Report - stpaulfirefoundation.org/vnm/vb/login.php

Report Overview

Submitted URL
stpaulfirefoundation.org/vnm/vb/login.php
IP
198.71.190.156
ASN
#398101 GO-DADDY-COM-LLC
Submitted
2022-09-26 18:21:17
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.242.3.166
img1.wsimg.com	9893	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	888 B	23.36.79.16
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	46 kB	142.250.74.163
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	66 kB	34.120.237.76
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	20 kB	142.250.74.174
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	518 B	746 B	142.250.74.10
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	2.3 kB	192.124.249.22
stpaulfirefoundation.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	397 kB	198.71.190.156
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	43 kB	142.250.74.72
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	5.6 kB	142.250.74.3
img6.wsimg.com	15438	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	819 B	20 kB	23.36.79.16

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-26	medium	stpaulfirefoundation.org/vnm/vb/login.php	Phishing
2022-09-26	medium	stpaulfirefoundation.org/vnm/vb/login.php	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js	46 kB	2023-03-07	2023-10-15
Pretty URL img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js IP 23.36.79.16 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:41 Last Seen2023-10-15 17:43:59 Times Seen9 Hash 362d20193a8fed115f99b16a157b7fc4 011964518b319a5aa479bf5c38bb8e15dd56138e 6cb0efedc1729d965016a35584cb00b03aa46e1a5e170f4b3ce092c7c3e99ec7 Loading...

	stpaulfirefoundation.org/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.13.1	16 kB	2023-03-07	2024-05-05
Pretty URL stpaulfirefoundation.org/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.13.1 IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-05-05 17:31:23 Times Seen1190 Hash 78f792b41dfe4097675e09e805529455 57cc1e04e0235d54bc197945b9d0f167d9454244 ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143 Loading...

	stpaulfirefoundation.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2	19 kB	2023-03-07	2024-05-07
Pretty URL stpaulfirefoundation.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-07 18:09:18 Times Seen38210 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	stpaulfirefoundation.org/	369 B	2023-03-07	2024-05-03
Pretty URL stpaulfirefoundation.org/ IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-05-03 13:57:03 Times Seen700 Hash 199d3f2d880a45cb76f4d355f5edf5ed e7a478ac7c81b36e22894fd2be69085c6dba81d8 38db327084e1b800d3f263fe22995a999545eb07b01fa350bc2453f940fa8795 Loading...

	stpaulfirefoundation.org/	509 B	2023-03-08	2023-03-08
Pretty URL stpaulfirefoundation.org/ IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:52:59 Last Seen2023-03-08 01:52:59 Times Seen1 Hash 6b651c3cd4bdcf6de7fbea337f47efac 21ec6e6da119d4f2c45947de4f68885f3c2727c8 cedef746f0139524bc3fb3413569e398798fe7330db7e723cac34c5db3ac38e9 Loading...

	www.google-analytics.com/plugins/ua/linkid.js	1.6 kB	2023-03-07	2024-05-06
Pretty URL www.google-analytics.com/plugins/ua/linkid.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-06 13:19:47 Times Seen1993 Hash 0cc3a63fe10060af4a349e5df666eefe 3e8d3925b550345123f2cab26568221fd4154f9c 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Loading...

	stpaulfirefoundation.org/	5.6 kB	2023-03-08	2023-03-26
Pretty URL stpaulfirefoundation.org/ IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:46:56 Last Seen2023-03-26 11:32:20 Times Seen2 Hash de294c61ee512000e7493c1711979cde f09bfade5231e48f1b0896b365747647e1d599fc 49d6d6a7179b624463a7d9e1e39ef8d0f902e903df553bdf3ef8626bcb285624 Loading...

	www.googletagmanager.com/gtag/js?id=UA-153487811-14	109 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-153487811-14 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:52:59 Last Seen2023-03-08 01:52:59 Times Seen1 Hash 475b9a0c0e7e6026e656628e61d17fa1 b23091cfa03dfe364f75a15cba4ae2e920b634e4 fb56cee81a3c24374fc07fc611eec6b796892341980e5976b6aa005a127dd27e Loading...

	stpaulfirefoundation.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.8.2	12 kB	2023-03-07	2024-05-04
Pretty URL stpaulfirefoundation.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.8.2 IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:48 Last Seen2024-05-04 08:56:20 Times Seen5607 Hash a76f61318af036823b08d73536486be6 31ff9b215dcef9151b9f4fc50ea91a9df1962102 abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e Loading...

	stpaulfirefoundation.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-05-08
Pretty URL stpaulfirefoundation.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-08 00:54:49 Times Seen32058 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	stpaulfirefoundation.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-05-08
Pretty URL stpaulfirefoundation.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-08 00:54:49 Times Seen69108 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	stpaulfirefoundation.org/	2.2 kB	2023-03-08	2023-03-08
Pretty URL stpaulfirefoundation.org/ IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:46:56 Last Seen2023-03-08 01:52:59 Times Seen1 Hash bd977b7e9b5c4769f79b73453dfbb156 3fec97844cfae3d2f7fc7e32dd2de5a016bb8188 5956ebc38714aa5399f56396f2a920116320f0d0856041e7915a25f289f1394d Loading...

	stpaulfirefoundation.org/	379 B	2023-03-08	2023-03-26
Pretty URL stpaulfirefoundation.org/ IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:46:56 Last Seen2023-03-26 11:32:20 Times Seen2 Hash dc836f2f77b2dac527368174f8a06945 a98d942b1594235639bbce08fb916f3787a99538 eb1c4f1dc143f360fd7418a7de5ca3894e0872795d12934b87523873ad18ae83 Loading...

	stpaulfirefoundation.org/	215 B	2023-03-07	2024-05-07
Pretty URL stpaulfirefoundation.org/ IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-05-07 08:40:35 Times Seen2256 Hash 1bb7b821b587959d4c0cc406c49077ff 2cb4827d5cd5a05729418b369019b9c1eb0798ed 1f93a5f6091369b8b6cdb7be01a6c7044ec8c3af0eeac05a5f0dfb3aea2a3e31 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	stpaulfirefoundation.org/	102 B	2023-03-07	2024-05-07
Pretty URL stpaulfirefoundation.org/ IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-05-07 17:48:30 Times Seen6798 Hash 336b4b067dcb50351d5e2d7c92cf1631 9709109f27eaad0c5a1e50facc142f8f197a11b6 ef2f7f28db32250196ae2c8242611a7f7159c2a539dabd40b82071b1c07561c6 Loading...

	img1.wsimg.com/traffic-assets/js/tccl-tti.min.js	25 kB	2023-03-07	2024-02-02
Pretty URL img1.wsimg.com/traffic-assets/js/tccl-tti.min.js IP 23.36.79.16 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:41 Last Seen2024-02-02 18:24:37 Times Seen8238 Hash ce554d2333f3801abafb32da18213ff7 ef2b32494849244d9b9d8c23178e082cec9eab7f 6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312 Loading...

	stpaulfirefoundation.org/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.13.1	160 kB	2023-03-07	2024-03-21
Pretty URL stpaulfirefoundation.org/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.13.1 IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:31 Last Seen2024-03-21 14:43:11 Times Seen107 Hash 9da4dc3cac95cbcfdcea35bc1f9b916e ab1be13f2b56bd6c3960543e6d79eddc456e13f7 4c2679ba71cd1e1cde5921cc43c8ffbaa524a86a907dd46c08e3b2d394511c49 Loading...

	stpaulfirefoundation.org/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10	6.2 kB	2023-03-07	2024-05-03
Pretty URL stpaulfirefoundation.org/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10 IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-05-03 08:12:04 Times Seen830 Hash b739d72c47c93702aef206eb58857289 fdc2a712672c64f317df41073aec28d7b01a5e6e dcbe862273a5d7cb61ffaa1eda7e0a1ecb466ca5e08a592fae3e6d1824960293 Loading...

	stpaulfirefoundation.org/wp-includes/js/hoverIntent.min.js?ver=1.10.2	1.5 kB	2023-03-07	2024-05-08
Pretty URL stpaulfirefoundation.org/wp-includes/js/hoverIntent.min.js?ver=1.10.2 IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:10 Last Seen2024-05-08 00:40:15 Times Seen27596 Hash 8c0498e2f1f7a684a8d2a3feb934b64b 76099689ccaee466d4608da621c403b368dcae03 ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40 Loading...

	stpaulfirefoundation.org/	727 B	2023-03-08	2023-03-26
Pretty URL stpaulfirefoundation.org/ IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:46:56 Last Seen2023-03-26 11:32:20 Times Seen2 Hash 688060ee85d81ff9dec46299301ab3f8 71e82aa0dc61edfb62060b6a73d874b45e44b9ae d27bed01ff59d22e3f730ecf21d130bc14a405ca001f9316044bbdbf2db033ac Loading...

	stpaulfirefoundation.org/	589 B	2023-03-07	2024-05-07
Pretty URL stpaulfirefoundation.org/ IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:41 Last Seen2024-05-07 05:00:04 Times Seen349 Hash 3a9846d5452eae5ba3ea77211d93d43e 0865571280ff437d40eacc8b0a2beeefdaaa4db9 107b854fc832809a763ca32c4e379f3da6a9a96fce0152e377972bc5905cb70c Loading...

HTTP Transactions (64)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15792
Expires: Mon, 26 Sep 2022 22:44:18 GMT
Date: Mon, 26 Sep 2022 18:21:06 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 18:15:19 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fwxCkxhXSjRuwu4Pbp0PAmHFPr1E_n_wej4TwWSuhMgpU6Od91apBQ==
Age: 347

stpaulfirefoundation.org/vnm/vb/login.php

198.71.190.156

301 Moved Permanently

212 B

URL HTTP/1.1
stpaulfirefoundation.org/vnm/vb/login.php
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
212 B (212 bytes)
Hash
b79890f627e67a03e47c4fc78964ed14
c6b9c4d77e80dc4f0711e6576d29f3eb6d4845e9
2108677fba247a71a96f97fc361621f77edb91f61c8f5d442cf3ec68a33e2fa7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /vnm/vb/login.php HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Age: 64408
Content-Encoding: gzip
Content-Length: 212
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 26 Sep 2022 00:27:37 GMT
Location: https://stpaulfirefoundation.org/vnm/vb/login.php
Vary: User-Agent, Accept-Encoding
X-Backend: local
X-Cache: cached
X-Cache-Hit: HIT
X-Cacheable: YES:Forced
X-Cacheproxy-Retries: 0/2
X-Content-Type-Options: nosniff
X-Php-Version: 7.4
X-Xss-Protection: 1; mode=block

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1017811d25642601e984edc1676d118d
c177c4f7a897584bf91347fa4990c83d6bfd0321
f35bb3a8c877dd8d3c5920f3c917722f12b157aff398e2ec30fab51fa6caa2ef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2991
Expires: Mon, 26 Sep 2022 19:10:57 GMT
Date: Mon, 26 Sep 2022 18:21:06 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: T3luffM7SnVRBw7V+OM5L2ZRqZh6E8zZov2bMSEgQaZp5V6zkS5lmR+fgd7aMtJTx+hHmFnVo44=
x-amz-request-id: XF0YD6WF5EXQEH7K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 26 Sep 2022 17:46:25 GMT
age: 2081
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 18:21:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.22

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.22:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
13a5fcfcf19e361c9dbaff72a013ce61
e9fbee65f9746e038cb228e1424e04f7ec39f540
ea450fdf1425a0fc5d87e435f372bd18a5c429a2b10799dab142c815f5ef26c9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 26 Sep 2022 18:21:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 26 Sep 2022 15:35:00 GMT
Expires: Tue, 27 Sep 2022 15:35:00 GMT
ETag: "e9fbee65f9746e038cb228e1424e04f7ec39f540"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 18:10:46 GMT
Expires: Mon, 26 Sep 2022 18:33:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: C9sDH-S0Mp1WOvhrRJjEP_Y5LoWqOKuwEJ7zUUkUX2_sHmGI-PAbVg==
Age: 621

stpaulfirefoundation.org/vnm/vb/login.php

198.71.190.156

301 Moved Permanently

0 B

URL HTTP/2
stpaulfirefoundation.org/vnm/vb/login.php
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /vnm/vb/login.php HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
server: openresty
date: Mon, 26 Sep 2022 18:21:07 GMT
content-type: text/html; charset=UTF-8
content-length: 0
age: 84541
cache-control: no-cache, must-revalidate, max-age=0
content-security-policy: upgrade-insecure-requests
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://stpaulfirefoundation.org
strict-transport-security: max-age=300
vary: User-Agent
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,0,24
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1367
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:21:07 GMT
Last-Modified: Mon, 26 Sep 2022 17:58:21 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

stpaulfirefoundation.org/

198.71.190.156

200 OK

22 kB

URL HTTP/2
stpaulfirefoundation.org/
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size
22 kB (22036 bytes)
Hash
893a29b382d7db2bf4813aad9370f119
1330438e57841f099c3ae6335934fc1df2fb5b03
ffdd33dfcb0c5f5e3d9f61ddc7697afc8689601e2ffea65e021e781de069dc9d

HTTP Headers

GET / HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:07 GMT
content-type: text/html; charset=UTF-8
content-length: 22036
accept-ranges: bytes
age: 3948
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=300
vary: Accept-Encoding, User-Agent
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,0,24
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

push.services.mozilla.com/

44.242.3.166

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.242.3.166:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xe29JUmxZ7ZNKAgWRAwbqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UG4swEn4uWVNOb1X+lJbGrbYEDQ=

img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js

23.36.79.16

302 Found

0 B

URL HTTP/2
img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tcc/tcc_l.combined.1.0.6.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-length: 0
location: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
cache-control: max-age=1800
expires: Mon, 26 Sep 2022 18:51:07 GMT
date: Mon, 26 Sep 2022 18:21:07 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

img1.wsimg.com/traffic-assets/js/tccl-tti.min.js

23.36.79.16

302 Found

0 B

URL HTTP/2
img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /traffic-assets/js/tccl-tti.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-length: 0
location: https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
cache-control: max-age=1800
expires: Mon, 26 Sep 2022 18:51:08 GMT
date: Mon, 26 Sep 2022 18:21:08 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

img1.wsimg.com/traffic-assets/js/tccl.min.js

23.36.79.16

302 Found

0 B

URL HTTP/2
img1.wsimg.com/traffic-assets/js/tccl.min.js
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /traffic-assets/js/tccl.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://stpaulfirefoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
content-length: 0
location: https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
cache-control: max-age=1800
expires: Mon, 26 Sep 2022 18:51:08 GMT
date: Mon, 26 Sep 2022 18:21:08 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1db3e1d6bf7a5e2d0c87eab75a6e52fe
b923a169beb9248ea6a5070a04b57bc0aa44799b
f35aafc9c21937ac03d9b711aa18ef518aaaec6d0f9dbcecb42f757a0e70915c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:21:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:21:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

23.36.79.16

200 OK

7.5 kB

URL HTTP/2
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (24676)
Size
7.5 kB (7498 bytes)
Hash
b8a5a228a358454084c34dd1cf431c61
37aa5fe6e083b8147156ca66a1993a7bd74e8a61
06fae5ccf58a27a8e2ae6a0e7722f42db507c1873751f587cddd090810d94492

HTTP Headers

GET /wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://stpaulfirefoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "ce554d2333f3801abafb32da18213ff7"
last-modified: Mon, 17 Jan 2022 17:21:37 GMT
vary: Accept-Encoding
x-edgeconnect-midmile-rtt: 8
x-edgeconnect-origin-mex-latency: 357
x-amz-id-2: nldPfdb2FYbpxPRfMYRSd83AOL7ZmlBdZQSm5hguJELKdfn8+sza0oLEpTYjiKd2JeD3gDplFHw=
x-amz-request-id: RJ3J3PMANG6125DE
x-amz-server-side-encryption: AES256
x-amz-version-id: F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-length: 7498
x-edgeconnect-cache-status: 1
cache-control: max-age=31536000
date: Mon, 26 Sep 2022 18:21:08 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js

23.36.79.16

200 OK

11 kB

URL HTTP/2
img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (45500)
Size
11 kB (11155 bytes)
Hash
1ac00b5d5abfa64175a140de3f29a8e2
c07c5611cfff3ec4c7034134e4148f177242908c
65198366099c4eea2ed8a4dbe30fbb7896435a3505c5265260715d3385058378

HTTP Headers

GET /wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://stpaulfirefoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "362d20193a8fed115f99b16a157b7fc4"
last-modified: Mon, 11 Apr 2022 14:15:53 GMT
vary: Accept-Encoding
x-amz-id-2: 73c+ZpWNgBh9xtilh6Nj22iH/BmUfkHwAgj9PgWHmvdTmSCUhi96da6Ell5SKHaif06RANK80zY=
x-amz-request-id: N5JSXGJTVEFZM8E9
x-amz-server-side-encryption: AES256
x-amz-version-id: Z0H0F1CdjRUI_nRMydHHi17Rv0HOw5tB
content-length: 11155
x-edgeconnect-midmile-rtt: 15, 15
x-edgeconnect-origin-mex-latency: 135, 135
x-edgeconnect-cache-status: 1
cache-control: max-age=31536000
date: Mon, 26 Sep 2022 18:21:08 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-153487811-14

142.250.74.72

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-153487811-14
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1720)
Size
42 kB (42210 bytes)
Hash
1aefce9d997da2e5dafc787eda35f07d
1033723d275f24604eb6a8da2056681c06b9b3cd
937aa41a37538b82c11405f9b0aaacbd222019bcc893aa6dd77cda363a626ed6

HTTP Headers

GET /gtag/js?id=UA-153487811-14 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 26 Sep 2022 18:21:08 GMT
expires: Mon, 26 Sep 2022 18:21:08 GMT
cache-control: private, max-age=900
last-modified: Mon, 26 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42210
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2

198.71.190.156

200 OK

12 kB

URL HTTP/2
stpaulfirefoundation.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (43771)
Size
12 kB (11681 bytes)
Hash
e5548800176e913a9084f47a3e1e04f6
eff4604acc5c26ae82a19188de2f98bf5b79d80c
a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:08 GMT
content-type: text/css
content-length: 11681
accept-ranges: bytes
age: 171248
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "15b64-5e90562bcb421-gzip"
last-modified: Mon, 19 Sep 2022 10:43:44 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.8.10

198.71.190.156

200 OK

564 B

URL HTTP/2
stpaulfirefoundation.org/wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.8.10
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (1682), with no line terminators
Size
564 B (564 bytes)
Hash
6205092ad27790a14eed0ea9cf67d3d9
60940a311152a9f199bfba9a30b3aa2a96adb574
faafc2df9989625a6a3a1af4a3f31eef0f33f5c496e43278e14ea30a08403ac7

HTTP Headers

GET /wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.8.10 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:08 GMT
content-type: text/css
content-length: 564
accept-ranges: bytes
age: 171248
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "692-5e8cd5d744b62-gzip"
last-modified: Fri, 16 Sep 2022 15:53:37 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12

198.71.190.156

200 OK

161 B

URL HTTP/2
stpaulfirefoundation.org/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (327)
Size
161 B (161 bytes)
Hash
b99e67fe7419c667a1d0236a1823a1f6
6e8bf1cbcac35ea75637be52099b2de73dba7c7d
38be94774abf0e8cfe78738ff13d9c6323f92fc4df3acbb6423a8d44f64a66b7

HTTP Headers

GET /wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:08 GMT
content-type: text/css
content-length: 161
accept-ranges: bytes
age: 171248
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "148-5b6ad540897c0-gzip"
last-modified: Thu, 17 Dec 2020 18:40:39 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:21:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1db3e1d6bf7a5e2d0c87eab75a6e52fe
b923a169beb9248ea6a5070a04b57bc0aa44799b
f35aafc9c21937ac03d9b711aa18ef518aaaec6d0f9dbcecb42f757a0e70915c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:21:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stpaulfirefoundation.org/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.13.1

198.71.190.156

200 OK

31 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.13.1
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (31417 bytes)
Hash
8c9649b6fcda19aa25072ac4f02fb351
39958c209853396f76486ed5c441954d8e077f04
7c99d0b83c76494686a0cdbefbfc9f0b869e51a325c7e3ea2f9b805ddca37599

HTTP Headers

GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.13.1 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:08 GMT
content-type: text/css
content-length: 31417
accept-ranges: bytes
age: 171248
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "2a3e5-5b6ad540897c0-gzip"
last-modified: Thu, 17 Dec 2020 18:40:39 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/themes/flatsome-child/style.css?ver=3.0

198.71.190.156

200 OK

211 B

URL HTTP/2
stpaulfirefoundation.org/wp-content/themes/flatsome-child/style.css?ver=3.0
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text
Size
211 B (211 bytes)
Hash
cf04568241f593ca0756d8cc3eca79a1
d4a11a9168b686e936267bbb2a13a20d78768832
5d00bfafd7eaf2282efb87bf13ec66f5840cfd9bf968a331d3bb3d31e73673b7

HTTP Headers

GET /wp-content/themes/flatsome-child/style.css?ver=3.0 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:08 GMT
content-type: text/css
content-length: 211
accept-ranges: bytes
age: 171248
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "12f-5a40ae8f8a27c-gzip"
last-modified: Fri, 24 Apr 2020 15:20:48 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.8.2

198.71.190.156

200 OK

3.2 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.8.2
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (1577)
Size
3.2 kB (3246 bytes)
Hash
c34cd9056898ce3e7925aadfcccde46a
9ce2c46a7477b6da5dd635e5692d260ee02b7415
0bfed6a25c6d1ef5549ef4fc25cee8a871fdd6b85235bf61e2eb2830dbbc1294

HTTP Headers

GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.8.2 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:08 GMT
content-type: application/javascript
content-length: 3246
accept-ranges: bytes
age: 171248
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "2e7a-5e8cd5d435403-gzip"
last-modified: Fri, 16 Sep 2022 15:53:34 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

198.71.190.156

200 OK

31 kB

URL HTTP/2
stpaulfirefoundation.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (65447)
Size
31 kB (30908 bytes)
Hash
9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:08 GMT
content-type: application/javascript
content-length: 30908
accept-ranges: bytes
age: 171248
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "15db1-5e90562c64d36;5a240e4da4f7b
last-modified: Mon, 19 Sep 2022 10:43:44 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

198.71.190.156

200 OK

4.2 kB

URL HTTP/2
stpaulfirefoundation.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (11126)
Size
4.2 kB (4169 bytes)
Hash
5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:08 GMT
content-type: application/javascript
content-length: 4169
accept-ranges: bytes
age: 171248
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "2bd8-5e90562c639ae-gzip"
last-modified: Mon, 19 Sep 2022 10:43:44 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-includes/js/hoverIntent.min.js?ver=1.10.2

198.71.190.156

200 OK

706 B

URL HTTP/2
stpaulfirefoundation.org/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (1464)
Size
706 B (706 bytes)
Hash
e26e2ba5d82da6211e981bf0e962fe00
ca7358efdb6852cfb78ec32383eaef15ac6cb61b
400f6ae8a00e7eabb07284d8cd8715579e9a3721fa463e508b5d40b83cde1447

HTTP Headers

GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:08 GMT
content-type: application/javascript
content-length: 706
accept-ranges: bytes
age: 171248
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "5db-5e90562c318e2-gzip"
last-modified: Mon, 19 Sep 2022 10:43:44 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.13.1

198.71.190.156

200 OK

5.1 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.13.1
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (12801)
Size
5.1 kB (5106 bytes)
Hash
c6f36881e478d749d49956a0ac121d1e
515be595d70805e7f9a3099c75fa40e9c9edc131
5ced2bca148339c2dfd7efb910eca401b02734bada4b12060cd129b2b1afa034

HTTP Headers

GET /wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.13.1 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:08 GMT
content-type: application/javascript
content-length: 5106
accept-ranges: bytes
age: 171248
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "3e04-5b6ad5482a9c0-gzip"
last-modified: Thu, 17 Dec 2020 18:40:47 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2

198.71.190.156

200 OK

5.0 kB

URL HTTP/2
stpaulfirefoundation.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (15660)
Size
5.0 kB (5009 bytes)
Hash
e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:08 GMT
content-type: application/javascript
content-length: 5009
accept-ranges: bytes
age: 171248
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "48b9-5e90562c76a60-gzip"
last-modified: Mon, 19 Sep 2022 10:43:44 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.13.1

198.71.190.156

200 OK

45 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.13.1
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (21487)
Size
45 kB (45240 bytes)
Hash
395bb0dbbc1d7edc8833ff1b386b6d5a
1234aedc5ab1fd23bbf1a32fb45a702a5834e285
951f4154cf420de2f02c44356dcf6d3bdb6e40b6b6f30d1e34cd79b0008ed4cb

HTTP Headers

GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.13.1 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:08 GMT
content-type: application/javascript
content-length: 45240
accept-ranges: bytes
age: 171248
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "26f11-5b6ad540897c0-gzip"
last-modified: Thu, 17 Dec 2020 18:40:39 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10

198.71.190.156

200 OK

2.6 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (6210), with no line terminators
Size
2.6 kB (2559 bytes)
Hash
dfcc74301f163fabd32e3256b91ba54e
3e861de3c9a7d5638eb7da2274f50274cde6cc0c
0611e07de6e96239da5373ee60ec187406e535614413b431c823fa3c21ecf8d7

HTTP Headers

GET /wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:08 GMT
content-type: application/javascript
content-length: 2559
accept-ranges: bytes
age: 171248
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "1842-5e8cd5d742c22-gzip"
last-modified: Fri, 16 Sep 2022 15:53:37 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/uploads/2020/11/spff-logo-initials-notagline-red.png

198.71.190.156

200 OK

30 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/uploads/2020/11/spff-logo-initials-notagline-red.png
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 1438 x 773, 8-bit/color RGBA, non-interlaced\012- data
Size
30 kB (30073 bytes)
Hash
fba114f39f7e6b81d7fb080394ec30e3
cc6971991578001246603f18b4009ecb835de0b6
0414bf36c32f4cc7872dc452c07b13d85d1fed04dd1138f522411d4bce53e2bb

HTTP Headers

GET /wp-content/uploads/2020/11/spff-logo-initials-notagline-red.png HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:08 GMT
content-type: image/png
content-length: 30073
accept-ranges: bytes
age: 171248
content-security-policy: upgrade-insecure-requests
etag: "7579-5b51bee75df40"
last-modified: Fri, 27 Nov 2020 19:47:33 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/uploads/2020/11/spff-logo-initials-notagline-white.png

198.71.190.156

200 OK

29 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/uploads/2020/11/spff-logo-initials-notagline-white.png
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 1438 x 773, 8-bit/color RGBA, non-interlaced\012- data
Size
29 kB (29262 bytes)
Hash
e66d9a3c6015b356d4f9d9fd73557083
6c43dc7c4db383af14319ef4ee4c35fa53559992
ad6274c1cca57acb53b9117a12a97119eb371b37ad00125d3f351f5d6e5507cd

HTTP Headers

GET /wp-content/uploads/2020/11/spff-logo-initials-notagline-white.png HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:08 GMT
content-type: image/png
content-length: 29262
accept-ranges: bytes
age: 171248
content-security-policy: upgrade-insecure-requests
etag: "724e-5b51b8c786c40"
last-modified: Fri, 27 Nov 2020 19:20:09 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:21:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:21:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:21:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Size
16 kB (15752 bytes)
Hash
b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://stpaulfirefoundation.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:40:23 GMT
expires: Thu, 21 Sep 2023 19:40:23 GMT
cache-control: public, max-age=31536000
age: 427245
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

142.250.74.163

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size
17 kB (16740 bytes)
Hash
e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://stpaulfirefoundation.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 18:53:39 GMT
expires: Tue, 19 Sep 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 602849
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzYw.woff2

142.250.74.163

200 OK

10 kB

URL HTTP/2
fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzYw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 10444, version 1.0\012- data
Size
10 kB (10444 bytes)
Hash
35b05af911a7a688519ba464dfc04bc5
fcd385af42e89d0a72d676efce05c79086407e14
8e59456a560f58d0b6b7934bfc06e0b2faee5d61e2bdb10eef541dd66bfebe0d

HTTP Headers

GET /s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzYw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://stpaulfirefoundation.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 16:33:38 GMT
expires: Mon, 25 Sep 2023 16:33:38 GMT
cache-control: public, max-age=31536000
age: 92850
last-modified: Wed, 27 Apr 2022 15:44:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:21:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stpaulfirefoundation.org/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2

198.71.190.156

200 OK

6.5 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
Web Open Font Format (Version 2), TrueType, length 6536, version 1.0\012- data
Size
6.5 kB (6536 bytes)
Hash
21c4c69602dadee988f10c502b44d1c1
7d28ed1775492300f859296ef85ce371c26a6ff3
815e5395652e03d7051b767baade615d279fe3644bbf8f8bbdc54a8b9573be67

HTTP Headers

GET /wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:08 GMT
content-type: font/woff2
content-length: 6536
accept-ranges: bytes
access-control-allow-origin: *
age: 171249
content-security-policy: upgrade-insecure-requests
etag: "1988-5b6ad540897c0"
last-modified: Thu, 17 Dec 2020 18:40:39 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18609
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 18:21:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18609
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 18:21:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18609
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 18:21:09 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10279 bytes)
Hash
8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qvSIyV7uvUzXFn6Sw3izoZxQoFbmyRzQ9WKl33D7fNTcuV6WXTzD9Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 05:01:28 GMT
age: 47981
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5157 bytes)
Hash
2fe8c4f0c70fb6c1f4259eabedc7015e
85e378d0fff856832a8dd01743516b9476fed8c6
508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 72653
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11728 bytes)
Hash
968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H4KXhBaRw3SvzBrbl30mV6R_vJ8bXBkyicb8fQiTp6YSBHjE8iFkNQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:49:56 GMT
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
age: 70273
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8637 bytes)
Hash
d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HCJ483GPdpPhC7oYm1GrA02BqqST9sfqfCBSA93rZqaQYl-jezgP5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:20:40 GMT
age: 72029
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13584 bytes)
Hash
2c11e6fef1be62b971bd9daf378bfc95
ef9d756cbcda72cf7ef5029b7d384cd1fbaed633
b8369f83d6dddcd2355b81d8eb200791788165e56881ce21e1a1e9c8bb1bb2ef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13584
x-amzn-requestid: 198bd2b4-d4ae-4f19-a500-463aee52b890
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHgFdNoAMFwEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc9-19a1f7d2102820da4b21f18b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yl8BCwdlIePsc4gIX4IYH0L6NHipn_5fBsa9nyYy14w0m49jPUYXBw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:57:51 GMT
age: 73398
etag: "ef9d756cbcda72cf7ef5029b7d384cd1fbaed633"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10318 bytes)
Hash
a90590f26bae9ad9e95ffdfbfb7dd21d
cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3
33fe3394213e01d11c3e005cb5a678ba74511704d4132fc2bd9f7ad4e1b7dbfc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10318
x-amzn-requestid: 6a205445-8a9e-4f25-b144-ba6e6934d383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhFNAIAMFmBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-61ecbf9154cd56131b940ac0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qP5-TglQAoTGc78-rIK27mKRTS_WthN0OpiiMqSF-y2rmWxVOyfNVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:02:10 GMT
age: 73139
etag: "cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Mon, 26 Sep 2022 16:41:09 GMT
expires: Mon, 26 Sep 2022 18:41:09 GMT
cache-control: public, max-age=7200
age: 6000
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/uploads/2020/11/cropped-social-media-profile-image-192x192.jpg

198.71.190.156

200 OK

14 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/uploads/2020/11/cropped-social-media-profile-image-192x192.jpg
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 192x192, components 3\012- data
Size
14 kB (13785 bytes)
Hash
55c4d2c85593166f2a99474b20cc85a8
57d615c1639291eac043acd4ccd1ac71f803ec10
d3649b00c0f92a1deb363b53a95e0c92f73da64925b92c5407c736a8fa667974

HTTP Headers

GET /wp-content/uploads/2020/11/cropped-social-media-profile-image-192x192.jpg HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Cookie: _tccl_visitor=2b7e1399-3391-5f9f-952e-65c6919aa3f6; _tccl_visit=2b7e1399-3391-5f9f-952e-65c6919aa3f6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:09 GMT
content-type: image/jpeg
content-length: 13785
accept-ranges: bytes
age: 155218
content-security-policy: upgrade-insecure-requests
etag: "35d9-5b51bfa61a140"
last-modified: Fri, 27 Nov 2020 19:50:53 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/uploads/2020/11/cropped-social-media-profile-image-32x32.jpg

198.71.190.156

200 OK

5.0 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/uploads/2020/11/cropped-social-media-profile-image-32x32.jpg
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 32x32, components 3\012- data
Size
5.0 kB (5027 bytes)
Hash
48e7ba0d1fd0eee00daec8d4bed80640
763284c048ff5a088cb322f0a6618cae08642c66
c982046cfafa60ec826d7e88c3f20049d067cffa11c60a504500c3a68cb0a93d

HTTP Headers

GET /wp-content/uploads/2020/11/cropped-social-media-profile-image-32x32.jpg HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Cookie: _tccl_visitor=2b7e1399-3391-5f9f-952e-65c6919aa3f6; _tccl_visit=2b7e1399-3391-5f9f-952e-65c6919aa3f6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:09 GMT
content-type: image/jpeg
content-length: 5027
accept-ranges: bytes
age: 155222
content-security-policy: upgrade-insecure-requests
etag: "13a3-5b51bfa61a140"
last-modified: Fri, 27 Nov 2020 19:50:53 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/uploads/2020/12/spff-whatwedo-emotionaltrauma.jpg

198.71.190.156

200 OK

134 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/uploads/2020/12/spff-whatwedo-emotionaltrauma.jpg
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 872x872, components 3\012- data
Size
134 kB (133629 bytes)
Hash
3ff2139437624f93e7bdf4aa9e2e96c3
3ab9595d8af781d4c7664ba99dff5f610a0b2c8f
f9184c8703fe37b3c6623aa0f91b67e70bf0ac390658434eab95a3918acd2c50

HTTP Headers

GET /wp-content/uploads/2020/12/spff-whatwedo-emotionaltrauma.jpg HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:10 GMT
content-type: image/jpeg
content-length: 133629
accept-ranges: bytes
age: 171249
content-security-policy: upgrade-insecure-requests
etag: "209fd-5b635c23f3f00"
last-modified: Fri, 11 Dec 2020 20:01:32 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Titillium+Web%3Aregular%2C900%7COpen+Sans%3Aregular%2Cregular%7CRoboto%3Aregular%2C900%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Titillium+Web%3Aregular%2C900%7COpen+Sans%3Aregular%2Cregular%7CRoboto%3Aregular%2C900%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Titillium+Web%3Aregular%2C900%7COpen+Sans%3Aregular%2Cregular%7CRoboto%3Aregular%2C900%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 18:21:08 GMT
date: Mon, 26 Sep 2022 18:21:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/uploads/2020/12/spff-hero-blog.jpg

198.71.190.156

200 OK

0 B

URL HTTP/2
stpaulfirefoundation.org/wp-content/uploads/2020/12/spff-hero-blog.jpg
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2020/12/spff-hero-blog.jpg HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:13 GMT
content-type: image/jpeg
content-length: 143735
accept-ranges: bytes
age: 171249
content-security-policy: upgrade-insecure-requests
etag: "23177-5b635c5867ac0"
last-modified: Fri, 11 Dec 2020 20:02:27 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/uploads/2021/08/sly-dizzle-cE6SpYTfqqg-unsplash-1024x768.jpg

198.71.190.156

200 OK

0 B

URL HTTP/2
stpaulfirefoundation.org/wp-content/uploads/2021/08/sly-dizzle-cE6SpYTfqqg-unsplash-1024x768.jpg
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2021/08/sly-dizzle-cE6SpYTfqqg-unsplash-1024x768.jpg HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:13 GMT
content-type: image/jpeg
content-length: 143123
accept-ranges: bytes
age: 171249
content-security-policy: upgrade-insecure-requests
etag: "22f13-5ca509bb6e577"
last-modified: Tue, 24 Aug 2021 16:27:22 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/uploads/2020/08/stpaul-firewire-051720-1024x647.jpg

198.71.190.156

200 OK

0 B

URL HTTP/2
stpaulfirefoundation.org/wp-content/uploads/2020/08/stpaul-firewire-051720-1024x647.jpg
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2020/08/stpaul-firewire-051720-1024x647.jpg HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Cookie: _tccl_visitor=2b7e1399-3391-5f9f-952e-65c6919aa3f6; _tccl_visit=2b7e1399-3391-5f9f-952e-65c6919aa3f6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:12 GMT
content-type: image/jpeg
content-length: 114376
accept-ranges: bytes
age: 171249
content-security-policy: upgrade-insecure-requests
etag: "1bec8-5adc911d8b5c0"
last-modified: Wed, 26 Aug 2020 14:59:43 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/uploads/2020/12/spff-whatwedo-cancer.jpg

198.71.190.156

200 OK

0 B

URL HTTP/2
stpaulfirefoundation.org/wp-content/uploads/2020/12/spff-whatwedo-cancer.jpg
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2020/12/spff-whatwedo-cancer.jpg HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:10 GMT
content-type: image/jpeg
content-length: 257467
accept-ranges: bytes
age: 171249
content-security-policy: upgrade-insecure-requests
etag: "3edbb-5b635c0940000"
last-modified: Fri, 11 Dec 2020 20:01:04 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/uploads/2021/12/Thomson-Reuters-Awards-10000-to-Support-First-Responders-to-Pandemic-3-1536x864.png

198.71.190.156

200 OK

0 B

URL HTTP/2
stpaulfirefoundation.org/wp-content/uploads/2021/12/Thomson-Reuters-Awards-10000-to-Support-First-Responders-to-Pandemic-3-1536x864.png
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2021/12/Thomson-Reuters-Awards-10000-to-Support-First-Responders-to-Pandemic-3-1536x864.png HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:21:11 GMT
content-type: image/png
content-length: 1055538
accept-ranges: bytes
age: 171248
content-security-policy: upgrade-insecure-requests
etag: "101b32-5d33690c1e097"
last-modified: Wed, 15 Dec 2021 22:09:53 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations