r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7754
Expires: Tue, 21 Mar 2023 09:40:33 GMT
Date: Tue, 21 Mar 2023 07:31:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 00e304a3fc0c2f01af0e94fcefe0ca40
833969e75e5e13e823c8d97ee59a9821eb157ee3
c2b7f7ae4861f2dd16867de54c7e47d95582de77887f523841d9683a369d20a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2B7F7AE4861F2DD16867DE54C7E47D95582DE77887F523841D9683A369D20A7"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14275
Expires: Tue, 21 Mar 2023 11:29:14 GMT
Date: Tue, 21 Mar 2023 07:31:19 GMT
Connection: keep-alive
www.midwayestates.com/wp-content/plugins/add-to-any/tim/adobe/login.html
173.230.139.99301 Moved Permanently 185 B URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/add-to-any/tim/adobe/login.html
IP 173.230.139.99:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 55ddfe7044cf0f3a257edb0ddeb20fb5
8998d4bf7cf3fcda93986d8451ac35410a840cd8
3e11dd6b24715dd0503dcf35302d987848f748ec38c686b8a11e575a12b6b254
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/add-to-any/tim/adobe/login.html HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:19 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://www.midwayestates.com/wp-content/plugins/add-to-any/tim/adobe/login.html
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4e6141892ec4705c6a0134f3157b969d
4169fdea42b0fa9cb565e14b8e8fdb293575c78e
905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9062
Expires: Tue, 21 Mar 2023 10:02:21 GMT
Date: Tue, 21 Mar 2023 07:31:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Mar 2023 07:14:57 GMT
content-type: application/json
age: 982
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RZTyStxHg4NH4BKQkCe6gRmb5O5219WIsQGmZhUiySG1Bck3ZQSie6LeeXzBoyKyyr+t9twAZVg=
x-amz-request-id: 8QG2JTXM4DC8YE55
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 21 Mar 2023 06:53:05 GMT
age: 2294
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 07:31:19 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Mar 2023 07:17:22 GMT
age: 837
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f3008e894f13d63bad3a07c7b2686133
b1ba8e270c474af449510455b317db05876ede8e
564d2fecbab29c33148dec6837602390df7cdff1fa6423ee8c7364d56d0d7e56
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "564D2FECBAB29C33148DEC6837602390DF7CDFF1FA6423EE8C7364D56D0D7E56"
Last-Modified: Mon, 20 Mar 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21541
Expires: Tue, 21 Mar 2023 13:30:20 GMT
Date: Tue, 21 Mar 2023 07:31:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4c195a3fc0c2abb831630cef1dcfa770
eda338de3063640556177b9db364c33193d7f6dc
c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7743
Expires: Tue, 21 Mar 2023 09:40:23 GMT
Date: Tue, 21 Mar 2023 07:31:20 GMT
Connection: keep-alive
www.midwayestates.com/wp-content/plugins/add-to-any/tim/adobe/login.html
173.230.139.99301 Moved Permanently 0 B URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/add-to-any/tim/adobe/login.html
IP 173.230.139.99:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/add-to-any/tim/adobe/login.html HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: https://www.midwayestates.com/
push.services.mozilla.com/
35.164.183.14101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.183.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TZJDW293taIvdPXoFusMJw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: x0YaQbyKoIVoBWXMLSuLtyGDdR8=
www.midwayestates.com/
173.230.139.99200 OK 44 kB IP 173.230.139.99:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (25581)
Hash cc2c15d3991e2c9d67a755f27337db76
4b5ac80bf1e2c9c4beb22c267daf5d5683f72f33
2cd1155f4e4a8367e846b3e02047e7de4c32afe3e2e85cf22576cd941f3e9487
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <https://www.midwayestates.com/wp-json/>; rel="https://api.w.org/", <https://www.midwayestates.com/wp-json/wp/v2/pages/23>; rel="alternate"; type="application/json", <https://www.midwayestates.com/>; rel=shortlink
Cache-Control: no-cache
Last-Modified: Tue, 21 Mar 2023 02:31:21 GMT
WPO-Cache-Status: saving to cache
Content-Encoding: gzip
Vary: Accept-Encoding
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7878
Expires: Tue, 21 Mar 2023 09:42:39 GMT
Date: Tue, 21 Mar 2023 07:31:21 GMT
Connection: keep-alive
www.midwayestates.com/wp-content/et-cache/1/65/23/et-divi-dynamic-23.css?ver=1679091361
173.230.139.99200 OK 24 kB URL HTTP/1.1 www.midwayestates.com/wp-content/et-cache/1/65/23/et-divi-dynamic-23.css?ver=1679091361
IP 173.230.139.99:0
File type ASCII text, with very long lines (9922)
Hash 854b75e8609cb7dbe583960a97ccbefd
9a337d4705c00499abf39bd93a7d4d1536f9f829
92b58d2acc9a496189c23b48e1bde7e98b1cf83bd3d0224ed762bcb77147ce25
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/et-cache/1/65/23/et-divi-dynamic-23.css?ver=1679091361 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:21 GMT
Content-Type: text/css
Content-Length: 23823
Last-Modified: Fri, 17 Mar 2023 22:16:01 GMT
Connection: keep-alive
ETag: "6414e6a1-5d0f"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:31:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7878
Expires: Tue, 21 Mar 2023 09:42:39 GMT
Date: Tue, 21 Mar 2023 07:31:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c30d472-b18d-4143-87bb-ee8773cd5f78.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c30d472-b18d-4143-87bb-ee8773cd5f78.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83b411d866428669d03b1976161389e7
7ea69307d21876d48217e4845204c7cc84db101e
461a26b9fcda639f3935a9355cbe12f49a17e4eb754281fa9468317ec40eccce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c30d472-b18d-4143-87bb-ee8773cd5f78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9160
x-amzn-requestid: 8f8a7d81-ac5e-4992-a0cf-95b3c9791bc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CEW3qFRnIAMFZBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641804fd-64acec7844b88457144b35ce;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 07:02:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: DukK8fFtnkEZTkcz6-n6ZU1lnhBsXSZa27_76Hvwgh8hQ-eYewoB9g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 12:50:23 GMT
age: 67258
etag: "7ea69307d21876d48217e4845204c7cc84db101e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7878
Expires: Tue, 21 Mar 2023 09:42:39 GMT
Date: Tue, 21 Mar 2023 07:31:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f73dbc0fc3d196647ddc1e30450989d4
75d0a1414a5d350ba426dc37333a6ea131f66753
2a6954b3ccf01567c0c0c2911dd8b02c1cd264fc78178cef2eef6a6796c16c3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10855
x-amzn-requestid: bb845712-834d-49b1-97f0-f3750f132741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CEZD0GCHIAMFq6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418087e-4361bbd40ec5f0d10dabdf85;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 07:17:18 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: d81ObS_T4QBMAr1KU_lJ1hJC4FMqpJNCreDNuU481S4RZo3aQxMkaQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 6bdc2963c9ed59b475ec36c35e5932a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 07:20:22 GMT
age: 659
etag: "75d0a1414a5d350ba426dc37333a6ea131f66753"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0a9c92d-c90f-4b6f-9e1b-2627c3abfa38.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0a9c92d-c90f-4b6f-9e1b-2627c3abfa38.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0e2bcb0494bb5b0434a6b8c5276de8ff
33642ec68ca683dae156e15ee7449f8fecbfcd80
6921a091b2b19492a76cf3723b72c6966cb85751cabebbe2056a167994425414
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0a9c92d-c90f-4b6f-9e1b-2627c3abfa38.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8599
x-amzn-requestid: f213c7c9-3dd9-4d20-8c46-742c3650dcfe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGXKZFD6oAMFdBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d242-592c030e6760816b2d4f01f9;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: BOHK8DbdtREptv5xcR1VW-Hz0vV6tKyocLZHftBr6doO64Jkd7mUig==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:52:00 GMT
age: 34761
etag: "33642ec68ca683dae156e15ee7449f8fecbfcd80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0e5cb0b321323913460ba1efd6b7b63
701eb0eb86c6673bbb6e85cf933bea53187b6048
150d0e93b808b222fcb4b58f0f4a78a403517b84461cb3029fc71c30930bb11b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4712
x-amzn-requestid: 3c0b3a28-a1a9-4ba0-94ad-29156c2d83c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9yGEE8SIAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641563c0-1937b8bc1e42142720eddd7b;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:09:52 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: AiPPel5fJZ56l-XoDAdJnwrcvrSU1bIO6365983POkVVXhlCnSK7Yg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5292c0d5844327feadb38f1efe42ebc6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 13:26:29 GMT
age: 65092
etag: "701eb0eb86c6673bbb6e85cf933bea53187b6048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7878
Expires: Tue, 21 Mar 2023 09:42:39 GMT
Date: Tue, 21 Mar 2023 07:31:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faacc3f97-56a5-4bb4-802f-dc4b529c41d3.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faacc3f97-56a5-4bb4-802f-dc4b529c41d3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59df3b8c484422b14b057fddfd99beb3
d7347bcac5fc585b802d9be262c9536d0f72a498
c05014345e897447f7bdcc3b7d267137bbf76758e8fecfbabcb20d09889769f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faacc3f97-56a5-4bb4-802f-dc4b529c41d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6632
x-amzn-requestid: e51ff988-1417-4d22-8540-82914428fdcd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBFaIHZ8IAMF3lQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b5da-744c064c55ad8d3401855d0f;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:12:26 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: FsFKERMeCkoD4DFnD-sjKYiRB8izHSQszlkxg7L7jaBgGy4ASvpkkQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 12:37:46 GMT
age: 68015
etag: "d7347bcac5fc585b802d9be262c9536d0f72a498"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a940b362660fdee25faaa51e08c439b
85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c
18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFESEDGoAMFQ8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hZeMhs-Z5fNn0pvRUSkNcGau_K6EG9EQtDktbLUth0uEveafUgCxeQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:07:00 GMT
age: 33861
etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-ZD78G3NY4Q
142.250.74.168200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-ZD78G3NY4Q
IP 142.250.74.168:0
File type ASCII text, with very long lines (19390)
Hash 654f16785a7b5a4a3e691d284d608d17
335388c032c36e39edfa784d73fb83d6e6f714ad
75b660e14be5795ae85f3fb5a2c7a1de93e07e0d34e3b2e961bfaca0facce2aa
GET /gtag/js?id=G-ZD78G3NY4Q HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 21 Mar 2023 07:31:21 GMT
expires: Tue, 21 Mar 2023 07:31:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78033
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.midwayestates.com/wp-content/plugins/flip-cards-module-divi/styles/style.min.css?ver=0.9.4
173.230.139.99200 OK 2.5 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/flip-cards-module-divi/styles/style.min.css?ver=0.9.4
IP 173.230.139.99:0
File type ASCII text, with very long lines (2491), with no line terminators
Hash 5cbdf141b5cd20aeba67e6bab5db78f7
7605f6d767054f68c9d2e381ac4ebcdb0984ca89
13161620ac821e80048f8b8c4ebb6aeffdf87950d1b93317998ecf1a77bef0d9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/flip-cards-module-divi/styles/style.min.css?ver=0.9.4 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:21 GMT
Content-Type: text/css
Content-Length: 2491
Last-Modified: Mon, 20 Jun 2022 19:27:48 GMT
Connection: keep-alive
ETag: "62b0ca34-9bb"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/et-cache/1/65/23/et-core-unified-deferred-23.min.css?ver=1679091362
173.230.139.99200 OK 11 kB URL HTTP/1.1 www.midwayestates.com/wp-content/et-cache/1/65/23/et-core-unified-deferred-23.min.css?ver=1679091362
IP 173.230.139.99:0
File type ASCII text, with very long lines (11065), with no line terminators
Hash 5b544e6b6442d750287f702899979e10
d72d3504237429cf3d7442752a219cdf94902fe1
c160ec91044f1fba06535bc56efe50724297a042baab5d9da15dbfc6be252974
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/et-cache/1/65/23/et-core-unified-deferred-23.min.css?ver=1679091362 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:21 GMT
Content-Type: text/css
Content-Length: 11065
Last-Modified: Fri, 17 Mar 2023 22:16:02 GMT
Connection: keep-alive
ETag: "6414e6a2-2b39"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/ddpro/css/ddp-admin-vb.css?ver=6.1.1
173.230.139.99200 OK 6.1 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/css/ddp-admin-vb.css?ver=6.1.1
IP 173.230.139.99:0
Hash 63ab3205f5081b0bc7d0d638834dc81a
02836f109bdfbb87c0cb0d618dd4a01668a1e473
db5e6c166b947c456fe7fc5b18bef25c796fdb34f861a016da44e15aaea350ef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ddpro/css/ddp-admin-vb.css?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:21 GMT
Content-Type: text/css
Content-Length: 6082
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-17c2"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/google-language-translator/css/toolbar.css?ver=6.0.19
173.230.139.99200 OK 5.7 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/google-language-translator/css/toolbar.css?ver=6.0.19
IP 173.230.139.99:0
File type ASCII text, with very long lines (681)
Hash 00e7963b92387d2483ebe810f453d32e
bdcde0805e6a1dbc1513e1365486ad7ead26de38
306a340d77c015bebd34348e2df7636595f40e1fc50273d1a4cba9321d5e82ce
GET /wp-content/plugins/google-language-translator/css/toolbar.css?ver=6.0.19 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:21 GMT
Content-Type: text/css
Content-Length: 5732
Last-Modified: Fri, 17 Mar 2023 02:07:23 GMT
Connection: keep-alive
ETag: "6413cb5b-1664"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
173.230.139.99200 OK 374 B URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
IP 173.230.139.99:0
Hash 73d29ecb3ae4eb2b78712fab3a46d32d
05ea352ab14ccf04386a4c7d112ad4fec944d551
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:21 GMT
Content-Type: text/css
Content-Length: 374
Last-Modified: Tue, 25 May 2021 12:37:26 GMT
Connection: keep-alive
ETag: "60acef86-176"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/themes/divi-child/style.css?ver=4.20.2
173.230.139.99200 OK 7.3 kB URL HTTP/1.1 www.midwayestates.com/wp-content/themes/divi-child/style.css?ver=4.20.2
IP 173.230.139.99:0
File type ASCII text, with very long lines (348)
Hash d8b144bc97d7284ed9bd05d97d5de695
7583daf8558d4ddf399428065e51afea9aab713d
9b4d91cafdad00d2e7cb1457bcb0ce72256b9ec94c3fb0cf153733702055e166
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/divi-child/style.css?ver=4.20.2 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:21 GMT
Content-Type: text/css
Content-Length: 7309
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-1c8d"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/ddpro/js/clipboard.min.js?ver=6.1.1
173.230.139.99200 OK 11 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/js/clipboard.min.js?ver=6.1.1
IP 173.230.139.99:0
File type Unicode text, UTF-8 text, with very long lines (10809)
Hash 3e5e0fa949e0e7c5ed5fed7b4cc0ee00
a9e688f0c2654629d12630db3211a94f75a22cb6
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ddpro/js/clipboard.min.js?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:21 GMT
Content-Type: application/javascript
Content-Length: 10917
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-2aa5"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/wp-google-map-plugin/assets/css/frontend.css?ver=6.1.1
173.230.139.99200 OK 56 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/wp-google-map-plugin/assets/css/frontend.css?ver=6.1.1
IP 173.230.139.99:0
File type ASCII text, with very long lines (359), with CRLF line terminators
Hash b735a3282c0f25c8c75bc17bdb493cac
76a1812b734980f28cb5ed332e2ef032c438214e
da90d4c2844bfbd3be4b338db0624c1b150e122eac6c66629b143a3ae41bf21f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-google-map-plugin/assets/css/frontend.css?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:21 GMT
Content-Type: text/css
Content-Length: 55630
Last-Modified: Fri, 17 Mar 2023 02:07:38 GMT
Connection: keep-alive
ETag: "6413cb6a-d94e"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/ddpro/include/fancybox/jquery.fancybox.css?ver=6.1.1
173.230.139.99200 OK 4.3 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/include/fancybox/jquery.fancybox.css?ver=6.1.1
IP 173.230.139.99:0
Hash 7a079312c5fb8bdacd88c250f11975bd
995b2777c2dd173bd4d0af2f1e4ed87cfcfe53e5
c80469fea8961fcdf7e7a38f8ac6844c995f6924f94bb9f23dd2f28a1bcff436
GET /wp-content/plugins/ddpro/include/fancybox/jquery.fancybox.css?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: text/css
Content-Length: 4289
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-10c1"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/ddpro/include/falkor/css/falkor-footers.css?ver=6.1.1
173.230.139.99200 OK 22 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/include/falkor/css/falkor-footers.css?ver=6.1.1
IP 173.230.139.99:0
Hash b39421d273f2aff2198ded2604f84e2b
572f2e1c2ff5b7e7308fb50e45f8e479f174a67e
916b3f99cb21a3f006465bc4867cb1d68c5b35f0be91f0b91369df62bde86a01
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ddpro/include/falkor/css/falkor-footers.css?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: text/css
Content-Length: 22391
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-5777"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/ddpro/js/jquery.alphanum.js?ver=6.1.1
173.230.139.99200 OK 25 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/js/jquery.alphanum.js?ver=6.1.1
IP 173.230.139.99:0
File type Unicode text, UTF-8 text, with very long lines (2787)
Hash a2ba72de94b612635064251b23b6a3e7
4cbd372d3f564c63f6709f146b9cabad1f14976e
d389b5907cf6ba29eb5903f73e1833c62eab82e9917f36ff612560860d0c5bca
GET /wp-content/plugins/ddpro/js/jquery.alphanum.js?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:21 GMT
Content-Type: application/javascript
Content-Length: 25030
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-61c6"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/ddpro/include/falkor/css/falkor-headers.css?ver=6.1.1
173.230.139.99200 OK 16 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/include/falkor/css/falkor-headers.css?ver=6.1.1
IP 173.230.139.99:0
Hash 224752e2e0b82de03cf1c40c10047674
0d2e29e3b4949821776c5966b99326fc5c015d5e
23564ffd832f790c26dfa4b6404d7c8ce28d759c4848c6dec32709bd62bf01c8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ddpro/include/falkor/css/falkor-headers.css?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: text/css
Content-Length: 15809
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-3dc1"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bfa45bb31acdcad04104ab759ca396b0
f8290df5a249f0dd192fec38584618205b2d4bc7
97b4f123c07d8ccbbb7f6757f55e2b2b055ea296a29f52a729efdc996e9c8592
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.midwayestates.com/wp-content/plugins/ddpro/include/falkor/css/falkor-home-pages.css?ver=6.1.1
173.230.139.99200 OK 16 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/include/falkor/css/falkor-home-pages.css?ver=6.1.1
IP 173.230.139.99:0
Hash 414b539a1561b7cfb47dbc458efc348f
3103331c43b8ce93eba08ee1a75c0c2e2a31424b
a6d5474d6390195d9361c2097a91d537f1af32d833cb91ea93f9b92e5ea8ab70
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ddpro/include/falkor/css/falkor-home-pages.css?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: text/css
Content-Length: 15891
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-3e13"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.19
173.230.139.99200 OK 129 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.19
IP 173.230.139.99:0
Size 129 kB (128983 bytes)
Hash f3bd90ed9190418715605b8aaa05debd
5ef128434040cdc17b99048da8c56287894ed542
e2fb63ea3b3d832a17e88ce1bdc0ec080117e17f1c9331697c822015e501cb13
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-language-translator/css/style.css?ver=6.0.19 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:21 GMT
Content-Type: text/css
Content-Length: 128983
Last-Modified: Fri, 17 Mar 2023 02:07:23 GMT
Connection: keep-alive
ETag: "6413cb5b-1f7d7"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/ddpro/js/ddp-admin.js?ver=6.1.1
173.230.139.99200 OK 55 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/js/ddp-admin.js?ver=6.1.1
IP 173.230.139.99:0
Hash 0bf559bd8a770ce17ba8a0cf7dd98dfb
ffbcfce4bbc19da7e346f06c5be5f3aada684749
7bfe672b871500dbad604521e4780f42eed3481f17ccc5f0041237672265a12b
GET /wp-content/plugins/ddpro/js/ddp-admin.js?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:21 GMT
Content-Type: application/javascript
Content-Length: 54714
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-d5ba"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/ddpro/include/mermaid/css/mermaid_16_buttons_with_hover_effects_kit.css?ver=6.1.1
173.230.139.99200 OK 14 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/include/mermaid/css/mermaid_16_buttons_with_hover_effects_kit.css?ver=6.1.1
IP 173.230.139.99:0
Hash 632c62cdf434204db4a478256aa0627b
9c14bbf25020748b4a7a81b9321fbf0b4e92330b
f3d17fb9ed844e30dd5415069938461b6b87938bca7923a5fcb834dfcceaf43c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ddpro/include/mermaid/css/mermaid_16_buttons_with_hover_effects_kit.css?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: text/css
Content-Length: 14432
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-3860"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/ddpro/include/pegasus/css/pegasus-testimonials.css?ver=6.1.1
173.230.139.99200 OK 10 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/include/pegasus/css/pegasus-testimonials.css?ver=6.1.1
IP 173.230.139.99:0
Hash 1499ccf5d0c5fad7477be7b83e3a2bf1
0b7cfb3742d56f1ff489e24b9206c0893dd1b8cf
f808c7c36064a0a663c6f0b04fcd87b7fd80015b2388fabc132c0c94f281856b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ddpro/include/pegasus/css/pegasus-testimonials.css?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: text/css
Content-Length: 10165
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-27b5"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bfa45bb31acdcad04104ab759ca396b0
f8290df5a249f0dd192fec38584618205b2d4bc7
97b4f123c07d8ccbbb7f6757f55e2b2b055ea296a29f52a729efdc996e9c8592
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.midwayestates.com/wp-content/plugins/ddpro/include/unicorn/css/footer-unicorn-divi-layout-kit.css?ver=6.1.1
173.230.139.99200 OK 29 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/include/unicorn/css/footer-unicorn-divi-layout-kit.css?ver=6.1.1
IP 173.230.139.99:0
Hash c2cb3814cb1a5867b171e1684b8dd01c
72fd5f9a2db0bded5e48458773f5867bb2246129
c07dcc0ecf13929307a47101367396713a93db52e18242e15f3ed654a56e4385
GET /wp-content/plugins/ddpro/include/unicorn/css/footer-unicorn-divi-layout-kit.css?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: text/css
Content-Length: 28794
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-707a"
Accept-Ranges: bytes
maps.google.com/maps/api/js?key=AIzaSyDQ2Sl9AZ_WiB_Cy6B-Ad2XFenll1YifQE&callback=initwpmaps&libraries=geometry%2Cplaces%2Cdrawing&language=en&ver=6.1.1
142.250.74.46200 OK 60 kB URL HTTP/2 maps.google.com/maps/api/js?key=AIzaSyDQ2Sl9AZ_WiB_Cy6B-Ad2XFenll1YifQE&callback=initwpmaps&libraries=geometry%2Cplaces%2Cdrawing&language=en&ver=6.1.1
IP 142.250.74.46:0
File type ASCII text, with very long lines (2386)
Hash e9b6097e689b3dadada3aa514e52d185
1bb7e1ae45c2940971f09062d81a1328b879b1cf
d5571534c691609e420f3d908133d00b4b6733b6f6d45bfc733a0c8260432f03
GET /maps/api/js?key=AIzaSyDQ2Sl9AZ_WiB_Cy6B-Ad2XFenll1YifQE&callback=initwpmaps&libraries=geometry%2Cplaces%2Cdrawing&language=en&ver=6.1.1 HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Tue, 21 Mar 2023 07:31:22 GMT
expires: Tue, 21 Mar 2023 08:01:22 GMT
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 60135
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bfa45bb31acdcad04104ab759ca396b0
f8290df5a249f0dd192fec38584618205b2d4bc7
97b4f123c07d8ccbbb7f6757f55e2b2b055ea296a29f52a729efdc996e9c8592
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.midwayestates.com/wp-content/plugins/ddpro/include/demo/css/demo-vet.css?ver=6.1.1
173.230.139.99200 OK 3.7 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/include/demo/css/demo-vet.css?ver=6.1.1
IP 173.230.139.99:0
Hash 910c8aae4e1e3bb13d8aeab263471c9a
93673df03cd657e0c573b0e77999a4f9f7a26c25
feb2744e55c3126242aa4967e288bfc8be6e623d02c144b2a7aa6fe063a4d815
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ddpro/include/demo/css/demo-vet.css?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: text/css
Content-Length: 3658
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-e4a"
Accept-Ranges: bytes
www.midwayestates.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
173.230.139.99200 OK 90 kB URL HTTP/1.1 www.midwayestates.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 173.230.139.99:0
File type ASCII text, with very long lines (65447)
Hash 17738318d61d394f1de8890d589afaec
f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 89684
Last-Modified: Wed, 09 Nov 2022 02:22:59 GMT
Connection: keep-alive
ETag: "636b0f03-15e54"
Accept-Ranges: bytes
www.midwayestates.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
173.230.139.99200 OK 11 kB URL HTTP/1.1 www.midwayestates.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 173.230.139.99:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 11224
Last-Modified: Thu, 10 Dec 2020 21:24:15 GMT
Connection: keep-alive
ETag: "5fd291ff-2bd8"
Accept-Ranges: bytes
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash c699487f87a37bdcfa12c48018209cad
97dee89c7595d53bf018d8dbd76e03184a75ce36
fa8ed3de38560f11fe106e2642ba7172a7fe58674fd4fd6d634e37eedc95b83f
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114500
Date: Tue, 21 Mar 2023 07:31:22 GMT
Etag: "64187247-1d7"
Expires: Wed, 22 Mar 2023 15:19:42 GMT
Last-Modified: Mon, 20 Mar 2023 14:48:39 GMT
Server: ECAcc (bsa/EB26)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bpkTu4jnWJuWxOFkhTV0aQWBIB0OMFvPIW9ksrDq5k1Lt0oXHRFs-g==
Age: 1863
www.midwayestates.com/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.19
173.230.139.99200 OK 13 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.19
IP 173.230.139.99:0
Hash 6c164c98630b8c5bb4070a49fd89715f
736ab67033f061ce8aabed4fb6f106319d957046
e621665022bb960e60fcbed829f30a54d28484a7e2d8e46f7e5025a06608b5bf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.19 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 13397
Last-Modified: Fri, 17 Mar 2023 02:07:23 GMT
Connection: keep-alive
ETag: "6413cb5b-3455"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/themes/Divi/js/smoothscroll.js?ver=4.20.2
173.230.139.99200 OK 5.7 kB URL HTTP/1.1 www.midwayestates.com/wp-content/themes/Divi/js/smoothscroll.js?ver=4.20.2
IP 173.230.139.99:0
File type ASCII text, with very long lines (5644)
Hash b6a40b8c22e5dd0e51404ac7aa45710a
823e4b015387a2714f826a7f386a0f6698c4b6e2
75079f39fe739015589a0f995f41b4c1c29d4ebac85c93a792926af09f61cc83
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/js/smoothscroll.js?ver=4.20.2 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 5714
Last-Modified: Fri, 17 Mar 2023 02:08:20 GMT
Connection: keep-alive
ETag: "6413cb94-1652"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk_RkWV4ewA.woff2
142.250.74.35200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk_RkWV4ewA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 23824, version 1.0\012- data
Hash fcef341c4ae5121211bdb7df59b0aabf
0192297f0f31cd96f07ada9b2f588c7f7b98652d
89d2be98b22fbfe90c0c7be3a6fb9c7ecd5e5431227b4c142294562c12e6e855
GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk_RkWV4ewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.midwayestates.com
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Mar 2023 11:27:20 GMT
expires: Sat, 16 Mar 2024 11:27:20 GMT
cache-control: public, max-age=31536000
age: 331442
last-modified: Mon, 15 Aug 2022 18:13:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
142.250.74.35200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 22212, version 1.0\012- data
Hash e62adebf67147c481b9c00011e2c5d48
3af42ef356fa413fd162c56a7b11b8d34a61cefb
17ec0c20d179cf39cbbb164c18165e8a35e9678d5602c8c4f6826ff457b0685e
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.midwayestates.com
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22212
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 15:14:10 GMT
expires: Thu, 14 Mar 2024 15:14:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:15:01 GMT
content-type: font/woff2
age: 490632
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
142.250.74.35200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 21516, version 1.0\012- data
Hash 90135ea44811b2d9610c33e07068fdb0
84ef1a8343877a598f1c7cbae56f35ded54a1787
bd067b886f4a67dd25c08fe73777bce7f506beb4c09d17d9f036f8a90901efd2
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.midwayestates.com
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 17:10:59 GMT
expires: Thu, 14 Mar 2024 17:10:59 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:12:10 GMT
content-type: font/woff2
age: 483623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4uaVI.woff2
142.250.74.35200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4uaVI.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 22184, version 1.0\012- data
Hash 07d5630b58fb712db61c97ab899575e6
9a672f5e3beaf3a1a520fda615619b35b58489d0
16ab9f3c9956105f5389295d50a5eec19d917b82fa2f4d2b284463c53b32f5a0
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.midwayestates.com
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 17:11:00 GMT
expires: Thu, 14 Mar 2024 17:11:00 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:15:03 GMT
content-type: font/woff2
age: 483622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
142.250.74.35200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 22084, version 1.0\012- data
Hash bab4daa6bec06781aa7262eca0be0ed4
b896fcea50433114a0433c9c8117677a875f1116
ee901a5f44fcc6ea6ab97fb2751ce51af915d16dd99995a29a5905d2ce4b0831
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.midwayestates.com
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22084
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Mar 2023 02:36:11 GMT
expires: Wed, 20 Mar 2024 02:36:11 GMT
cache-control: public, max-age=31536000
age: 17711
last-modified: Mon, 15 Aug 2022 18:14:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFQ.woff2
142.250.74.35200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 10736, version 1.0\012- data
Hash 1914bb2cffe458fd423d47e66c583875
e1d2d8054950b5b5b66662c7325a6c441f8cb38a
131db8ab0af3c8f3d79c4bc290f3ad6d86d06a3b1b2be51299c6207717fcb6ad
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.midwayestates.com
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10736
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 13:03:24 GMT
expires: Fri, 15 Mar 2024 13:03:24 GMT
cache-control: public, max-age=31536000
age: 412078
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1JlFQ.woff2
142.250.74.35200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1JlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 10952, version 1.0\012- data
Hash 9a1d9132dbb2f04bec656ff1ad91bb9c
4a7e206a60ec27a610c02439538446a91a45d48b
55a511dc9d7eee7c667d558d109678fd98be366d3b70f19fa097ffb19647425c
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1JlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.midwayestates.com
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Mar 2023 02:08:58 GMT
expires: Sat, 16 Mar 2024 02:08:58 GMT
cache-control: public, max-age=31536000
age: 364944
last-modified: Wed, 27 Apr 2022 16:59:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFQ.woff2
142.250.74.35200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 10636, version 1.0\012- data
Hash 7a2c461f7cc8871fe7a741eb10e18e8b
b0faf95d217f102320175e4900aa3250dafe4674
47f3eaee9be967b079c84b584bdc161bb26a49a6f081f60813e1b3dc83ecf4f3
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.midwayestates.com
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10636
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Mar 2023 02:09:14 GMT
expires: Sat, 16 Mar 2024 02:09:14 GMT
cache-control: public, max-age=31536000
age: 364928
last-modified: Wed, 27 Apr 2022 16:10:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.midwayestates.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.20.2
173.230.139.99200 OK 3.3 kB URL HTTP/1.1 www.midwayestates.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.20.2
IP 173.230.139.99:0
File type HTML document, ASCII text
Hash fa07f10043b891dacdb82f26fd2b42bc
9c1dc49e9747758e033c0e9a7d016401bd78602c
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.20.2 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 3349
Last-Modified: Fri, 17 Mar 2023 02:08:20 GMT
Connection: keep-alive
ETag: "6413cb94-d15"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.20.2
173.230.139.99200 OK 8.0 kB URL HTTP/1.1 www.midwayestates.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.20.2
IP 173.230.139.99:0
File type ASCII text, with very long lines (7584)
Hash 984977dc184f8059f2a679b324893e4c
d60a246ba584ba892a87bcf446e71d26adbcb91a
55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.20.2 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 7960
Last-Modified: Fri, 17 Mar 2023 02:08:20 GMT
Connection: keep-alive
ETag: "6413cb94-1f18"
Accept-Ranges: bytes
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjxAwXg.woff2
142.250.74.35200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjxAwXg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 25284, version 1.0\012- data
Hash 26f5a0992b68bb38801b08a348288591
4dc2e90e40d35482883aea5fa535cfa4e15fd392
386a206aade080bb0045005cfdbb660430ed46d652039eef6bc299d54d7c43ed
GET /s/lato/v23/S6uyw4BMUTPHjxAwXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.midwayestates.com
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25284
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 17:36:32 GMT
expires: Fri, 15 Mar 2024 17:36:32 GMT
cache-control: public, max-age=31536000
age: 395690
last-modified: Tue, 26 Apr 2022 15:46:28 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.midwayestates.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.20.2
173.230.139.99200 OK 23 kB URL HTTP/1.1 www.midwayestates.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.20.2
IP 173.230.139.99:0
File type ASCII text, with very long lines (21184)
Hash b709961dd29d261ee0ce8fb17101874a
9a286eaaa964091528b256c81bb446c7072b7e19
0a47c6e6f24e634cb79f886e70bbfd65e1e85b0d2aa4fc133488fd1bc1910e3e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.20.2 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 22786
Last-Modified: Fri, 17 Mar 2023 02:08:20 GMT
Connection: keep-alive
ETag: "6413cb94-5902"
Accept-Ranges: bytes
form.123formbuilder.com/embed/5977341.js
54.161.248.17200 OK 8.6 kB URL HTTP/2 form.123formbuilder.com/embed/5977341.js
IP 54.161.248.17:0
File type ASCII text, with very long lines (12866), with CRLF line terminators
Hash 4061b85e45b225703ede27e4ee863164
333f57143e2733b7fe0791ea73573c61c6a1500b
aae7550610eaefbbdcb3f5e261789ac277679596cbe90ffadb02e3b699131100
GET /embed/5977341.js HTTP/1.1
Host: form.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 07:31:22 GMT
content-type: text/javascript
content-length: 8635
expires: Wed, 22 Mar 2023 02:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.midwayestates.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.20.2
173.230.139.99200 OK 8.6 kB URL HTTP/1.1 www.midwayestates.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.20.2
IP 173.230.139.99:0
File type ASCII text, with very long lines (6322)
Hash bf7fe805ab945e4b2c4d56da59476811
307135fd2987f477c7bd50fcd0cc28a1cff1f568
b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.20.2 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 8574
Last-Modified: Fri, 17 Mar 2023 02:08:20 GMT
Connection: keep-alive
ETag: "6413cb94-217e"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/flip-cards-module-divi/scripts/frontend-bundle.min.js?ver=0.9.4
173.230.139.99200 OK 3.5 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/flip-cards-module-divi/scripts/frontend-bundle.min.js?ver=0.9.4
IP 173.230.139.99:0
File type ASCII text, with very long lines (3456), with no line terminators
Hash 7fa297a5a177870fe30bcba7ce9d83a6
b063bc48868373d01238afec95e5276aec095269
c16e3a4badea6055f48c4a2b23b6178623fb31989cba0fe38325ad742aecf935
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/flip-cards-module-divi/scripts/frontend-bundle.min.js?ver=0.9.4 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 3456
Last-Modified: Mon, 20 Jun 2022 19:27:48 GMT
Connection: keep-alive
ETag: "62b0ca34-d80"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/wp-google-map-plugin/assets/js/vendor/webfont/webfont.js?ver=6.1.1
173.230.139.99200 OK 13 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/wp-google-map-plugin/assets/js/vendor/webfont/webfont.js?ver=6.1.1
IP 173.230.139.99:0
File type ASCII text, with very long lines (2134)
Hash 7c96a5f11d9741541d5e3c42ff6380d7
d3fa2564c021cf730e58ffddb138cf6b57ed126e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-google-map-plugin/assets/js/vendor/webfont/webfont.js?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 13188
Last-Modified: Fri, 17 Mar 2023 02:07:38 GMT
Connection: keep-alive
ETag: "6413cb6a-3384"
Accept-Ranges: bytes
valencia.newbymgmt.com/wp-content/uploads/sites/65/2019/04/logo-eho.png
173.230.139.99200 OK 3.1 kB URL HTTP/1.1 valencia.newbymgmt.com/wp-content/uploads/sites/65/2019/04/logo-eho.png
IP 173.230.139.99:0
File type PNG image data, 75 x 80, 8-bit colormap, non-interlaced\012- data
Hash 71bf5c4b41a3f359f9c371919cc0a860
56bad99a46ee5e313e1b5727310dfa189e873bfb
a9feaed87f00af175ea153e9cb98d59884edddba590836f88ccd652c39f17e27
GET /wp-content/uploads/sites/65/2019/04/logo-eho.png HTTP/1.1
Host: valencia.newbymgmt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: image/png
Content-Length: 3089
Last-Modified: Thu, 23 Apr 2020 13:36:42 GMT
Connection: keep-alive
ETag: "5ea199ea-c11"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/wp-google-map-plugin/assets/js/vendor/jscrollpane/jscrollpane.js?ver=6.1.1
173.230.139.99200 OK 25 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/wp-google-map-plugin/assets/js/vendor/jscrollpane/jscrollpane.js?ver=6.1.1
IP 173.230.139.99:0
File type ASCII text, with very long lines (844)
Hash e2bfaad28d7678e8a1f114e31080e4e9
d42d3f7cea26f118eef0150a2b79c2f9189d52d8
8f4bd64f5d70475462e218f3ac0a85e5a9c4a69b219ae43c0e01874eaee7ee7f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-google-map-plugin/assets/js/vendor/jscrollpane/jscrollpane.js?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 25235
Last-Modified: Fri, 17 Mar 2023 02:07:38 GMT
Connection: keep-alive
ETag: "6413cb6a-6293"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/wp-google-map-plugin/assets/js/vendor/accordion/accordion.js?ver=6.1.1
173.230.139.99200 OK 8.2 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/wp-google-map-plugin/assets/js/vendor/accordion/accordion.js?ver=6.1.1
IP 173.230.139.99:0
Hash 139aa2b35b06691a01ff87aeca8757ca
fb671897e3a3f27743ae922e30a38d6b172da6fe
7a81205c9257567895a5b1e7a4af42df493d8c5d877bb8b5a75ba3a00fc3d378
GET /wp-content/plugins/wp-google-map-plugin/assets/js/vendor/accordion/accordion.js?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 8180
Last-Modified: Fri, 17 Mar 2023 02:07:38 GMT
Connection: keep-alive
ETag: "6413cb6a-1ff4"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/wp-google-map-plugin/assets/js/maps.js?ver=6.1.1
173.230.139.99200 OK 65 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/wp-google-map-plugin/assets/js/maps.js?ver=6.1.1
IP 173.230.139.99:0
Hash d7f5a526d01be731e5b2b1729aa9d475
0e269fc6b44f3c3710d2d2463b824d366bf659c8
a3b440239f174eadf1830b038540130b5b5a4c2bab58e643d83ce1d4f3d76199
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-google-map-plugin/assets/js/maps.js?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 64805
Last-Modified: Fri, 17 Mar 2023 02:07:38 GMT
Connection: keep-alive
ETag: "6413cb6a-fd25"
Accept-Ranges: bytes
www.midwayestates.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
173.230.139.99200 OK 5.6 kB URL HTTP/1.1 www.midwayestates.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 173.230.139.99:0
File type ASCII text, with very long lines (5477)
Hash 3a56752b736635bf69cb069b8818cbfd
42e0951fe74bb3f56a30f51291823bcd4a84d76e
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 5629
Last-Modified: Tue, 25 Aug 2020 17:27:41 GMT
Connection: keep-alive
ETag: "5f454a0d-15fd"
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 74dd1be33140b4acd21d4109a2fd8442
d25a96d88046908a4e5e714585cd0d7d842e5270
12d626c936694d09085c92d4e3cd6b4eefdc5709b477bf45f0caa293107d549d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 18 Mar 2023 03:41:24 GMT
Expires: Sat, 25 Mar 2023 03:41:23 GMT
Etag: "d25a96d88046908a4e5e714585cd0d7d842e5270"
Cache-Control: max-age=331200,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ab47eb29c74b518-OSL
www.midwayestates.com/wp-includes/js/masonry.min.js?ver=4.2.2
173.230.139.99200 OK 24 kB URL HTTP/1.1 www.midwayestates.com/wp-includes/js/masonry.min.js?ver=4.2.2
IP 173.230.139.99:0
File type ASCII text, with very long lines (23966)
Hash 3b3fc826e58fc554108e4a651c9c7848
76778fd446e2ff2377588a7b4ac4d79f258427c9
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 24138
Last-Modified: Tue, 25 Aug 2020 17:27:41 GMT
Connection: keep-alive
ETag: "5f454a0d-5e4a"
Accept-Ranges: bytes
www.midwayestates.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
173.230.139.99200 OK 1.8 kB URL HTTP/1.1 www.midwayestates.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
IP 173.230.139.99:0
File type ASCII text, with very long lines (1626)
Hash cd0eb3406096ff80266e7c9d7d419186
0e3709691bf96233766de30e2fd473b84166c5b6
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
GET /wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 1819
Last-Modified: Thu, 27 Sep 2018 01:56:30 GMT
Connection: keep-alive
ETag: "5bac38ce-71b"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.20.2
173.230.139.99200 OK 274 kB URL HTTP/1.1 www.midwayestates.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.20.2
IP 173.230.139.99:0
File type ASCII text, with very long lines (65467)
Size 274 kB (274266 bytes)
Hash 8e84adf3d9e5509fa623deaf84bd03e1
a9c6471179438788f477737ab4e60848e17a7a8b
97490bd354a26885acf09c0ba5b4c3c76d12bb55193f13456d3aa2ded6eda6fd
GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.20.2 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 274266
Last-Modified: Fri, 17 Mar 2023 02:08:20 GMT
Connection: keep-alive
ETag: "6413cb94-42f5a"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/wp-google-map-plugin/assets/js/frontend.js?ver=6.1.1
173.230.139.99200 OK 14 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/wp-google-map-plugin/assets/js/frontend.js?ver=6.1.1
IP 173.230.139.99:0
Hash 157d9ef7708a02687d5efd3e29946091
1b52340aa0dd6e6eb5ab38ae208df5c073605238
108cc2e5fa6bc2b9484438d002a658b592804308b9e23c082a6215d3bb847b5e
GET /wp-content/plugins/wp-google-map-plugin/assets/js/frontend.js?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 14214
Last-Modified: Fri, 17 Mar 2023 02:07:38 GMT
Connection: keep-alive
ETag: "6413cb6a-3786"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/wp-google-map-plugin/assets/js/vendor/markerclustererplus/markerclustererplus.js?ver=6.1.1
173.230.139.99200 OK 53 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/wp-google-map-plugin/assets/js/vendor/markerclustererplus/markerclustererplus.js?ver=6.1.1
IP 173.230.139.99:0
File type HTML document, ASCII text
Hash dc249aedab5f82a314cb9a901fb3b2d4
259fc5053f1c86b11fadf1098e4aa12e741456d4
804f2c7a54a6201b571cf94b7d160ffc83a08a6f18c7448f9e09cfa3cd24589a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-google-map-plugin/assets/js/vendor/markerclustererplus/markerclustererplus.js?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 53315
Last-Modified: Fri, 17 Mar 2023 02:07:38 GMT
Connection: keep-alive
ETag: "6413cb6a-d043"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/wp-google-map-plugin/assets/js/vendor/infobox/infobox.js?ver=6.1.1
173.230.139.99200 OK 28 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/wp-google-map-plugin/assets/js/vendor/infobox/infobox.js?ver=6.1.1
IP 173.230.139.99:0
Hash c4d88031ecacaef06f613edb47dd30a0
fd46fcb4104ab8faed471162082a5201a007bbc0
32bce456421faecf7accc0afb9f4c5b21e3dd363d2518f29d14a2bb311798ddb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-google-map-plugin/assets/js/vendor/infobox/infobox.js?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 27524
Last-Modified: Fri, 17 Mar 2023 02:07:38 GMT
Connection: keep-alive
ETag: "6413cb6a-6b84"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.20.2
173.230.139.99200 OK 1.3 kB URL HTTP/1.1 www.midwayestates.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.20.2
IP 173.230.139.99:0
Hash d71b75b2327258b1d01d50590c1f67ca
b7820e4ffb6becc133c48f66d9f683545530b959
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.20.2 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 1343
Last-Modified: Fri, 17 Mar 2023 02:08:20 GMT
Connection: keep-alive
ETag: "6413cb94-53f"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/ddpro/include/fancybox/jquery.fancybox.js?ver=6.1.1
173.230.139.99200 OK 26 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/include/fancybox/jquery.fancybox.js?ver=6.1.1
IP 173.230.139.99:0
File type ASCII text, with very long lines (480)
Hash 5ef0670d84e87f603fae8e1c373a196d
14e834a2667e2d69e11f9da5eb3379458d79fd93
311090353031b36b2616aabd9c35df0aad4ad8629f5b18d484d66f6bf656bb56
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ddpro/include/fancybox/jquery.fancybox.js?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 26438
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-6746"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/ddpro/include/fancybox/jquery.fancybox.pack.js?ver=6.1.1
173.230.139.99200 OK 36 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/include/fancybox/jquery.fancybox.pack.js?ver=6.1.1
IP 173.230.139.99:0
File type ASCII text, with very long lines (450)
Hash 44ed1f254c14acaa8a8bc7a4f2279275
4e899efaa50e9c9dcac5be7e5459ce1e4b1d2c25
e07ece0259cf5f66fc614adcdeeeea9f0d6a278a50abff874651633722e60e76
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ddpro/include/fancybox/jquery.fancybox.pack.js?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 35935
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-8c5f"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/ddpro/include/falkor/js/falkor_divi.js?ver=6.1.1
173.230.139.99200 OK 43 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/include/falkor/js/falkor_divi.js?ver=6.1.1
IP 173.230.139.99:0
Hash 0bc84f01ccd3a3c43e524fe42bf88e63
a2f5193d0676dea8793b85b0dbca51b11fc4d7e1
db5a90daf5b3814cffee57e1b235e11f11d97e6597a9e0dce17f32494a7013ac
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ddpro/include/falkor/js/falkor_divi.js?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 42865
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-a771"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/ddpro/include/mermaid/js/mermaid_divi.js?ver=6.1.1
173.230.139.99200 OK 23 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/include/mermaid/js/mermaid_divi.js?ver=6.1.1
IP 173.230.139.99:0
File type ASCII text, with very long lines (1155)
Hash d998cf1d42f9a621ffc468b69e77b934
702671513f3eeee5b426c4b9cb653c027255f447
4afac164b10bdadbd5d922ebf6235b8a93b70cf3b27bf9ad24aeeb6f1ebbc723
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ddpro/include/mermaid/js/mermaid_divi.js?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 23008
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-59e0"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/ddpro/include/pegasus/js/jquery.hoverdir.js?ver=6.1.1
173.230.139.99200 OK 9.5 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/include/pegasus/js/jquery.hoverdir.js?ver=6.1.1
IP 173.230.139.99:0
Hash 6572196d1b2c4381b41364d77e03561d
256050bbbcabb7c853a16b2fffae2249fdac6078
d054f3865048deab1a0106dd03b88d1243c718ee45c9ae4522a9b45348b05645
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ddpro/include/pegasus/js/jquery.hoverdir.js?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 9501
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-251d"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/ddpro/include/pegasus/js/jquery.inview.js?ver=6.1.1
173.230.139.99200 OK 5.5 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/include/pegasus/js/jquery.inview.js?ver=6.1.1
IP 173.230.139.99:0
Hash 5e7ca4faa9da9b39541bd98a25ad87c4
23b9468456ceb918cb9a9ced1ff0d06c5807e8df
3e31d39c8fa8b47026f95433a36a33750d42b88cebcec3af1fb68ebb138ab877
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ddpro/include/pegasus/js/jquery.inview.js?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 5498
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-157a"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/ddpro/include/pegasus/js/masonry.pkgd.min.js?ver=6.1.1
173.230.139.99200 OK 24 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/include/pegasus/js/masonry.pkgd.min.js?ver=6.1.1
IP 173.230.139.99:0
File type ASCII text, with very long lines (23946)
Hash d94313c3ca257213d724ac82584b97e5
f3af023348d872519df905d720a9b951663e5cd2
605003a102486058fe8ac757b2c30652b9ac54d6d50df3799bc8cf81537ef66e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ddpro/include/pegasus/js/masonry.pkgd.min.js?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 24082
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-5e12"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/ddpro/include/pegasus/js/pegasus_divi.js?ver=6.1.1
173.230.139.99200 OK 87 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/include/pegasus/js/pegasus_divi.js?ver=6.1.1
IP 173.230.139.99:0
Hash c33c8bf4040b4c3831a28f59940df36e
ffe6832868025e274525470fcf27d9c96c87c972
24337cd8cf64e80b5fdae2945e2423935e44ea8d00c55b50727ad811e624cb33
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ddpro/include/pegasus/js/pegasus_divi.js?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 87345
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-15531"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/plugins/ddpro/include/unicorn/js/unicorn_divi.js?ver=6.1.1
173.230.139.99200 OK 17 kB URL HTTP/1.1 www.midwayestates.com/wp-content/plugins/ddpro/include/unicorn/js/unicorn_divi.js?ver=6.1.1
IP 173.230.139.99:0
Hash dd5540857b7f72577c810ac5d8f92d0d
8cec731883d0a86f28c964df8983b95b1b306ffd
cae8a907dd442cdbff2b4b5b81d59f4397c90663c16658af4c9d8bf27f46a00a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ddpro/include/unicorn/js/unicorn_divi.js?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/javascript
Content-Length: 17251
Last-Modified: Tue, 01 Oct 2019 01:54:50 GMT
Connection: keep-alive
ETag: "5d92b1ea-4363"
Accept-Ranges: bytes
www.onlinechatcenters.com/code.a-1473-1442.js
54.215.215.166200 OK 9.7 kB URL HTTP/1.1 www.onlinechatcenters.com/code.a-1473-1442.js
IP 54.215.215.166:0
File type ASCII text, with very long lines (2074)
Hash b04274702b731b0c2f1f5db1dccb62f0
40d8c89e0bb648139cd36cc03ef9013b08a9dca6
cc1d225fb32bfccbd1e4d759eed09b15c1516d2e20c85f81ba74613ed1f06185
GET /code.a-1473-1442.js HTTP/1.1
Host: www.onlinechatcenters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:31:22 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.3.11
X-Powered-By: PHP/7.3.11
Last-Modified: Tue, 21 Mar 2023 07:31:22 GMT
ETag: 5dd06f365163aa4ff2d544a397546b2b
Cache-Control: no-cache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9743
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
www.midwayestates.com/wp-content/uploads/sites/65/2021/08/Midway-Oval-Color-Newby-1.png
173.230.139.99200 OK 57 kB URL HTTP/1.1 www.midwayestates.com/wp-content/uploads/sites/65/2021/08/Midway-Oval-Color-Newby-1.png
IP 173.230.139.99:0
File type PNG image data, 1980 x 1708, 8-bit colormap, non-interlaced\012- data
Hash bc3e5cca3590f1eebdef310a69b31ce1
a4cdf1a3ac02a6e6c3b64dcffe499e42c8b69807
b8593910fd96ffd01ed42d129d3040d8306fc667722d297d1a02f0351ddb5445
GET /wp-content/uploads/sites/65/2021/08/Midway-Oval-Color-Newby-1.png HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: image/png
Content-Length: 57319
Last-Modified: Tue, 17 Aug 2021 15:49:15 GMT
Connection: keep-alive
ETag: "611bda7b-dfe7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.midwayestates.com/wp-content/uploads/sites/65/2021/08/Mobile-Homes-For-Sale-1.jpg
173.230.139.99200 OK 144 kB URL HTTP/1.1 www.midwayestates.com/wp-content/uploads/sites/65/2021/08/Mobile-Homes-For-Sale-1.jpg
IP 173.230.139.99:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=16, height=2411, bps=206, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS-1D X, orientation=upper-left, width=3761], progressive, precision 8, 656x417, components 3\012- data
Size 144 kB (143464 bytes)
Hash 11ab0a690e8341c4c8aacd75af991e2d
4ca7897c1f387c26b68e97078ffb03c25ebfe356
d256b21747986bceeb13b09b9d0c6b01b752ea7fa9ec447d9ce0c8409c80aae4
GET /wp-content/uploads/sites/65/2021/08/Mobile-Homes-For-Sale-1.jpg HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: image/jpeg
Content-Length: 143464
Last-Modified: Wed, 18 Aug 2021 17:10:16 GMT
Connection: keep-alive
ETag: "611d3ef8-23068"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.midwayestates.com/wp-content/uploads/sites/65/2021/08/Manufactured-Home-For-Sale-2.jpg
173.230.139.99200 OK 132 kB URL HTTP/1.1 www.midwayestates.com/wp-content/uploads/sites/65/2021/08/Manufactured-Home-For-Sale-2.jpg
IP 173.230.139.99:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=16, height=2593, bps=206, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS-1D X, orientation=upper-left, width=3889], progressive, precision 8, 551x372, components 3\012- data
Size 132 kB (131915 bytes)
Hash d2220156189d1157b58f74e55debe863
87cf376f1168538d08a94db9c56f9617af25095e
6d76d2b3cef271ab0449235d5fd3285003d6f59b9c6767f82761b5a6a1bf3f13
GET /wp-content/uploads/sites/65/2021/08/Manufactured-Home-For-Sale-2.jpg HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:23 GMT
Content-Type: image/jpeg
Content-Length: 131915
Last-Modified: Wed, 18 Aug 2021 17:10:45 GMT
Connection: keep-alive
ETag: "611d3f15-2034b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.midwayestates.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
173.230.139.99200 OK 92 kB URL HTTP/1.1 www.midwayestates.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
IP 173.230.139.99:0
File type Web Open Font Format, TrueType, length 92476, version 2.4\012- data
Hash 7d04c782e3ec7b655cb15e50245c4c49
6ac6c03ebcebc29f36f09525ae9564f12240776d
88795f28bb66a45f9c32245dd21d6319ed5d26a45bf5afa31d91a0f83ee855f7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: application/font-woff
Content-Length: 92476
Last-Modified: Fri, 17 Mar 2023 02:08:20 GMT
Connection: keep-alive
ETag: "6413cb94-1693c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
216.58.211.14200 OK 30 kB URL HTTP/2 translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
IP 216.58.211.14:0
Hash 0f4ef73a036f67f631da246768d91111
b4aad835757526e339599d55db0afb2c31021545
1da3f9e38a8ea9db68b5ff5b65ad16b0c80a352e7cccb654c6895535fbea2566
GET /translate_a/element.js?cb=GoogleLanguageTranslatorInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 21 Mar 2023 07:31:22 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+846; expires=Thu, 20-Mar-2025 07:31:22 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.midwayestates.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
173.230.139.99200 OK 95 kB URL HTTP/1.1 www.midwayestates.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 173.230.139.99:0
File type ASCII text, with very long lines (47826)
Hash 71d925864153f0edf91037f3d31048e8
cc16a0524ac63b5ce29f703a66412224f0dd771a
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:23 GMT
Content-Type: text/css
Content-Length: 94889
Last-Modified: Wed, 16 Nov 2022 06:25:04 GMT
Connection: keep-alive
ETag: "63748240-172a9"
Accept-Ranges: bytes
www.midwayestates.com/wp-content/uploads/sites/65/2021/08/Streetview-of-Community-1.jpg
173.230.139.99200 OK 136 kB URL HTTP/1.1 www.midwayestates.com/wp-content/uploads/sites/65/2021/08/Streetview-of-Community-1.jpg
IP 173.230.139.99:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=16, height=2597, bps=206, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS-1D X, orientation=upper-left, width=3899], progressive, precision 8, 661x436, components 3\012- data
Size 136 kB (135569 bytes)
Hash 09a8144aaa28e4611a212fba683cb4e6
3fc482011def2e1c5dca1558074804866455b834
e1671e374e1fe0af797f7f90cb57a9138f95d11f80fbf515472f449aa94e02e5
GET /wp-content/uploads/sites/65/2021/08/Streetview-of-Community-1.jpg HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:23 GMT
Content-Type: image/jpeg
Content-Length: 135569
Last-Modified: Wed, 18 Aug 2021 17:10:10 GMT
Connection: keep-alive
ETag: "611d3ef2-21191"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.midwayestates.com/wp-content/uploads/sites/65/2021/08/Header-scaled.jpg
173.230.139.99200 OK 352 kB URL HTTP/1.1 www.midwayestates.com/wp-content/uploads/sites/65/2021/08/Header-scaled.jpg
IP 173.230.139.99:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", progressive, precision 8, 2560x662, components 3\012- data
Size 352 kB (351646 bytes)
Hash 5d05e88cec8766d6815938a35caab8e4
f677d32f7874306df40660e019a0bc3025987829
575012cb7c7b96090336d538d7bcf79f231d8a37d73329e4db89e74508bc99f5
GET /wp-content/uploads/sites/65/2021/08/Header-scaled.jpg HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/wp-content/et-cache/1/65/23/et-core-unified-deferred-23.min.css?ver=1679091362
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:23 GMT
Content-Type: image/jpeg
Content-Length: 351646
Last-Modified: Tue, 17 Aug 2021 02:21:05 GMT
Connection: keep-alive
ETag: "611b1d11-55d9e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.midwayestates.com/wp-content/uploads/sites/65/2022/06/7O0A3569-1280x854.jpg
173.230.139.99200 OK 242 kB URL HTTP/1.1 www.midwayestates.com/wp-content/uploads/sites/65/2022/06/7O0A3569-1280x854.jpg
IP 173.230.139.99:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", progressive, precision 8, 1280x854, components 3\012- data
Size 242 kB (242189 bytes)
Hash 311045f78602570a7836e890b6081f92
0bc41b4d27d517b34d779eb7bebeaeb980af170d
00f89346669514ebe15bec5449a3621d68f1ef87a16bfd460658ef3f0acf60e3
GET /wp-content/uploads/sites/65/2022/06/7O0A3569-1280x854.jpg HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:23 GMT
Content-Type: image/jpeg
Content-Length: 242189
Last-Modified: Wed, 15 Jun 2022 16:28:21 GMT
Connection: keep-alive
ETag: "62aa08a5-3b20d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.midwayestates.com/wp-content/uploads/sites/65/2022/06/7O0A3554-400x284.jpg
173.230.139.99200 OK 32 kB URL HTTP/1.1 www.midwayestates.com/wp-content/uploads/sites/65/2022/06/7O0A3554-400x284.jpg
IP 173.230.139.99:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", progressive, precision 8, 400x284, components 3\012- data
Hash d1f1120708d7ed84283694030e28049c
ff4eb5e05a83b74789626fbfb2717f321958c35f
b6d5da84cc65f6e8a7266e23e280df34515b79835994a2437c74c81e283800c6
GET /wp-content/uploads/sites/65/2022/06/7O0A3554-400x284.jpg HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:23 GMT
Content-Type: image/jpeg
Content-Length: 31986
Last-Modified: Wed, 15 Jun 2022 16:35:47 GMT
Connection: keep-alive
ETag: "62aa0a63-7cf2"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3ac4671deeca3302950bd5fce7f4ce3f
62b5d0c548949ee8d932231fcd01196cefc896aa
e4adf52f426f89cbc5a61507b21d33c817e5b8cee1e2709fe3ffecc1ec0c8731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:31:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-ZD78G3NY4Q>m=45je33f0&_p=515311317&cid=174757147.1679383885&ul=en-us&sr=1280x1024&_s=1&sid=1679383885&sct=1&seg=0&dl=https%3A%2F%2Fwww.midwayestates.com%2F&dt=Home%20-%20Midway%20Estates&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-ZD78G3NY4Q>m=45je33f0&_p=515311317&cid=174757147.1679383885&ul=en-us&sr=1280x1024&_s=1&sid=1679383885&sct=1&seg=0&dl=https%3A%2F%2Fwww.midwayestates.com%2F&dt=Home%20-%20Midway%20Estates&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-ZD78G3NY4Q>m=45je33f0&_p=515311317&cid=174757147.1679383885&ul=en-us&sr=1280x1024&_s=1&sid=1679383885&sct=1&seg=0&dl=https%3A%2F%2Fwww.midwayestates.com%2F&dt=Home%20-%20Midway%20Estates&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.midwayestates.com
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.midwayestates.com
date: Tue, 21 Mar 2023 07:31:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3ac4671deeca3302950bd5fce7f4ce3f
62b5d0c548949ee8d932231fcd01196cefc896aa
e4adf52f426f89cbc5a61507b21d33c817e5b8cee1e2709fe3ffecc1ec0c8731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:31:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.midwayestates.com/wp-content/uploads/sites/65/2022/06/7O0A3560-400x284.jpg
173.230.139.99200 OK 37 kB URL HTTP/1.1 www.midwayestates.com/wp-content/uploads/sites/65/2022/06/7O0A3560-400x284.jpg
IP 173.230.139.99:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", progressive, precision 8, 400x284, components 3\012- data
Hash 0e947b7265a39e4ae2aa408a62057dbc
92de11031a5a13225a6c4d0f9bf7e9eef4a23134
548ddd47c3b96dcc2118cefbd32564379ff3c2f084186ec7f23dc34fee14af49
GET /wp-content/uploads/sites/65/2022/06/7O0A3560-400x284.jpg HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:23 GMT
Content-Type: image/jpeg
Content-Length: 36657
Last-Modified: Wed, 15 Jun 2022 16:36:18 GMT
Connection: keep-alive
ETag: "62aa0a82-8f31"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.midwayestates.com/wp-admin/admin-ajax.php?action=ddp_get_option_wl
173.230.139.99302 Found 0 B URL HTTP/1.1 www.midwayestates.com/wp-admin/admin-ajax.php?action=ddp_get_option_wl
IP 173.230.139.99:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/admin-ajax.php?action=ddp_get_option_wl HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.midwayestates.com/
Cookie: _ga_ZD78G3NY4Q=GS1.1.1679383885.1.0.1679383885.0.0.0; _ga=GA1.1.174757147.1679383885
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.midwayestates.com
www.midwayestates.com/wp-content/uploads/sites/65/2021/08/daytona-florida-scaled-1.jpg
173.230.139.99200 OK 417 kB URL HTTP/1.1 www.midwayestates.com/wp-content/uploads/sites/65/2021/08/daytona-florida-scaled-1.jpg
IP 173.230.139.99:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", progressive, precision 8, 2560x1707, components 3\012- data
Size 417 kB (417090 bytes)
Hash fda16fbd68aa6476e89694f184b02ca4
b5b2bff42c664067fe4e868efe6b030e8091b553
361bd92d62250e772ed8b4575b6034969fe46fe6d120425443dbb46e42b3c41e
GET /wp-content/uploads/sites/65/2021/08/daytona-florida-scaled-1.jpg HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:23 GMT
Content-Type: image/jpeg
Content-Length: 417090
Last-Modified: Tue, 10 Aug 2021 20:32:13 GMT
Connection: keep-alive
ETag: "6112e24d-65d42"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.midwayestates.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 14:12:20 GMT
expires: Tue, 19 Mar 2024 14:12:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 62343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.midwayestates.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 07:51:59 GMT
expires: Thu, 14 Mar 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 517164
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.midwayestates.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 14 Mar 2023 13:09:06 GMT
expires: Wed, 13 Mar 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 584537
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3ac4671deeca3302950bd5fce7f4ce3f
62b5d0c548949ee8d932231fcd01196cefc896aa
e4adf52f426f89cbc5a61507b21d33c817e5b8cee1e2709fe3ffecc1ec0c8731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:31:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en
142.250.74.74200 OK 16 kB URL HTTP/2 fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en
IP 142.250.74.74:0
Hash 32d60d27784c6d89e0ae6392b29908ae
22f7c03778b4a44091c47c80b2011dc95d686ae8
7cc16249b8e23c0713b45e84662100271aa884f97de68a8e3c3a3b2458bf83a6
GET /css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 21 Mar 2023 07:31:23 GMT
date: Tue, 21 Mar 2023 07:31:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.midwayestates.com/wp-content/uploads/sites/65/2022/06/7O0A3573-1-400x284.jpg
173.230.139.99200 OK 25 kB URL HTTP/1.1 www.midwayestates.com/wp-content/uploads/sites/65/2022/06/7O0A3573-1-400x284.jpg
IP 173.230.139.99:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", progressive, precision 8, 400x284, components 3\012- data
Hash 47552ec64ed18fc2f69e518fd0975015
8a94b9c4b4d3186b8a7da305c274f2b2b15225d9
2a5e17309cb97dac11d274c4bc303e6c165ac7396bf393e3a58a63b56278f527
GET /wp-content/uploads/sites/65/2022/06/7O0A3573-1-400x284.jpg HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:23 GMT
Content-Type: image/jpeg
Content-Length: 24823
Last-Modified: Wed, 15 Jun 2022 16:37:15 GMT
Connection: keep-alive
ETag: "62aa0abb-60f7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.midwayestates.com/wp-content/uploads/sites/65/2022/09/7O0A3570-400x284.jpg
173.230.139.99200 OK 28 kB URL HTTP/1.1 www.midwayestates.com/wp-content/uploads/sites/65/2022/09/7O0A3570-400x284.jpg
IP 173.230.139.99:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", progressive, precision 8, 400x284, components 3\012- data
Hash affac444ddbfb6ab33fdbc735c3d4940
b4a6c951416d16cef163cb25a08b01504dfd43f1
7a91cbe03722017a4fa11cb92d6cdf4ea50e400ca82acdb33ecd71948c0c7328
GET /wp-content/uploads/sites/65/2022/09/7O0A3570-400x284.jpg HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:23 GMT
Content-Type: image/jpeg
Content-Length: 28374
Last-Modified: Wed, 07 Sep 2022 17:28:51 GMT
Connection: keep-alive
ETag: "6318d4d3-6ed6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
form.123formbuilder.com/js-form-username-5977341.html?ref=https%3A%2F%2Fwww.midwayestates.com%2F&_referrer_=&_embedType_=embed.js&_iframeID_=1679383885453_906796875012710
54.161.248.17200 OK 39 kB URL HTTP/2 form.123formbuilder.com/js-form-username-5977341.html?ref=https%3A%2F%2Fwww.midwayestates.com%2F&_referrer_=&_embedType_=embed.js&_iframeID_=1679383885453_906796875012710
IP 54.161.248.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (47635)
Hash 2b3c87908a622431b715a106400076a3
15d79d6a7dce6d59d7228a7d6cdd12ff96455743
9b70a4ee4e3a2363ec7e816a6a41aa4a4a23e219b9753a0e576762e30c20db76
GET /js-form-username-5977341.html?ref=https%3A%2F%2Fwww.midwayestates.com%2F&_referrer_=&_embedType_=embed.js&_iframeID_=1679383885453_906796875012710 HTTP/1.1
Host: form.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 07:31:23 GMT
content-type: text/html; charset=UTF-8
content-length: 39388
x-inst-ip: 10.103.42.1
p3p: CP="Potato"
set-cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6; Domain=.123formbuilder.com; Path=/; Secure; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.onlinechatcenters.com/visitor/?SESSID=&id=1473&ds=1442&os=&page=https%3A%2F%2Fwww.midwayestates.com%2F&ref=&6488689
54.215.215.166200 OK 90 B URL HTTP/1.1 www.onlinechatcenters.com/visitor/?SESSID=&id=1473&ds=1442&os=&page=https%3A%2F%2Fwww.midwayestates.com%2F&ref=&6488689
IP 54.215.215.166:0
File type ASCII text, with no line terminators
Hash 812fd08153f90426c64bfffb73e924c1
314845d845ef93da7ac9b596d4b0962d3ce6ae3c
f73f900cfaddf2273b49fedc1e73a6994a76ce357b3757b5e3e0247f9d92dcf3
GET /visitor/?SESSID=&id=1473&ds=1442&os=&page=https%3A%2F%2Fwww.midwayestates.com%2F&ref=&6488689 HTTP/1.1
Host: www.onlinechatcenters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:31:23 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.3.11
X-Powered-By: PHP/7.3.11
Last-Modified: Tue, 21 Mar 2023 07:31:23 GMT
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 90
Content-Type: application/javascript
cdn.123formbuilder.com/modules/Typescript/Form/css/print.css.minified.css?v10.16.5
54.230.111.42200 OK 509 B URL HTTP/2 cdn.123formbuilder.com/modules/Typescript/Form/css/print.css.minified.css?v10.16.5
IP 54.230.111.42:0
File type ASCII text, with very long lines (509), with no line terminators
Hash b71c4b4a96b413e88ed032b740508e2b
a4c089bf71dae7bf9a643b239b4d95d69a93daf4
f57aefe9736ae8e297991712d7c60544231f674afdc973473168b9a2469bee7d
GET /modules/Typescript/Form/css/print.css.minified.css?v10.16.5 HTTP/1.1
Host: cdn.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 509
date: Mon, 20 Mar 2023 14:07:08 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 14:01:10 GMT
etag: "b71c4b4a96b413e88ed032b740508e2b"
x-amz-server-side-encryption: AES256
cache-control: max-age=2419200, public
x-amz-version-id: CQ0ZJ3g42xe5CWeml2obC5yvcgVQmUtQ
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MwXQy1Ha3GvD7wWMeolPhb-1Lav8A8S1dSM51hcyD3r0L2e5lnzEtw==
age: 62656
X-Firefox-Spdy: h2
www.midwayestates.com/wp-content/uploads/sites/65/2022/06/DJI_0043-scaled.jpg
173.230.139.99200 OK 1.3 MB URL HTTP/1.1 www.midwayestates.com/wp-content/uploads/sites/65/2022/06/DJI_0043-scaled.jpg
IP 173.230.139.99:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", progressive, precision 8, 2560x1707, components 3\012- data
Size 1.3 MB (1337136 bytes)
Hash 2f0e5b633833471fed83b18ff1b701cc
6bfd6b1d3f08da931e24854a78e071c2d9dca521
e3052ce06554f8fd2834b607a8af2ef7fc0cd2210badbd53b78839fe84d80b24
GET /wp-content/uploads/sites/65/2022/06/DJI_0043-scaled.jpg HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:22 GMT
Content-Type: image/jpeg
Content-Length: 1337136
Last-Modified: Wed, 15 Jun 2022 16:26:13 GMT
Connection: keep-alive
ETag: "62aa0825-146730"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash ba36794dd25eb99ef2f9bfe6e374d6c0
d3d9618c11462282b5f9f9f565db481e2809e5db
ae16a7a633d79ab28ac8723625f0ee00c48d3f1201d7332f4481f4c861026eb6
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155999
Date: Tue, 21 Mar 2023 07:31:23 GMT
Etag: "64190d01-1d7"
Expires: Thu, 23 Mar 2023 02:51:22 GMT
Last-Modified: Tue, 21 Mar 2023 01:48:49 GMT
Server: ECAcc (bsa/EACA)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kDCoy2Bjww0NU0WdGH2FdvKewZyY5T4V31QiXKZ3wh_qU4KNBQNqsw==
Age: 3753
cdn.123formbuilder.com/modules/tracker/js/simplePolyfill.js?v10.16.5
54.230.111.42200 OK 171 B URL HTTP/2 cdn.123formbuilder.com/modules/tracker/js/simplePolyfill.js?v10.16.5
IP 54.230.111.42:0
Hash b5f9956994166d621d1ba3a6100f0e8b
cdab6166a55a799f14a9383f640870592a7fd07b
3d8d31efd6b0eb325e456848b42c82c561c011dc98464cb91a65672bacef3f99
GET /modules/tracker/js/simplePolyfill.js?v10.16.5 HTTP/1.1
Host: cdn.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 171
date: Mon, 20 Mar 2023 14:07:08 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 14:01:19 GMT
etag: "b5f9956994166d621d1ba3a6100f0e8b"
x-amz-server-side-encryption: AES256
cache-control: max-age=2419200, public
x-amz-version-id: ajfXIMuzky_IZ3RVjrwQfEJssEqab29U
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hPM88Ly4UR9xPA_wf-qtL4ftnAW9MBnYOodO_XgPH5UP3RXTvcCzEA==
age: 62656
X-Firefox-Spdy: h2
www.midwayestates.com/wp-content/uploads/sites/65/2022/06/7O0A3572-scaled.jpg
173.230.139.99200 OK 808 kB URL HTTP/1.1 www.midwayestates.com/wp-content/uploads/sites/65/2022/06/7O0A3572-scaled.jpg
IP 173.230.139.99:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", progressive, precision 8, 2560x1707, components 3\012- data
Size 808 kB (807797 bytes)
Hash 263308ab8c4c8b939687fb5ee2bc8095
71f6934bed98c2a247d68bb60fbce5436972b8b3
505d471646767022218dde800d114d5ddd22248003a1f632f1acad2ac0e50d4c
GET /wp-content/uploads/sites/65/2022/06/7O0A3572-scaled.jpg HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Cookie: _ga_ZD78G3NY4Q=GS1.1.1679383885.1.0.1679383885.0.0.0; _ga=GA1.1.174757147.1679383885
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:23 GMT
Content-Type: image/jpeg
Content-Length: 807797
Last-Modified: Wed, 15 Jun 2022 16:28:54 GMT
Connection: keep-alive
ETag: "62aa08c6-c5375"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.onlinechatcenters.com/visitor/?SESSID=pqbem0dk5o4pb28b4bkff1ofu1&action=state&state_id_manager=1473&state_departments=1442&state_operators=&9980772&init=1&mouse_x=0&mouse_y=0&cookie=_ga_ZD78G3NY4Q%3DGS1.1.1679383885.1.0.1679383885.0.0.0%3B%20_ga%3DGA1.1.174757147.1679383885&data=0%3Cv%3E%3Ci%3E
54.215.215.166200 OK 81 B URL HTTP/1.1 www.onlinechatcenters.com/visitor/?SESSID=pqbem0dk5o4pb28b4bkff1ofu1&action=state&state_id_manager=1473&state_departments=1442&state_operators=&9980772&init=1&mouse_x=0&mouse_y=0&cookie=_ga_ZD78G3NY4Q%3DGS1.1.1679383885.1.0.1679383885.0.0.0%3B%20_ga%3DGA1.1.174757147.1679383885&data=0%3Cv%3E%3Ci%3E
IP 54.215.215.166:0
File type ASCII text, with CRLF line terminators
Hash 17b534bf778371f13303580e4c00bfb9
da8de03ce7113be64286f844478bbf36d8994f58
51ae2eab268f89a20f06369f6114a81527e45cb59e4196129c1e966d1a1d1716
GET /visitor/?SESSID=pqbem0dk5o4pb28b4bkff1ofu1&action=state&state_id_manager=1473&state_departments=1442&state_operators=&9980772&init=1&mouse_x=0&mouse_y=0&cookie=_ga_ZD78G3NY4Q%3DGS1.1.1679383885.1.0.1679383885.0.0.0%3B%20_ga%3DGA1.1.174757147.1679383885&data=0%3Cv%3E%3Ci%3E HTTP/1.1
Host: www.onlinechatcenters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:31:24 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.3.11
X-Powered-By: PHP/7.3.11
Last-Modified: Tue, 21 Mar 2023 07:31:24 GMT
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 81
Content-Type: application/javascript
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://form.123formbuilder.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 18:52:41 GMT
expires: Tue, 19 Mar 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 45523
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maps.gstatic.com/mapfiles/openhand_8_8.cur
142.250.74.3200 OK 326 B URL HTTP/2 maps.gstatic.com/mapfiles/openhand_8_8.cur
IP 142.250.74.3:0
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @8x8\012- data
Hash feff9159f56cb2069041d660b484eb07
0d0a08cf25a258511957f357b89d3908f3c5e6e3
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
GET /mapfiles/openhand_8_8.cur HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/bmp
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 326
date: Tue, 21 Mar 2023 07:31:24 GMT
expires: Tue, 21 Mar 2023 07:31:24 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.2ymgc6pnPG4.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpH9CxoMEsmI2Td2tv_kVMFK5Rkvg/m=el_main
142.250.74.138200 OK 75 kB URL HTTP/2 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.2ymgc6pnPG4.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpH9CxoMEsmI2Td2tv_kVMFK5Rkvg/m=el_main
IP 142.250.74.138:0
File type ASCII text, with very long lines (1665)
Hash 2b9288ef356e58021c6f0385ef0bc64e
dde05426c1729347a787ba899c0fdb86e463d87a
101e21784d7b107000d1aee7cf30eb01581071a1a17da0e425cf14c88f27aea8
GET /_/translate_http/_/js/k=translate_http.tr.no.2ymgc6pnPG4.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpH9CxoMEsmI2Td2tv_kVMFK5Rkvg/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75142
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 19:24:49 GMT
expires: Tue, 19 Mar 2024 19:24:49 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 18 Mar 2023 19:11:47 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 43595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.10200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.10:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.midwayestates.com
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 21 Mar 2023 07:31:24 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.midwayestates.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.midwayestates.com/wp-content/uploads/sites/65/2021/08/cropped-Midway-Oval-Color-2-192x192.png
173.230.139.99200 OK 9.8 kB URL HTTP/1.1 www.midwayestates.com/wp-content/uploads/sites/65/2021/08/cropped-Midway-Oval-Color-2-192x192.png
IP 173.230.139.99:0
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash d58328b545cf591a1a6b437fe02943b6
dce14a0581bf0376c8c0668d5a727c706af29909
997d1a7fed7a80bd0f18c3158f2b42166974ea825a0adf0de53f9468b59bfaef
GET /wp-content/uploads/sites/65/2021/08/cropped-Midway-Oval-Color-2-192x192.png HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Cookie: _ga_ZD78G3NY4Q=GS1.1.1679383885.1.0.1679383885.0.0.0; _ga=GA1.1.174757147.1679383885; OCCSESSID=pqbem0dk5o4pb28b4bkff1ofu1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:24 GMT
Content-Type: image/png
Content-Length: 9772
Last-Modified: Tue, 17 Aug 2021 19:23:48 GMT
Connection: keep-alive
ETag: "611c0cc4-262c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.midwayestates.com/wp-content/uploads/sites/65/2021/08/cropped-Midway-Oval-Color-2-32x32.png
173.230.139.99200 OK 1.6 kB URL HTTP/1.1 www.midwayestates.com/wp-content/uploads/sites/65/2021/08/cropped-Midway-Oval-Color-2-32x32.png
IP 173.230.139.99:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 16949075a771f8b706aa6eb26cb72686
83355686e83a7961945d8f32e92a6cc7ba64f305
3d6d1aef20d11b0bd5e52cc7558536b8131264fe7b2721aebdd513fb67a9ca39
GET /wp-content/uploads/sites/65/2021/08/cropped-Midway-Oval-Color-2-32x32.png HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Cookie: _ga_ZD78G3NY4Q=GS1.1.1679383885.1.0.1679383885.0.0.0; _ga=GA1.1.174757147.1679383885; OCCSESSID=pqbem0dk5o4pb28b4bkff1ofu1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:24 GMT
Content-Type: image/png
Content-Length: 1607
Last-Modified: Tue, 17 Aug 2021 19:23:52 GMT
Connection: keep-alive
ETag: "611c0cc8-647"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.midwayestates.com/
173.230.139.99200 OK 44 kB IP 173.230.139.99:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (25581)
Hash 69fc45e39a3c2841ffce8525ae986daf
5c9a8991ad426c1a1fb226e79162c8e744e98c21
d8b0b987c71313f735a0fe1d7326975b16b6d4a147f0c91e6ef7123e37532fea
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Referer: https://www.midwayestates.com/
Connection: keep-alive
Cookie: _ga_ZD78G3NY4Q=GS1.1.1679383885.1.0.1679383885.0.0.0; _ga=GA1.1.174757147.1679383885
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 21 Mar 2023 02:31:21 GMT
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <https://www.midwayestates.com/wp-json/>; rel="https://api.w.org/", <https://www.midwayestates.com/wp-json/wp/v2/pages/23>; rel="alternate"; type="application/json", <https://www.midwayestates.com/>; rel=shortlink
Cache-Control: no-cache
Last-Modified: Tue, 21 Mar 2023 02:31:24 GMT
WPO-Cache-Status: saving to cache
Content-Encoding: gzip
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8535613a8a8fd6ee9e928b3539dcfccd
75d939e05c094dda5410c98b8264d7c3270a6672
b09eaa3afbf3c651a41228d2297ff907b3f98102bce5277c7b9a1af8a1f346f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:31:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=RECAPTCHA_READY_CALBACK_612388123&render=explicit
142.250.74.164200 OK 600 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=RECAPTCHA_READY_CALBACK_612388123&render=explicit
IP 142.250.74.164:0
File type ASCII text, with very long lines (928), with no line terminators
Hash df4a2654c954da5983db957f7f1ad3ee
a33201122b6f6cb26116d1bbe018f32bff3e73a5
126173cce96ee83ce8b0edd184094867b77db5dce57104a1dc9e873b2e1929fa
GET /recaptcha/api.js?onload=RECAPTCHA_READY_CALBACK_612388123&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 21 Mar 2023 07:31:24 GMT
date: Tue, 21 Mar 2023 07:31:24 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 600
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
form.123formbuilder.com/modules/Typescript/Form/resources/form-invoice.html?_=1679383886962
54.161.248.17200 OK 795 B URL HTTP/2 form.123formbuilder.com/modules/Typescript/Form/resources/form-invoice.html?_=1679383886962
IP 54.161.248.17:0
File type ASCII text, with very long lines (393), with CRLF line terminators
Hash e58d85d9bef74fdf57cd12dde77fe727
617f8f6b5a0252815fcc9936f708684549677348
a51a84a9ab936860592d483a8fc41ecb417d8f75a94401d2c40937c96d7aa81f
GET /modules/Typescript/Form/resources/form-invoice.html?_=1679383886962 HTTP/1.1
Host: form.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
theToken: 0e5191de5cfdb8efe2c91b7db
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://form.123formbuilder.com/js-form-username-5977341.html?ref=https%3A%2F%2Fwww.midwayestates.com%2F&_referrer_=&_embedType_=embed.js&_iframeID_=1679383885453_906796875012710
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 07:31:24 GMT
content-type: text/html; charset=UTF-8
content-length: 795
x-inst-ip: 10.103.31.175
p3p: CP="Potato"
cache-control: max-age=86400
expires: Wed, 22 Mar 2023 07:31:24 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.onlinechatcenters.com/status-1473-1442
54.215.215.166200 OK 43 B URL HTTP/1.1 www.onlinechatcenters.com/status-1473-1442
IP 54.215.215.166:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /status-1473-1442 HTTP/1.1
Host: www.onlinechatcenters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:31:24 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.3.11
X-Powered-By: PHP/7.3.11
Last-Modified: Tue, 21 Mar 2023 07:31:24 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
form.123formbuilder.com/sf_calc_actions.php?formId=5977341&PHPSESSID=c8sqs7r7h0kiv3o1u9pt9flvu6
54.161.248.17200 OK 149 B URL HTTP/2 form.123formbuilder.com/sf_calc_actions.php?formId=5977341&PHPSESSID=c8sqs7r7h0kiv3o1u9pt9flvu6
IP 54.161.248.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ef005e35744dde6ce17c83db6a55cfc8
0bf9633a398c72631b22688f7d3586012ac9e70d
0cbe84eaa36e9e71d2c4aa07c24bd3772b4caa9e7046107f1896ebea83cab5f7
POST /sf_calc_actions.php?formId=5977341&PHPSESSID=c8sqs7r7h0kiv3o1u9pt9flvu6 HTTP/1.1
Host: form.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
theToken: 0e5191de5cfdb8efe2c91b7db
X-Requested-With: XMLHttpRequest
Content-Length: 510
Origin: https://form.123formbuilder.com
Connection: keep-alive
Referer: https://form.123formbuilder.com/js-form-username-5977341.html?ref=https%3A%2F%2Fwww.midwayestates.com%2F&_referrer_=&_embedType_=embed.js&_iframeID_=1679383885453_906796875012710
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 07:31:24 GMT
content-type: application/json
content-length: 149
x-inst-ip: 10.103.48.149
p3p: CP="Potato"
set-cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6; Domain=.123formbuilder.com; Path=/; Secure; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.123formbuilder.com/includes/css/backend/iconfont.css.minified.css?v10.16.5
54.230.111.42200 OK 7.4 kB URL HTTP/2 cdn.123formbuilder.com/includes/css/backend/iconfont.css.minified.css?v10.16.5
IP 54.230.111.42:0
Hash dc785ca396289f725e7f9abfa4245b1e
f59100cec02bf70dea0df6d6c2d7000c5b4cbfb2
78c3c5650ca3c7610bb2c1b0839fe942fa94e96c9921ad65a9298f9fde23dac5
GET /includes/css/backend/iconfont.css.minified.css?v10.16.5 HTTP/1.1
Host: cdn.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
date: Mon, 20 Mar 2023 14:07:08 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 14:00:47 GMT
etag: W/"46be27009f7ee41ac8ef75b031f24f52"
x-amz-server-side-encryption: AES256
cache-control: max-age=2419200, public
x-amz-version-id: XAMri9Lq6wgR1ok3mi.SZL7C9Uq_SQQ1
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bGxAAXD-S4FymUZaGgtmrnng0x60YtYgCpkIuaXnMNnZAZNCfjPIgw==
age: 62656
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
142.250.74.74200 OK 29 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
IP 142.250.74.74:0
File type ASCII text, with very long lines (17794)
Hash b6b75753ac2689af5bcb4751e1a885fe
1cd584bdbb9a2f0e646cec51765ebd984b293394
d3309166e1b4f7e3cf8ce444271d2839c4fd9aa2e106f684292858a7b176c6b5
GET /css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 21 Mar 2023 07:31:23 GMT
date: Tue, 21 Mar 2023 07:31:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
valencia.newbymgmt.com/wp-content/plugins/wp-google-map-plugin/assets/images/icons/google-map-default-icon.png
173.230.139.99200 OK 5.1 kB URL HTTP/1.1 valencia.newbymgmt.com/wp-content/plugins/wp-google-map-plugin/assets/images/icons/google-map-default-icon.png
IP 173.230.139.99:0
File type gzip compressed data, max compression\012- data
Hash d46027e0c23fec3b4b8acf6413f7618f
ded3454bf22553f6d76b1357c5399628b683cb63
2d54324c9391d2c0277088d5c8c3a767d3b251b8bfa808e6c5f7127570bf9534
GET /wp-content/plugins/wp-google-map-plugin/assets/images/icons/google-map-default-icon.png HTTP/1.1
Host: valencia.newbymgmt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:25 GMT
Content-Type: image/png
Content-Length: 4269
Last-Modified: Fri, 17 Mar 2023 02:07:38 GMT
Connection: keep-alive
ETag: "6413cb6a-10ad"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 21:48:03 GMT
expires: Fri, 15 Mar 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 380602
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 0 B IP 142.250.74.131:0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.123formbuilder.com/modules/Typescript/Form/css/shared.css.minified.css?v10.16.5
54.230.111.42200 OK 0 B URL HTTP/2 cdn.123formbuilder.com/modules/Typescript/Form/css/shared.css.minified.css?v10.16.5
IP 54.230.111.42:0
GET /modules/Typescript/Form/css/shared.css.minified.css?v10.16.5 HTTP/1.1
Host: cdn.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Mon, 20 Mar 2023 14:07:08 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 14:01:10 GMT
etag: W/"2bb08eb58f4b1579e3c789e52b902952"
x-amz-server-side-encryption: AES256
cache-control: max-age=2419200, public
x-amz-version-id: d5cZDGbSWOEVFKJisdXK19q.8lrU5cCP
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hldCm925XG6KUpB3fnCQlSVwLWlCBXhMpZ1z6pGNZPMg3L0YkY9QvQ==
age: 62656
X-Firefox-Spdy: h2
cdn.123formbuilder.com/modules/Typescript/Form/dist/build.js?v10.16.5
54.230.111.42200 OK 0 B URL HTTP/2 cdn.123formbuilder.com/modules/Typescript/Form/dist/build.js?v10.16.5
IP 54.230.111.42:0
GET /modules/Typescript/Form/dist/build.js?v10.16.5 HTTP/1.1
Host: cdn.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 20 Mar 2023 14:07:08 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 14:01:11 GMT
etag: W/"23ef7b24501ec952942fad2c9d29398b"
x-amz-server-side-encryption: AES256
cache-control: max-age=2419200, public
x-amz-version-id: yJySf.9HomW62s4tYMnQA7cpueLrFh0t
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U-IgMG46tjS8QgnUSaF_b_baC0pUeiducA3w48ST7VGLi6b1uluj1g==
age: 62656
X-Firefox-Spdy: h2
cdn.123formbuilder.com/modules/Typescript/sanitize-html/dist/core-js.min.js?v10.16.5
54.230.111.42200 OK 0 B URL HTTP/2 cdn.123formbuilder.com/modules/Typescript/sanitize-html/dist/core-js.min.js?v10.16.5
IP 54.230.111.42:0
GET /modules/Typescript/sanitize-html/dist/core-js.min.js?v10.16.5 HTTP/1.1
Host: cdn.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 20 Mar 2023 14:07:08 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 14:01:13 GMT
etag: W/"841dcfd53a190d4947e0d5a6fbcffd74"
x-amz-server-side-encryption: AES256
cache-control: max-age=2419200, public
x-amz-version-id: UNNyjV_BnA6lU3pfsF8HrWHY7Yt4_Nav
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2sUenVW9u3Ivn5XFg1qvk8tpL73HouoFifWj-iPOlBurUR86KWiFxg==
age: 62656
X-Firefox-Spdy: h2
cdn.123formbuilder.com/modules/Typescript/sanitize-html/dist/sanitize-html.min.js.minified.js?v10.16.5
54.230.111.42200 OK 0 B URL HTTP/2 cdn.123formbuilder.com/modules/Typescript/sanitize-html/dist/sanitize-html.min.js.minified.js?v10.16.5
IP 54.230.111.42:0
GET /modules/Typescript/sanitize-html/dist/sanitize-html.min.js.minified.js?v10.16.5 HTTP/1.1
Host: cdn.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 20 Mar 2023 14:07:08 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 14:01:13 GMT
etag: W/"bf47e83c3b180d2e907c884aeec00a86"
x-amz-server-side-encryption: AES256
cache-control: max-age=2419200, public
x-amz-version-id: O3TtRTLFudqpLBx9HgEEf4_McZmY7OzJ
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: R7ZyNX79NGnJCiFoIvAALlOrl3ZEmOx2fLkHXohCh7WOzgF3wWv3JA==
age: 62656
X-Firefox-Spdy: h2
cdn.123formbuilder.com/libraries/bootstrap-fullscreen-select-master/css/bootstrap-fullscreen-select.css.minified.css?v10.16.5
54.230.111.42200 OK 0 B URL HTTP/2 cdn.123formbuilder.com/libraries/bootstrap-fullscreen-select-master/css/bootstrap-fullscreen-select.css.minified.css?v10.16.5
IP 54.230.111.42:0
GET /libraries/bootstrap-fullscreen-select-master/css/bootstrap-fullscreen-select.css.minified.css?v10.16.5 HTTP/1.1
Host: cdn.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Mon, 20 Mar 2023 14:07:08 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 14:01:05 GMT
etag: W/"dd06b822f5cddc9992b89290e1d5b892"
x-amz-server-side-encryption: AES256
cache-control: max-age=2419200, public
x-amz-version-id: _y8J37HchjvoeR18DTAjUDvZBVOk9smS
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xjlhki45bc63rF2vIsRXnLA1Z7upmBh9irkOY77j5cCmoRNiG5AjIw==
age: 62656
X-Firefox-Spdy: h2
cdn.123formbuilder.com/modules/Typescript/Form/vendor/JQuery/jquery-3.2.1.js.minified.js?v10.16.5
54.230.111.42200 OK 0 B URL HTTP/2 cdn.123formbuilder.com/modules/Typescript/Form/vendor/JQuery/jquery-3.2.1.js.minified.js?v10.16.5
IP 54.230.111.42:0
GET /modules/Typescript/Form/vendor/JQuery/jquery-3.2.1.js.minified.js?v10.16.5 HTTP/1.1
Host: cdn.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 20 Mar 2023 14:07:08 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 14:01:11 GMT
etag: W/"09dd64a64ba840c31a812a3ca25eaeee"
x-amz-server-side-encryption: AES256
cache-control: max-age=2419200, public
x-amz-version-id: u1WPqrhR9OzdhX4hGEIY2rNQD._lVKeN
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IzSIt1frmi5m8tp1o_MTxYDaPcQmOXvBqlTucVlZpV9WtsSQPvWJPw==
age: 62656
X-Firefox-Spdy: h2
cdn.123formbuilder.com/modules/123fb-frontend/dist/js/formView-rules.bundle.js?v10.16.5
54.230.111.42200 OK 0 B URL HTTP/2 cdn.123formbuilder.com/modules/123fb-frontend/dist/js/formView-rules.bundle.js?v10.16.5
IP 54.230.111.42:0
GET /modules/123fb-frontend/dist/js/formView-rules.bundle.js?v10.16.5 HTTP/1.1
Host: cdn.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 20 Mar 2023 14:07:08 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 14:01:07 GMT
etag: W/"783439424ee0261831197bfa7747db4e"
x-amz-server-side-encryption: AES256
cache-control: max-age=2419200, public
x-amz-version-id: evRFQuXBf_fn7lh9HwhLzocXWXaoUKAU
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Z9v-WQNdbwshaLkJ7sjqrarJY8HnMJjLKtm69IW2F0QltouggsdBCA==
age: 62656
X-Firefox-Spdy: h2
cdn.123formbuilder.com/libraries/perfect-scrollbar/css/perfect-scrollbar.css.minified.css?v10.16.5
54.230.111.42200 OK 0 B URL HTTP/2 cdn.123formbuilder.com/libraries/perfect-scrollbar/css/perfect-scrollbar.css.minified.css?v10.16.5
IP 54.230.111.42:0
GET /libraries/perfect-scrollbar/css/perfect-scrollbar.css.minified.css?v10.16.5 HTTP/1.1
Host: cdn.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Mon, 20 Mar 2023 14:07:08 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 14:01:06 GMT
etag: W/"e0e629148d49af30208a775cca5a5919"
x-amz-server-side-encryption: AES256
cache-control: max-age=2419200, public
x-amz-version-id: Q25Nd7vwps1eVP29gpMyEogT46hU8IKs
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wOMZe2B9cTBv6FE8vVUAxIX8HVujsfcEn89IPO3tVYDkVGiiuripyA==
age: 62656
X-Firefox-Spdy: h2
cdn.123formbuilder.com/modules/Typescript/JQL/src/ts-module/JQL/Lexer/JQLGrammar.js.minified.js?v10.16.5
54.230.111.42200 OK 0 B URL HTTP/2 cdn.123formbuilder.com/modules/Typescript/JQL/src/ts-module/JQL/Lexer/JQLGrammar.js.minified.js?v10.16.5
IP 54.230.111.42:0
GET /modules/Typescript/JQL/src/ts-module/JQL/Lexer/JQLGrammar.js.minified.js?v10.16.5 HTTP/1.1
Host: cdn.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 20 Mar 2023 14:07:08 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 14:01:11 GMT
etag: W/"e503eae66f03bc43129af5385db63bfe"
x-amz-server-side-encryption: AES256
cache-control: max-age=2419200, public
x-amz-version-id: e1G_4P3P.Gllh9UVPnudMl7C2fkTkhRB
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Noueyt2pq3AsPGAo_3suISC7AITU3LJLTDH-mWa_7i0OKKXEwXAAtQ==
age: 62656
X-Firefox-Spdy: h2
cdn.123formbuilder.com/modules/123fb-frontend/dist/css/formView-index.styles.css?v10.16.5
54.230.111.42200 OK 0 B URL HTTP/2 cdn.123formbuilder.com/modules/123fb-frontend/dist/css/formView-index.styles.css?v10.16.5
IP 54.230.111.42:0
GET /modules/123fb-frontend/dist/css/formView-index.styles.css?v10.16.5 HTTP/1.1
Host: cdn.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Mon, 20 Mar 2023 14:07:08 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 14:01:07 GMT
etag: W/"6772380f009bc181e85d00e15ce81de3"
x-amz-server-side-encryption: AES256
cache-control: max-age=2419200, public
x-amz-version-id: ovXrZvt2lPF4r6HyqWGr6uvafPfnG9U8
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QLl_rptUU31q8MN3cZndfTz4rxGFvlc-MdECLdhyJ-ZlBx2CIzwxog==
age: 62656
X-Firefox-Spdy: h2
cdn.123formbuilder.com/libraries/bootstrap-fullscreen-select-master/js/bootstrap-fullscreen-select.min.js?v10.16.5
54.230.111.42200 OK 0 B URL HTTP/2 cdn.123formbuilder.com/libraries/bootstrap-fullscreen-select-master/js/bootstrap-fullscreen-select.min.js?v10.16.5
IP 54.230.111.42:0
GET /libraries/bootstrap-fullscreen-select-master/js/bootstrap-fullscreen-select.min.js?v10.16.5 HTTP/1.1
Host: cdn.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 20 Mar 2023 14:07:08 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 14:01:05 GMT
etag: W/"4d3fb15c4f404c96db32b580877e89d1"
x-amz-server-side-encryption: AES256
cache-control: max-age=2419200, public
x-amz-version-id: gmPIWT1WiTh9KFXQAqDpwHsR.X4ZJV3T
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fisCWpN-C0Jkm8KajDdZI66IYsTtRZlCI2vz2ALBgJUUv4RUWjfrrQ==
age: 62656
X-Firefox-Spdy: h2
cdn.123formbuilder.com/modules/123fb-frontend/dist/js/formView-vendors.bundle.js?v10.16.5
54.230.111.42200 OK 0 B URL HTTP/2 cdn.123formbuilder.com/modules/123fb-frontend/dist/js/formView-vendors.bundle.js?v10.16.5
IP 54.230.111.42:0
GET /modules/123fb-frontend/dist/js/formView-vendors.bundle.js?v10.16.5 HTTP/1.1
Host: cdn.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 20 Mar 2023 14:07:08 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 14:01:07 GMT
etag: W/"2ef2a51466b28bfc2a873ff71363b274"
x-amz-server-side-encryption: AES256
cache-control: max-age=2419200, public
x-amz-version-id: XsQT3e2EnWD_ScDgf8AWY7ZNW7tr5XaF
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x0VjXAZnqTdQ02-iBGTe3_odRfbFtk1dhNYpR3WQH-2yeQQaUt9PEg==
age: 62656
X-Firefox-Spdy: h2
cdn.123formbuilder.com/modules/123fb-frontend/dist/js/formView-index.bundle.js?v10.16.5
54.230.111.42200 OK 0 B URL HTTP/2 cdn.123formbuilder.com/modules/123fb-frontend/dist/js/formView-index.bundle.js?v10.16.5
IP 54.230.111.42:0
GET /modules/123fb-frontend/dist/js/formView-index.bundle.js?v10.16.5 HTTP/1.1
Host: cdn.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 20 Mar 2023 14:07:08 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 14:01:07 GMT
etag: W/"65dfe4496e73eea878282ea74623f2a9"
x-amz-server-side-encryption: AES256
cache-control: max-age=2419200, public
x-amz-version-id: CNK94fnMoTK5u9uAESE9739ujsDzqLfF
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GHz4jr7Mng_teGZsDwIq5TtfPMqLRuvhDSPwvYCJalN6DDe42y7vgQ==
age: 62656
X-Firefox-Spdy: h2
www.midwayestates.com/wp-content/uploads/sites/65/2022/06/7O0A3557-scaled.jpg
173.230.139.99200 OK 0 B URL HTTP/1.1 www.midwayestates.com/wp-content/uploads/sites/65/2022/06/7O0A3557-scaled.jpg
IP 173.230.139.99:0
GET /wp-content/uploads/sites/65/2022/06/7O0A3557-scaled.jpg HTTP/1.1
Host: www.midwayestates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.midwayestates.com/
Cookie: _ga_ZD78G3NY4Q=GS1.1.1679383885.1.0.1679383885.0.0.0; _ga=GA1.1.174757147.1679383885
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 21 Mar 2023 07:31:23 GMT
Content-Type: image/jpeg
Content-Length: 1224246
Last-Modified: Wed, 15 Jun 2022 16:25:29 GMT
Connection: keep-alive
ETag: "62aa07f9-12ae36"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
cdn.123formbuilder.com/modules/Typescript/Form/css/mobile-app.css.minified.css?v10.16.5
54.230.111.42200 OK 0 B URL HTTP/2 cdn.123formbuilder.com/modules/Typescript/Form/css/mobile-app.css.minified.css?v10.16.5
IP 54.230.111.42:0
GET /modules/Typescript/Form/css/mobile-app.css.minified.css?v10.16.5 HTTP/1.1
Host: cdn.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Mon, 20 Mar 2023 14:07:08 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 14:01:10 GMT
etag: W/"a939aa207aeb26916e1d9f0ccb7cf888"
x-amz-server-side-encryption: AES256
cache-control: max-age=2419200, public
x-amz-version-id: nofFKHZOCYUB_VPqW_77VTtVfrLqukeu
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V87Ker97vitRk2wStC66gSwtjw3JUPvc0BxJxWb4zDYAceLrI1lBPQ==
age: 62656
X-Firefox-Spdy: h2
cdn.123formbuilder.com/libraries/perfect-scrollbar/js/perfect-scrollbar.jquery.js.minified.js?v10.16.5
54.230.111.42200 OK 0 B URL HTTP/2 cdn.123formbuilder.com/libraries/perfect-scrollbar/js/perfect-scrollbar.jquery.js.minified.js?v10.16.5
IP 54.230.111.42:0
GET /libraries/perfect-scrollbar/js/perfect-scrollbar.jquery.js.minified.js?v10.16.5 HTTP/1.1
Host: cdn.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 20 Mar 2023 14:07:08 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 14:01:06 GMT
etag: W/"077057f0b82448367d5f8085f6efeff8"
x-amz-server-side-encryption: AES256
cache-control: max-age=2419200, public
x-amz-version-id: 5eVXuT9AjJVjzbwQSlNOYA7LHXSeuPzb
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DzN_4QE8xu6Vs4H4XvQbAS_IlRFq-aTKZ3Jwf0suAjXzhTJO6aB8mQ==
age: 62656
X-Firefox-Spdy: h2
cdn.123formbuilder.com/modules/captainform/js/iframe_resizer/3.6/iframeResizer.contentWindow.min.js.minified.js?v10.16.5
54.230.111.42200 OK 0 B URL HTTP/2 cdn.123formbuilder.com/modules/captainform/js/iframe_resizer/3.6/iframeResizer.contentWindow.min.js.minified.js?v10.16.5
IP 54.230.111.42:0
GET /modules/captainform/js/iframe_resizer/3.6/iframeResizer.contentWindow.min.js.minified.js?v10.16.5 HTTP/1.1
Host: cdn.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 20 Mar 2023 14:07:08 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 14:01:15 GMT
etag: W/"8ff99c0ab77c8b3a9327e27b0e13e6f7"
x-amz-server-side-encryption: AES256
cache-control: max-age=2419200, public
x-amz-version-id: fp02.y7sOHQXPqr7fFOvZUo7P6z6N9oM
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Bjo6RGN4fCae1H2vkEQU_D7u7eD7ftyLQ_4OZrJ1r76CpsR25Tezng==
age: 62656
X-Firefox-Spdy: h2
cdn.123formbuilder.com/modules/123fb-frontend/dist/js/formView-commons.bundle.js?v10.16.5
54.230.111.42200 OK 0 B URL HTTP/2 cdn.123formbuilder.com/modules/123fb-frontend/dist/js/formView-commons.bundle.js?v10.16.5
IP 54.230.111.42:0
GET /modules/123fb-frontend/dist/js/formView-commons.bundle.js?v10.16.5 HTTP/1.1
Host: cdn.123formbuilder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.123formbuilder.com/
Cookie: PHPSESSID-US=c8sqs7r7h0kiv3o1u9pt9flvu6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 20 Mar 2023 14:07:08 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Mar 2023 14:01:07 GMT
etag: W/"7c2904f0b26e319121bd014ea6a16602"
x-amz-server-side-encryption: AES256
cache-control: max-age=2419200, public
x-amz-version-id: YIFObBYDtJEFFCqdCpKmAiP3hs6a13Ws
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _-UIu24cl_dQfPJ5gdw9lVxu3e-e6wmR6iC7qYgwcvyOY_FVvkyzSg==
age: 62656
X-Firefox-Spdy: h2