e4_baQnyKVhQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:21:27 GMT
age: 24839
etag: "9442f111d329f721ddc55100cd246586d8204048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:16 GMT
age: 58450
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a1a4e00f1f15827cf651f373863c379
70c2a238f06ca7e56ef80c83738e081bf0de3330
3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEFSeIAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 08:11:39 GMT
age: 21827
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b24e349e9d22fb30fbc80497b512cead
c033d1ecdb9e7640f3df044e39053bed8292fcbc
2d77e3c39c60a3563613b1ba97ec0b1a256f41ad09936ba49b23d8cf22f8a7a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6263
x-amzn-requestid: 5c3da401-eb9e-4904-a7e9-5e74648b8b77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KFfWoAMF99A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-3110d65625e883502a5078a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EpU6HS6f0BpRceJVfwhBhOgKMTMvdMZj4ST9DMATiqfA10pNplyPtQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:04 GMT
age: 59062
etag: "c033d1ecdb9e7640f3df044e39053bed8292fcbc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:26 GMT
age: 58440
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
roanoke.family/wp-content/uploads/2021/07/05.24_RVFM-2-1536x215.png
200 OK 174 kB URL HTTP/2 roanoke.family/wp-content/uploads/2021/07/05.24_RVFM-2-1536x215.png
IP
File type PNG image data, 1536 x 215, 8-bit/color RGBA, non-interlaced\012- data
Size 174 kB (174369 bytes)
Hash d977b73e10a06e1d79cc6f50dd63670a
cc869ff7c0396f738b43d6c3463ccfd9af36a864
3eb17414105f1a31bb65ceb3e7ecb29f9f1cbf6e26d5128ead222a1fa0874b7d
GET /wp-content/uploads/2021/07/05.24_RVFM-2-1536x215.png HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Cookie: pys_session_limit=true; pys_start_session=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Tue, 13 Jul 2021 00:26:26 GMT
etag: W/"60ecddb2-2af8b"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 1
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644927.568461,VS0,VE121
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 174369
X-Firefox-Spdy: h2
roanoke.family/wp-content/uploads/2018/05/northcross.jpg
200 OK 35 kB URL HTTP/2 roanoke.family/wp-content/uploads/2018/05/northcross.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash b00b2ec33575f931911524b7c2ef80ed
25296a39b917dd42eea3c02d5a2ec34107d9b4f6
e80255bbead3117413f1f173ef236e84aa9488068fbe8cd693a2d1831738ae8e
GET /wp-content/uploads/2018/05/northcross.jpg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Cookie: pys_session_limit=true; pys_start_session=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 04 Oct 2019 02:14:18 GMT
etag: W/"5d96aafa-8936"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 10
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644927.573694,VS0,VE120
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 35001
X-Firefox-Spdy: h2
roanoke.family/wp-content/uploads/2022/10/Oct22.jpg
200 OK 213 kB URL HTTP/2 roanoke.family/wp-content/uploads/2022/10/Oct22.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x988, components 3\012- data
Size 213 kB (213264 bytes)
Hash 670b08a0dccbf13833f928ea028b5ea4
39c1bde949681786bba8ea7986aa2bd1d1add082
f45942b27f14b4faa9325f02489e1986c928e31b29dccde614aee77a63eabf34
GET /wp-content/uploads/2022/10/Oct22.jpg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Cookie: pys_session_limit=true; pys_start_session=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Sat, 22 Oct 2022 13:26:46 GMT
etag: W/"6353ef96-34ac3"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 11
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644927.573538,VS0,VE120
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 213264
X-Firefox-Spdy: h2
roanoke.family/wp-content/uploads/2020/08/Roanoke-Kids-Issue-20-min-1.jpg
200 OK 273 kB URL HTTP/2 roanoke.family/wp-content/uploads/2020/08/Roanoke-Kids-Issue-20-min-1.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x1575, components 3\012- data
Size 273 kB (272663 bytes)
Hash d30f5006cc69541c14ce3bd47397b1f9
8c94c46c7f88a81b63e0b6232b4599e9776330ad
ba1e7a462a45eb887c63d236dea700eff5a0b6d9dff1330ac4526ff48acbd39c
GET /wp-content/uploads/2020/08/Roanoke-Kids-Issue-20-min-1.jpg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Cookie: pys_session_limit=true; pys_start_session=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Wed, 26 Aug 2020 20:23:57 GMT
etag: W/"5f46c4dd-457e0"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 8
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:26 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644927.573511,VS0,VE120
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 272663
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=37846
date: Mon, 28 Nov 2022 14:15:27 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 80423577bb8ca66350f796c228ae9152
39a9a538873e91016bec486f0a39a8f5decf276c
b97b4d704efc28d3c9e1839cc5d08b9663f3f56654d42124e0ec19377a1a9084
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4334
Cache-Control: max-age=121910
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:27 GMT
Etag: "6383eac7-1d7"
Expires: Wed, 30 Nov 2022 00:07:17 GMT
Last-Modified: Sun, 27 Nov 2022 22:55:03 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 80423577bb8ca66350f796c228ae9152
39a9a538873e91016bec486f0a39a8f5decf276c
b97b4d704efc28d3c9e1839cc5d08b9663f3f56654d42124e0ec19377a1a9084
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6434
Cache-Control: max-age=124010
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:27 GMT
Etag: "6383eac7-1d7"
Expires: Wed, 30 Nov 2022 00:42:17 GMT
Last-Modified: Sun, 27 Nov 2022 22:55:03 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
platform.twitter.com/widgets.js
200 OK 29 kB URL HTTP/2 platform.twitter.com/widgets.js
IP
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 2df2f01e0c50f93a363cd2121f336b8e
f2c4d94859575123d0b1056f0338982eb094c60f
2cf6d15fc44a8c4387114a5a20174ae75515d43840cde361e64bf1a75e676585
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 19:43:37 GMT
cache-control: public, max-age=1800
content-type: application/javascript; charset=utf-8
etag: "6633f9603c759c40d9b200995454f17c+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Mon, 28 Nov 2022 14:15:27 GMT
x-served-by: cache-iad-kcgs7200106-IAD, cache-bma1670-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 29221
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 80423577bb8ca66350f796c228ae9152
39a9a538873e91016bec486f0a39a8f5decf276c
b97b4d704efc28d3c9e1839cc5d08b9663f3f56654d42124e0ec19377a1a9084
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4334
Cache-Control: max-age=121910
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:27 GMT
Etag: "6383eac7-1d7"
Expires: Wed, 30 Nov 2022 00:07:17 GMT
Last-Modified: Sun, 27 Nov 2022 22:55:03 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP
File type ASCII text, with very long lines (1957)
Hash fb159bf00e3070987d28259c1f8dfad6
20e7517b8b7d122f9e64a41423da40d4b197969e
7dcc90cf7a95b54a0af96b7678b1296a6c3c6d985fba7890aba7b44929b69dc7
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 38b73dd86e24ecbab000244229623f52
etag: "7f11dc81a57d9c28ddffe54ba7740572"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 28 Nov 2022 14:24:07 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: +xWb8A4wcJh9KCWcH4361g==
x-fb-debug: gjKg4tEZ4A/v3cRtktuxIBA+xkIMM3TKYIkkPl5SRvOT3EjmTCkucKG93ixVsCUvT40WXii/OAuk5rWxMdjNcg==
content-length: 1687
x-fb-trip-id: 1904183273
date: Mon, 28 Nov 2022 14:15:27 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 28 Nov 2022 12:41:08 GMT
expires: Mon, 28 Nov 2022 14:41:08 GMT
cache-control: public, max-age=7200
age: 5659
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 0RlFZ6rzCCeOWI5OItq/+ZJtWnpj7PVVCrdEC0v1ABAT4WmYORucQDt1hTzbMJAR4z+tkAEpXwkoPQPPCyM00g==
content-length: 27340
x-fb-trip-id: 1904183273
date: Mon, 28 Nov 2022 14:15:27 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
roanoke.family/favicon.ico
404 Not Found 106 B URL HTTP/2 roanoke.family/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 41e26d195447e282a13a3219d61c130c
4eb09944c10ac39f6adeebb6be44c8a1d732bc79
f9ed0f2922c4344a8b293d792c2d81fa68e568256170dbed363adb679d1e7783
GET /favicon.ico HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Cookie: pys_session_limit=true; pys_start_session=true; __atuvc=1%7C48; __atuvs=6384c27e33e77188000; _gcl_au=1.1.580872163.1669644926; pys_first_visit=true; pysTrafficSource=direct; pys_landing_page=https://roanoke.family/; last_pysTrafficSource=direct; last_pys_landing_page=https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-hits: 1
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 28 Nov 2022 14:15:27 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644927.165179,VS0,VE121
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 106
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/994247477/?random=1669644926310&cv=11&fst=1669644926310&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Froanoke.family%2F&tiba=Roanoke%20Valley%20Family%20%E2%80%93%20Southwest%20%26%20Central%20Virginia%27s%20Premier%20Family%20Resource&did=dZTNiMT&gdid=dZTNiMT&auid=580872163.1669644926&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 923 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/994247477/?random=1669644926310&cv=11&fst=1669644926310&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Froanoke.family%2F&tiba=Roanoke%20Valley%20Family%20%E2%80%93%20Southwest%20%26%20Central%20Virginia%27s%20Premier%20Family%20Resource&did=dZTNiMT&gdid=dZTNiMT&auid=580872163.1669644926&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2017), with no line terminators
Hash d1ff0668844579fa82d5140a16ddd232
065dfb036441ddb0bf980fffce77f48fec0f66ee
c1e586b96c373c7554d66cc2b1a78a46a5ab6f606b497aada6eabe2d5706745e
GET /pagead/viewthroughconversion/994247477/?random=1669644926310&cv=11&fst=1669644926310&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Froanoke.family%2F&tiba=Roanoke%20Valley%20Family%20%E2%80%93%20Southwest%20%26%20Central%20Virginia%27s%20Premier%20Family%20Resource&did=dZTNiMT&gdid=dZTNiMT&auid=580872163.1669644926&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 14:15:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 923
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 28-Nov-2022 14:30:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 80423577bb8ca66350f796c228ae9152
39a9a538873e91016bec486f0a39a8f5decf276c
b97b4d704efc28d3c9e1839cc5d08b9663f3f56654d42124e0ec19377a1a9084
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6434
Cache-Control: max-age=124010
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:27 GMT
Etag: "6383eac7-1d7"
Expires: Wed, 30 Nov 2022 00:42:17 GMT
Last-Modified: Sun, 27 Nov 2022 22:55:03 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
m.addthis.com/live/red_lojson/300lo.json?si=6384c27ee196b8d9&bkl=0&bl=1&pdt=1300&sid=6384c27ee196b8d9&pub=ra-5ab2a9ca6abacc1e&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=roanoke.family&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1669644926135&jsl=1&uvs=6384c27e33e77188000&skipb=1&callback=addthis.cbs.jsonp__25110061682990850
200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=6384c27ee196b8d9&bkl=0&bl=1&pdt=1300&sid=6384c27ee196b8d9&pub=ra-5ab2a9ca6abacc1e&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=roanoke.family&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1669644926135&jsl=1&uvs=6384c27e33e77188000&skipb=1&callback=addthis.cbs.jsonp__25110061682990850
IP
File type ASCII text, with no line terminators
Hash 315996237f1835f7765ba5c3f37242d4
3277dd506c43e64fea6a179e2d3b0dd21b24d75d
ee63f0c6678086692d13b7c743dc3cf6e0c47a1be5299b9a3283547ace274aac
GET /live/red_lojson/300lo.json?si=6384c27ee196b8d9&bkl=0&bl=1&pdt=1300&sid=6384c27ee196b8d9&pub=ra-5ab2a9ca6abacc1e&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=roanoke.family&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1669644926135&jsl=1&uvs=6384c27e33e77188000&skipb=1&callback=addthis.cbs.jsonp__25110061682990850 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Mon, 28 Nov 2022 14:15:27 GMT
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9936903133555250
200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9936903133555250
IP
File type ASCII text, with very long lines (4885)
Hash 5c17801a1512e54c381e946ad18a7670
6e47c4e8789080ac576eae6367c3323c35782aa6
0fcb125299903a26c4ec6b616eb9551c5ab89699997c24aaff5cf54efb7c8a9b
GET /pagead/js/adsbygoogle.js?client=ca-pub-9936903133555250 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://roanoke.family
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Nov 2022 14:15:27 GMT
expires: Mon, 28 Nov 2022 14:15:27 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 12424335335194932539
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 48997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
File type ASCII text, with very long lines (4885)
Hash 163afbcbde1a7cce3ae6f7ba84a103ba
55822e9e776306bf2693ed69d877f5584a7d7cb9
cd9fef3976ddd062ed503eebfbad2af0bf6245983e69573c60854e9aeb92cc72
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Nov 2022 14:15:27 GMT
expires: Mon, 28 Nov 2022 14:15:27 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 5030223594875485658
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49136
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
p.cityspark.com/api/widgets/widgetinfo?wid=9926&callback=jsonp1669645403254
200 OK 5.7 kB URL HTTP/1.1 p.cityspark.com/api/widgets/widgetinfo?wid=9926&callback=jsonp1669645403254
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (29082), with no line terminators
Hash 8d92eccb7446795dd4212babbefcba70
4b2ecf405f5f989916ae7b7df06a461a3fe91288
12f7ff37a88ef22a55bf7a4a003d62263bc7cc922009c06081de99e635b98c36
GET /api/widgets/widgetinfo?wid=9926&callback=jsonp1669645403254 HTTP/1.1
Host: p.cityspark.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Mon, 28 Nov 2022 14:15:26 GMT
Server: Microsoft-IIS/10.0
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: ASP.NET
v1.addthisedge.com/live/boost/ra-5ab2a9ca6abacc1e/_ate.track.config_resp
200 OK 531 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-5ab2a9ca6abacc1e/_ate.track.config_resp
IP
File type ASCII text, with very long lines (1525), with no line terminators
Hash 36f6716e2b0641714850ed61788adeb2
a369be4eb533893a7507dc1ab50f30201fae663a
9e19739d37e7896c98238291b591dc9bb3da0f36bce9b2fc4a2a1d2084576faa
GET /live/boost/ra-5ab2a9ca6abacc1e/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 531
etag: 410828527--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=60, s-maxage=86400
date: Mon, 28 Nov 2022 14:15:27 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/sdk.js?hash=c749cd4774820537a1ab3e66d255e01a
200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=c749cd4774820537a1ab3e66d255e01a
IP
File type ASCII text, with very long lines (13192)
Hash 4b15884b463a3449efb0456d2568708d
428fed5291ab48745ddb30dcd59ab2303e53e9b4
9d6b290555cbbb3d4041bbc7f215c8bb30b21745089373b6e0f486d0b43cbd3f
GET /en_US/sdk.js?hash=c749cd4774820537a1ab3e66d255e01a HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://roanoke.family
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: c5259359e04c61f036315685764fa10e
etag: "2dc9603c691e36dcf6e29d00cabd6c14"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 28 Nov 2023 11:19:23 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: SxWIS0Y6NEnvsEVtJWhwjQ==
x-fb-debug: RIbYtK1dS1RDvj21sEaQQ6Il5r4h+yITsiK7Uc3oJWcyOyZJeoWhEfAdjqbZh6idev7UrC6p5fbk39bQ6Hv3XA==
priority: u=3,i
content-length: 86899
x-fb-trip-id: 1904183273
date: Mon, 28 Nov 2022 14:15:27 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 879cba431d8b6f2717a750acd5ca7156
1d4eb23583d48dd6801a104aa20046b34acd0efe
31223aada310e8d8e3fa41e22ee23019a07b362b3b062ccdc10600c22071bd78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 03ad9fc0b00b5df3165dc2fb1e3b0a3e
f8243335a8bc24d989bddd346048a055e1d0bdeb
366b28d491f7fd632e31c1ce97f939555f7dcee14bb6875737ed2d3e96fa32ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/994247477/?random=1669644926310&cv=11&fst=1669644000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Froanoke.family%2F&tiba=Roanoke%20Valley%20Family%20%E2%80%93%20Southwest%20%26%20Central%20Virginia%27s%20Premier%20Family%20Resource&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2129051509&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/994247477/?random=1669644926310&cv=11&fst=1669644000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Froanoke.family%2F&tiba=Roanoke%20Valley%20Family%20%E2%80%93%20Southwest%20%26%20Central%20Virginia%27s%20Premier%20Family%20Resource&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2129051509&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/994247477/?random=1669644926310&cv=11&fst=1669644000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Froanoke.family%2F&tiba=Roanoke%20Valley%20Family%20%E2%80%93%20Southwest%20%26%20Central%20Virginia%27s%20Premier%20Family%20Resource&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2129051509&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 14:15:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/994247477/?random=1669644926310&cv=11&fst=1669644000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Froanoke.family%2F&tiba=Roanoke%20Valley%20Family%20%E2%80%93%20Southwest%20%26%20Central%20Virginia%27s%20Premier%20Family%20Resource&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2129051509&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/994247477/?random=1669644926310&cv=11&fst=1669644000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Froanoke.family%2F&tiba=Roanoke%20Valley%20Family%20%E2%80%93%20Southwest%20%26%20Central%20Virginia%27s%20Premier%20Family%20Resource&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2129051509&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/994247477/?random=1669644926310&cv=11&fst=1669644000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Froanoke.family%2F&tiba=Roanoke%20Valley%20Family%20%E2%80%93%20Southwest%20%26%20Central%20Virginia%27s%20Premier%20Family%20Resource&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2129051509&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 14:15:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Mon, 28 Nov 2022 14:15:27 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
cdn.jsdelivr.net/g/jquery@3.1.0(jquery.slim.min.js),velocity@1.2.3(velocity.min.js+velocity.ui.min.js)
200 OK 38 kB URL HTTP/2 cdn.jsdelivr.net/g/jquery@3.1.0(jquery.slim.min.js),velocity@1.2.3(velocity.min.js+velocity.ui.min.js)
IP
File type ASCII text, with very long lines (32053)
Hash 643fb6a40caf588ccfee9c677bd9faab
5119949e4458927eaf0983b4f40e7d2beffe10f8
02e1be2ef5fc31e7df921ff3a924c022c246f7d72208411f7a26eea3b44bd4a4
GET /g/jquery@3.1.0(jquery.slim.min.js),velocity@1.2.3(velocity.min.js+velocity.ui.min.js) HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"1ca18-fw6ZPglKViimyicfOtWQPF7WA8s"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 28 Nov 2022 14:15:27 GMT
age: 2965589
x-served-by: cache-fra-eddf8230130-FRA, cache-bma1643-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 38019
X-Firefox-Spdy: h2
s.pinimg.com/ct/lib/main.9a94ee76.js
200 OK 21 kB URL HTTP/2 s.pinimg.com/ct/lib/main.9a94ee76.js
IP
File type Unicode text, UTF-8 text, with very long lines (59858), with no line terminators
Hash e43867aadc515024dd460d8611098a12
c4fd1b2ace2f8a96a38e4b4996be8d7c46fdfd3f
76d528cb411bf6ff7fd77619aa507bec3bdf7f02063add1d9fe9009088f78d98
GET /ct/lib/main.9a94ee76.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "e43867aadc515024dd460d8611098a12"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 20728
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 86 kB IP
File type gzip compressed data, from Unix\012- data
Hash 548d58f927c90537d4dd54756ec3371e
801e5489c8931dd5b8315f42db18a097debf868f
81e0576e82d58751f5d070f2870a61dc16c2377f28212e82143d718cc6b2d4b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
Hash 3079eb96de1f9a1d2e6fd1c7364f23ca
7e65c1b6cbf8d8bede2c6e5f211d94a538774c89
97a0b7ec69959f2ab2b01cff457367770a4030599deba7d21fe422d17c8199cb
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 14:15:27 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "47A04A9B41E8FD13168BD75A9F5EA8D312679F22"
Expires: Tue, 29 Nov 2022 02:00:00 GMT
Last-Modified: Mon, 28 Nov 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 434
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7713b73d2dc40b59-OSL
csp.azureedge.net/cdn/js/rad.js
200 OK 1.9 kB URL HTTP/2 csp.azureedge.net/cdn/js/rad.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (428), with CRLF line terminators
Hash fd9246e206484a854f77da5adc6a63a8
22c684c0b596f17ff89b19706f8e6ca0a2c3f9ec
9dfeb75d57162b33dedb18bf17935ebc01c5efb17af52ff84e1d0a8cf704a740
GET /cdn/js/rad.js HTTP/1.1
Host: csp.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "1d8a39c948e3aea"
last-modified: Fri, 29 Jul 2022 22:43:11 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
content-length: 1892
date: Mon, 28 Nov 2022 14:15:27 GMT
X-Firefox-Spdy: h2
csp.azureedge.net/cdn/js/jquery.fireSlider.min.js
200 OK 4.4 kB URL HTTP/2 csp.azureedge.net/cdn/js/jquery.fireSlider.min.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13428), with CRLF line terminators
Hash ad6beece809bd22c248b6dfee9a86699
d3985fa78f341874281c6f4eb9a690db61ae565b
77d9f3bc65b3f08743124f56c39fbe14aa0f91017acdfdad6bb0d613e0a47b87
GET /cdn/js/jquery.fireSlider.min.js HTTP/1.1
Host: csp.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 4442
content-type: application/javascript
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "1d8a39c948e1d53"
last-modified: Fri, 29 Jul 2022 22:43:11 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
date: Mon, 28 Nov 2022 14:15:27 GMT
X-Firefox-Spdy: h2
csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
200 OK 1.7 kB URL HTTP/2 csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (4033), with no line terminators
Hash ccd0324b126b0d222502be4f8c2f60b2
dbb3d183ff4d934b20ca13fb712dbcc168ff1f04
18b3f104e11a9b3a0474a94bbb268c8b40968068e7d0ef5a8fb2cc734a6a53ec
GET /cdn/widget/WidgetTemplate2.min.css?v=2 HTTP/1.1
Host: csp.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 1712
content-type: text/css
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "1d8a39c948e2641"
last-modified: Fri, 29 Jul 2022 22:43:11 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
date: Mon, 28 Nov 2022 14:15:27 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 8560c8978b5df3ffb0c739a02eb02809
1d58e4af1ab7ba382e294ffca6d51990482a6e5c
1da7a37c7026d5bd7be4ca342e9d0376a7abbaf742031962b3b79ebd4c2c3a73
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 661
Cache-Control: max-age=140520
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:27 GMT
Etag: "638441d2-139"
Expires: Wed, 30 Nov 2022 05:17:27 GMT
Last-Modified: Mon, 28 Nov 2022 05:06:26 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
www.facebook.com/tr/?id=1433006283425073&ev=PageView&dl=https%3A%2F%2Froanoke.family%2F&rl=&if=false&ts=1669644927086&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669644927085.976521303&it=1669644926730&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1433006283425073&ev=PageView&dl=https%3A%2F%2Froanoke.family%2F&rl=&if=false&ts=1669644927086&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669644927085.976521303&it=1669644926730&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1433006283425073&ev=PageView&dl=https%3A%2F%2Froanoke.family%2F&rl=&if=false&ts=1669644927086&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669644927085.976521303&it=1669644926730&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 28 Nov 2022 14:15:27 GMT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roanoke.family
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 415298
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
syndication.twitter.com/settings?session_id=a844ed6e0f5d8523f20cf4c1200fba13d0999b3f
200 OK 374 B URL HTTP/2 syndication.twitter.com/settings?session_id=a844ed6e0f5d8523f20cf4c1200fba13d0999b3f
IP
File type JSON data\012- , ASCII text, with very long lines (913), with no line terminators
Hash 925c2a7587f39436ea29513221652474
695b7f2f3d99f407bcdfd0b372db0e28193cc60c
62e36e14e5c219119cb51c3cdf43a2005512a1bd6ebf2d68d0c610a2e6e3ef0f
GET /settings?session_id=a844ed6e0f5d8523f20cf4c1200fba13d0999b3f HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 14:15:27 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Mon, 28 Nov 2022 14:15:27 GMT
content-length: 374
content-encoding: gzip
x-transaction-id: 5000185bc9c6133b
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 105
x-connection-hash: e122da36d35e32fcc25570c2196b5edb473ff15a23eca4295a82affa57787c79
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=261477440836&pd=%7B%22np%22%3A%22pixelyoursite%22%7D&cb=1669644927090&dep=2%2CPAGE_LOAD
200 OK 377 B URL HTTP/2 ct.pinterest.com/user/?tid=261477440836&pd=%7B%22np%22%3A%22pixelyoursite%22%7D&cb=1669644927090&dep=2%2CPAGE_LOAD
IP
File type JSON data\012- , ASCII text, with very long lines (539), with no line terminators
Hash f6314a3333f750a090b7d16565b63b62
b071e68a3c67319a26ff36cd8a2758cc69e72377
341b6a8e9fc8f0cd98feb8442e1c01f066cf2b220749842c5be46d65786c3085
GET /user/?tid=261477440836&pd=%7B%22np%22%3A%22pixelyoursite%22%7D&cb=1669644927090&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://roanoke.family
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU9XRmlaV0U0TnpNdE1ETmtOaTAwTW1Nd0xXRTVOREF0WTJRd01UaGxNakprTVRnMw
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://roanoke.family
content-type: application/json; charset=utf-8
content-encoding: gzip
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 3234087072247411
date: Mon, 28 Nov 2022 14:15:27 GMT
x-cdn: fastly
content-length: 377
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=261477440836&pd=%7B%22np%22%3A%22pixelyoursite%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Froanoke.family%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669644927091
400 Bad Request 0 B URL HTTP/2 ct.pinterest.com/v3/?tid=261477440836&pd=%7B%22np%22%3A%22pixelyoursite%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Froanoke.family%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669644927091
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/?tid=261477440836&pd=%7B%22np%22%3A%22pixelyoursite%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Froanoke.family%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669644927091 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 1028023263301449
date: Mon, 28 Nov 2022 14:15:27 GMT
x-cdn: fastly
content-length: 0
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Hash 3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roanoke.family
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:51:51 GMT
expires: Thu, 23 Nov 2023 18:51:51 GMT
cache-control: public, max-age=31536000
age: 415416
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a857eec26a095f97806facc4251f4048
21bcf238687fd5f4fbefaf9704786f7c498f305e
b44b50b7e234fd05080699152a9bc0055a703a93ec2642ecb6b1f717effe7933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Hash d7b0b953a50fddaa88089b5b787cf719
2f85bc568b27659a3d6452f58f9fd7678450326d
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roanoke.family
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 22:17:43 GMT
expires: Wed, 22 Nov 2023 22:17:43 GMT
cache-control: public, max-age=31536000
age: 489464
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
csp.azureedge.net/cdn/widget/fonts/icomoon.woff?-35bf
200 OK 2.0 kB URL HTTP/2 csp.azureedge.net/cdn/widget/fonts/icomoon.woff?-35bf
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format, TrueType, length 2012, version 0.0\012- data
Hash 048622ad5b090dece3de399c32ec24da
111550df68ea99c5458b15d0a7085436fa6e5fae
ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27
GET /cdn/widget/fonts/icomoon.woff?-35bf HTTP/1.1
Host: csp.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roanoke.family
Connection: keep-alive
Referer: https://csp.azureedge.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 2012
content-type: application/font-woff
server: Microsoft-IIS/10.0
accept-ranges: bytes
access-control-allow-origin: *
etag: "1d8a39c948e2e5c"
last-modified: Fri, 29 Jul 2022 22:43:11 GMT
x-powered-by: ASP.NET
date: Mon, 28 Nov 2022 14:15:27 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=roanoke.family
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=roanoke.family
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=roanoke.family HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 14:15:27 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=roanoke.family&callback=_gfp_s_&client=ca-pub-9936903133555250&gpid_exp=1
200 OK 925 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=roanoke.family&callback=_gfp_s_&client=ca-pub-9936903133555250&gpid_exp=1
IP
File type ASCII text, with very long lines (395)
Hash 00fa71fb61c994c2cc28e873ac541d01
7fb25ce715005652514db01e4793969e854b3184
98f85d7eae8dc81681cbfafae0a96ca9d2ec8435b952450fb6ceffc8b825cedf
GET /gampad/cookie.js?domain=roanoke.family&callback=_gfp_s_&client=ca-pub-9936903133555250&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 14:15:27 GMT
server: cafe
cache-control: private
content-length: 255
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=roanoke.family
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=roanoke.family
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=roanoke.family HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 14:15:27 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a857eec26a095f97806facc4251f4048
21bcf238687fd5f4fbefaf9704786f7c498f305e
b44b50b7e234fd05080699152a9bc0055a703a93ec2642ecb6b1f717effe7933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 11b6b91126d74e2499068a555fd36c7e
67f2cc439bfa8f3d5c1e7bfd885186d7512d59ef
e0a0e355fc504f2e47a2fe27010a9788cf56c96512a1ebf69690884788423cd4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6597
Cache-Control: max-age=106878
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:27 GMT
Etag: "6383a738-1d7"
Expires: Tue, 29 Nov 2022 19:56:45 GMT
Last-Modified: Sun, 27 Nov 2022 18:06:48 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
pixel.quantserve.com/pixel/p-uq0GLFySb_d1T.gif
200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel/p-uq0GLFySb_d1T.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel/p-uq0GLFySb_d1T.gif HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 14:15:27 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=6384c27f-e1b93-59283-98d4e; expires=Fri, 29-Dec-2023 14:15:27 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
ct.pinterest.com/ct.html
200 OK 323 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 7554667317550230
date: Mon, 28 Nov 2022 14:15:28 GMT
x-cdn: fastly
content-length: 323
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash afdcfc5f3bd741d114596300d607f4cc
e82ea5829078ad9268cdf9c576c780b1c40c3696
1c80e7d28c6303b65a17bfa822163c5af3d6d5c480ee9f2e404b23119520eeb5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 14:15:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Mon, 28 Nov 2022 14:15:28 GMT
expires: Mon, 28 Nov 2022 14:15:28 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 05:45:03 GMT
expires: Tue, 28 Nov 2023 05:45:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 30625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a2bb7d-e57c-4751-a56f-0802ae9eaee6.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a2bb7d-e57c-4751-a56f-0802ae9eaee6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e615cdc2e330b5cf76435abce9aa631a
71f737c3cee7766494157cd6491ce247a785c09e
853f68bf79a553b9fbf0e10391424faf0a3c071370d05d369563f7824d1bda84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a2bb7d-e57c-4751-a56f-0802ae9eaee6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9063
x-amzn-requestid: f00ac8bd-6466-4c92-9b99-0e71b4b2345c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8Jr4ENtoAMFzvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2318-0e3a57932987e29521388dd7;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:04:56 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ntfumip5IjOlyoe6ASlwJ1PjPLN1yZHkK_iiDDKfmMCyI__PrrGVMA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 82893cc36087a50f9a150a621d10e740.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 11:55:54 GMT
age: 8379
etag: "71f737c3cee7766494157cd6491ce247a785c09e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A600%2C300%2C400%2C700%7COswald%3A300%2C200%2Cnormal%2C600%7CAleo%3A700&ver=6.0.3
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A600%2C300%2C400%2C700%7COswald%3A300%2C200%2Cnormal%2C600%7CAleo%3A700&ver=6.0.3
IP
GET /css?family=Open+Sans%3A600%2C300%2C400%2C700%7COswald%3A300%2C200%2Cnormal%2C600%7CAleo%3A700&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 14:15:25 GMT
date: Mon, 28 Nov 2022 14:15:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Froanoke.family
200 OK 0 B URL HTTP/2 platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Froanoke.family
IP
GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Froanoke.family HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 19:36:59 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Mon, 28 Nov 2022 14:15:27 GMT
x-served-by: cache-iad-kiad7000167-IAD, cache-bma1670-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 105445
X-Firefox-Spdy: h2
roanoke.family/wp-content/plugins/pixelyoursite-pinterest/dist/scripts/public.js?ver=4.1.0
200 OK 0 B URL HTTP/2 roanoke.family/wp-content/plugins/pixelyoursite-pinterest/dist/scripts/public.js?ver=4.1.0
IP
GET /wp-content/plugins/pixelyoursite-pinterest/dist/scripts/public.js?ver=4.1.0 HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 13:59:19 GMT
etag: W/"62ebd0b7-2ab2"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 52
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Mon, 28 Nov 2022 14:15:25 GMT
x-served-by: cache-bma1636-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1669644926.515011,VS0,VE478
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2325
X-Firefox-Spdy: h2
151.101.130.159
23.38.200.123
151.101.84.193
91.228.74.244
104.17.25.14