Overview

URLwww.endapest.com.au/mudgee
IP 194.1.147.54 (United States)
ASN#210250 K Media Tech Ltd.
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-29 20:22:07 UTC
StatusLoading report..
IDS alerts0
Blocklist alert18
urlquery alerts No alerts detected
Tags None

Domain Summary (18)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
fonts.gstatic.com (5) 0 2014-09-09 00:40:21 UTC 2022-11-29 07:36:52 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-29 09:35:58 UTC 142.250.74.106
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-29 05:51:44 UTC 34.117.237.239
www.endapest.com.au (37) 0 2015-11-21 08:56:06 UTC 2022-11-29 11:55:15 UTC 194.1.147.73 Unknown ranking
ocsp.pki.goog (10) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-29 05:48:55 UTC 34.102.187.140
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.208.34.131
www.googletagmanager.com (2) 75 2013-05-22 02:07:37 UTC 2022-11-29 06:48:06 UTC 142.250.74.168
maps.google.com (1) 1899 2016-05-21 18:40:38 UTC 2022-11-29 08:52:32 UTC 142.250.74.46
maps.gstatic.com (1) 0 2016-01-11 16:55:17 UTC 2022-11-29 06:13:28 UTC 142.250.74.3 Domain (gstatic.com) ranked at: 540
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-29 09:16:29 UTC 142.250.74.132
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-29 08:33:49 UTC 216.239.38.178
r3.o.lencr.org (5) 344 No data No data 23.36.76.226
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
ocsp.comodoca.com (1) 1696 2012-05-21 07:01:17 UTC 2021-12-08 16:29:47 UTC 172.64.155.188
endapest.com.au (4) 0 2013-10-30 11:54:46 UTC 2022-10-27 19:06:53 UTC 194.1.147.73 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-29 2 www.endapest.com.au/mudgee Phishing
2022-11-29 2 www.endapest.com.au/mudgee Phishing
2022-11-29 2 www.endapest.com.au/wp-content/plugins/google-analytics-for-wordpress/asset (...) Phishing
2022-11-29 2 www.endapest.com.au/wp-includes/js/jquery/jquery-migrate.min.js Phishing
2022-11-29 2 www.endapest.com.au/wp-content/cache/autoptimize/js/autoptimize_single_dc74 (...) Phishing
2022-11-29 2 www.endapest.com.au/wp-content/cache/autoptimize/js/autoptimize_single_1f99 (...) Phishing
2022-11-29 2 www.endapest.com.au/wp-includes/js/jquery/ui/core.min.js Phishing
2022-11-29 2 www.endapest.com.au/wp-content/plugins/wp-retina-2x/app/picturefill.min.js Phishing
2022-11-29 2 www.endapest.com.au/wp-includes/js/hoverIntent.min.js Phishing
2022-11-29 2 www.endapest.com.au/wp-content/cache/autoptimize/js/autoptimize_single_0917 (...) Phishing
2022-11-29 2 www.endapest.com.au/wp-content/cache/autoptimize/js/autoptimize_single_166f (...) Phishing
2022-11-29 2 www.endapest.com.au/wp-includes/js/jquery/jquery.min.js Phishing
2022-11-29 2 www.endapest.com.au/wp-content/uploads/fusion-scripts/84accb45cd0b601d7e951 (...) Phishing
2022-11-29 2 www.endapest.com.au/wp-content/themes/Avada/includes/lib/assets/fonts/fonta (...) Phishing
2022-11-29 2 www.endapest.com.au/wp-json/contact-form-7/v1/contact-forms/1884/feedback/schema Phishing
2022-11-29 2 www.endapest.com.au/wp-content/themes/Avada/includes/lib/assets/fonts/icomo (...) Phishing
2022-11-29 2 www.endapest.com.au/mudgee/ Phishing
2022-11-29 2 www.endapest.com.au/wp-json/contact-form-7/v1/contact-forms/1339/feedback/schema Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 194.1.147.54
Date UQ / IDS / BL URL IP
2022-11-29 20:22:07 +0000 0 - 0 - 18 www.endapest.com.au/mudgee 194.1.147.54


Last 5 reports on ASN: K Media Tech Ltd.
Date UQ / IDS / BL URL IP
2023-02-01 21:06:59 +0000 0 - 0 - 0 smallenvelop.com 194.1.147.82
2023-01-31 03:03:35 +0000 0 - 1 - 0 www.attorneykennugent.com/ 194.1.147.47
2023-01-17 02:58:02 +0000 0 - 1 - 0 www.florenceah.com/ 194.1.147.92
2023-01-14 01:49:32 +0000 0 - 0 - 6 blogdecachorros.com/caes-com-baixa-manutencao/ 194.1.147.50
2023-01-13 20:18:26 +0000 0 - 2 - 2 cancatseat.com/turkey/ 194.1.147.24


Last 1 reports on domain: endapest.com.au
Date UQ / IDS / BL URL IP
2022-11-29 20:22:07 +0000 0 - 0 - 18 www.endapest.com.au/mudgee 194.1.147.54


No other reports with similar screenshot

JavaScript

Executed Scripts (43)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (82)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4495
Expires: Tue, 29 Nov 2022 21:36:50 GMT
Date: Tue, 29 Nov 2022 20:21:55 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3737
Cache-Control: max-age=141093
Date: Tue, 29 Nov 2022 20:21:55 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:33:28 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16249
Expires: Wed, 30 Nov 2022 00:52:44 GMT
Date: Tue, 29 Nov 2022 20:21:55 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 20:19:38 GMT
cache-control: public,max-age=3600
age: 137
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: zmRe/B1mACZ9o/7asWW+0PFS/jPP+hLvxlqk9zT2sabDzZQr8PiEJpUWu4dkX5ASIysMgf5ZM3j7vyEgKQ+Bcg==
x-amz-request-id: N4MDGS8ZYE178WK9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 19:45:35 GMT
age: 2180
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 29 Nov 2022 20:21:55 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /mudgee HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         194.1.147.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 29 Nov 2022 20:21:55 GMT
Content-Length: 0
Connection: keep-alive
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress
location: https://www.endapest.com.au/mudgee
cache-control: public, max-age=3600
expires: Tue, 29 Nov 2022 21:21:55 GMT
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
x-turbo-charged-by: LiteSpeed
X-Edge-Location: WPX CLOUD/NOR01
Server: WPX CLOUD/NOR01
X-Cache-Status: MISS


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 20:08:56 GMT
cache-control: public,max-age=3600
age: 779
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 20:21:55 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 01:38:43 GMT
Expires: Mon, 05 Dec 2022 01:38:42 GMT
Etag: "c569dca898878f6cd125b48a0d4ade2f4c35dec7"
Cache-Control: max-age=450406,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771e0d6fbf84b521-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Accept-Ranges: bytes
Age: 5465
Date: Tue, 29 Nov 2022 20:21:56 GMT
Etag: "638651c5-37"
Last-Modified: Tue, 29 Nov 2022 18:39:01 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 55


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   55
Md5:    9f073354411bbaf7a319b1519f10b4b7
Sha1:   571498f38548829bf186f49f5be9d5fa6e689a68
Sha256: 4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
                                        
                                            GET /mudgee HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         194.1.147.73
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:56 GMT
content-length: 0
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress
location: https://www.endapest.com.au/mudgee/
cache-control: public, max-age=3600
expires: Tue, 29 Nov 2022 21:21:56 GMT
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mvKR449AGhha4wK+mTNZdA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.208.34.131
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xse1jlhOIf1Oa6kxKf8LAe9bEYg=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 20:21:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 20:21:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=UA-10752109-2 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 20:21:56 GMT
expires: Tue, 29 Nov 2022 20:21:56 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43720
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43720
Md5:    44fbad0d80cdae8a7e6cdc1de4e0bc1e
Sha1:   0499e136db1a8266655e896c20115a1e32b71536
Sha256: d69dfbab281e1fa0a42530d4d2124bc80cd19f6a29c34269d5826a22808a3bde
                                        
                                            GET /gtag/js?id=UA-50628263-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 20:21:56 GMT
expires: Tue, 29 Nov 2022 20:21:56 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43724
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43724
Md5:    40d15fc09257fb16339f7b25e3567cf2
Sha1:   5e09600a05cac328fd5ad0a72342bc2581545ac5
Sha256: 7df8dadc319aed69a8ceb8f364f6f24cb96967f7db12805bca45c928b74a475c
                                        
                                            GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: application/x-javascript; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:56 GMT
content-length: 3016
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:56 GMT
last-modified: Thu, 10 Nov 2022 14:59:31 GMT
etag: "2e7a-636d11d3-0;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1577)
Size:   3016
Md5:    f9bd58ff6ff8b6d519f6bedfd8466af2
Sha1:   058a2339d68391def5388ec52f38ab89ee06d877
Sha256: 7b854fbfa48aecfb3cbc79b884fb79385f08fbc994bf60269a68424c18e9958a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 20:21:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: application/x-javascript; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 3995
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Sat, 12 Nov 2022 09:36:54 GMT
etag: "2bd8-636f6936-0;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   3995
Md5:    7e058b51f939eacfa31cdface14dded5
Sha1:   9d732e5afdeb42edef9e1b9631b7e95e054787cc
Sha256: 4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/wpcf7_captcha/3311935808.png HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 403 Forbidden
content-type: text/html; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 1074
last-modified: Fri, 18 Feb 2022 13:00:20 GMT
etag: "d1e-620f9864-5a63d44f92619af7;br"
content-encoding: br
vary: User-Agent, Accept-Encoding
wpx: 1,1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
cache-control: public,max-age=10
server: WPX CLOUD/NOR01
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   1074
Md5:    31f6842626d07c708a5ead53490a1441
Sha1:   fb6723a9bf7eb79d66166dcb7a164a98e83f2258
Sha256: fa73e6573b4b3449c71e73b46d30ff5663e414ef40ca665be74e059bc67d0787
                                        
                                            GET /wp-content/uploads/wpcf7_captcha/2528594551.png HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 403 Forbidden
content-type: text/html; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 1074
last-modified: Fri, 18 Feb 2022 13:00:20 GMT
etag: "d1e-620f9864-5a63d44f92619af7;br"
content-encoding: br
vary: User-Agent, Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
cache-control: public,max-age=10
server: WPX CLOUD/NOR01
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   1074
Md5:    31f6842626d07c708a5ead53490a1441
Sha1:   fb6723a9bf7eb79d66166dcb7a164a98e83f2258
Sha256: fa73e6573b4b3449c71e73b46d30ff5663e414ef40ca665be74e059bc67d0787
                                        
                                            GET /wp-content/cache/autoptimize/js/autoptimize_single_dc74c9954b1944928eca0172c3b8c6b3.js HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: application/x-javascript; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 2817
cache-control: public, max-age=31536000,public, immutable,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Mon, 28 Nov 2022 08:41:22 GMT
etag: "26d1-63847432-0;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9937), with no line terminators
Size:   2817
Md5:    4317b1c024df372435f6482deadddeb3
Sha1:   5c8824a17e40a44ea8fc51568b98bdb1e2e7fab5
Sha256: 3798fb16289ba55459fb6d3b2efa915e3c019c5942759abb7bd19a0ef622b85d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/cache/autoptimize/js/autoptimize_single_1f9968a7c7a2a02491393fb9d4103dae.js HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: application/x-javascript; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 3706
cache-control: public, max-age=31536000,public, immutable,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Mon, 28 Nov 2022 08:41:22 GMT
etag: "3016-63847432-0;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (12310), with no line terminators
Size:   3706
Md5:    dc6411bfa6891b75944f0074c945752d
Sha1:   03c1a8b686c287068c61ab90f58d905496d65085
Sha256: 96abeabc9cc7b4c2b7d46579f2827c67ccd02fbaef0343ae052f71accd381b0d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: application/x-javascript; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 6800
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Sat, 12 Nov 2022 09:36:54 GMT
etag: "53c0-636f6936-0;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8189)
Size:   6800
Md5:    3d0ff0f6731d9cef860af9a5a0e3ce62
Sha1:   13aed444304d782039e261475c8b4450b83e743e
Sha256: e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/wp-retina-2x/app/picturefill.min.js HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: application/x-javascript; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 4958
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Sun, 27 Nov 2022 01:00:00 GMT
etag: "2e37-6382b690-0;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11620)
Size:   4958
Md5:    411c530cfa9e62142f61a8f81e615801
Sha1:   d460651ff7bc2e837ddd34b050af0891d8f2f4b9
Sha256: 26d9ebb86902a4e3cbd2a6dc4a030d2054406c804c27fe9ed4296174937973d3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/css/classic-themes.min.css HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 144
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Sat, 12 Nov 2022 09:36:52 GMT
etag: "d9-636f6934-0;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   144
Md5:    fcbd239f30d9a6dd1f3637f291143d37
Sha1:   2871bf7d98af3f43e42f7fa32808048e7134fabf
Sha256: c2f98e9d71f782b7a3266cd337c61ae6c8dcbb7203669c07852aa2ab65ab6144
                                        
                                            GET /wp-includes/js/hoverIntent.min.js HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: application/x-javascript; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 668
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Sat, 12 Nov 2022 09:36:53 GMT
etag: "5db-636f6935-0;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1464)
Size:   668
Md5:    b57bb5f7f55be8837811df1bbfebd197
Sha1:   a9fd3372526724938daa13cba926cff79395cbae
Sha256: 26512154e931a4b5441386af49e0e6d93a298ec6ae9ce2088d292cba42d61c7c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/cache/autoptimize/js/autoptimize_single_0917c0e91b5f98ba8a8f2bebc21ebd0a.js HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: application/x-javascript; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 3613
cache-control: public, max-age=31536000,public, immutable,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Mon, 28 Nov 2022 08:41:22 GMT
etag: "4c52-63847432-0;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2347)
Size:   3613
Md5:    c4283f7d04abbf3cbba153b1097aa016
Sha1:   984f94b3387040f3361d42b5c34df03ba47a6025
Sha256: 29fc72bb75a1ee420ddcedcb2ef41123e6eaab910c68b4740771e52bb2c94a61

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2013/08/termitetreat1.jpg HTTP/1.1 
Host: endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 11966
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Thu, 01 Aug 2013 09:59:53 GMT
etag: "2ebe-51fa3199-0;;;"
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=[ File # csp9957736, License # 2842848 ]], baseline, precision 8, 451x301, components 3\012- data
Size:   11966
Md5:    cefc746ce6d53f17b499d89cdd16cfa5
Sha1:   102c1ed8e705b50e8b31c939280eae6b4a094928
Sha256: 20a8b2cccb9878a07caad2ddd50e5a7cb2d535297b4f97d08453f41880235b75
                                        
                                            GET /wp-content/cache/autoptimize/js/autoptimize_single_166f0ad74f09e4e247bee18a95be4ade.js HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: application/x-javascript; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 16606
cache-control: public, max-age=31536000,public, immutable,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Mon, 28 Nov 2022 08:41:22 GMT
etag: "11052-63847432-0;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size:   16606
Md5:    d0545516c4bc0736903fec26072a2432
Sha1:   9d448613091e2b127219affd74ad974492aa9433
Sha256: 4d343ab5a5dba5a33ab152322b4c9082afdfa857f6e16f8554aad1aa59cca934

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2013/08/termiteinspections2.jpg HTTP/1.1 
Host: endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 25235
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Thu, 01 Aug 2013 09:52:52 GMT
etag: "6293-51fa2ff4-0;;;"
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=[ File # csp9806485, License # 2842822 ]], baseline, precision 8, 451x301, components 3\012- data
Size:   25235
Md5:    7a5ff41b1195b7749ca71b6bf45b5b52
Sha1:   d79ad3b911588b53b1ec267c794a833d085ade6a
Sha256: bcc92ed1a25ccbbfcadaa96c73a586fa7e67545cda4669516b0a6b10476d7e9b
                                        
                                            GET /wp-content/uploads/2013/07/sliderriver.jpg HTTP/1.1 
Host: endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 27308
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Tue, 30 Jul 2013 12:09:12 GMT
etag: "6aac-51f7ace8-0;;;"
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=[ File # csp9806489, License # 2814228 ]], baseline, precision 8, 451x301, components 3\012- data
Size:   27308
Md5:    034d77e60b1138fdf944babb7f318cde
Sha1:   9e4473032630287d9442d1c33642b9cf0c352ee6
Sha256: 263d9b43c266adfb36ccd6c03c3c0776b6f2f4fdbe26af4d1115bf8d5906705b
                                        
                                            GET /wp-content/plugins/squirrly-seo/view/assets/css/frontend.min.css HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 533
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Thu, 10 Nov 2022 14:59:53 GMT
etag: "619-636d11e9-0;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1561), with no line terminators
Size:   533
Md5:    2f6dcf2cbf0b83438d8bfd3806b89c05
Sha1:   5428a3527868b82c2f76d3b0795f232551ef5376
Sha256: 083bdd76457000402b1f784b671fe57f0f2b65aa0e8ddd5b34ae1d55089fa096
                                        
                                            GET /wp-content/uploads/pum/pum-site-styles.css HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 3073
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Sun, 27 Nov 2022 01:00:37 GMT
etag: "449c-6382b6b5-0;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7444), with CRLF, LF line terminators
Size:   3073
Md5:    624e41cb680910de6609b5f851bf1fa2
Sha1:   ad6e7609247d70bd2e19b13d677d467271557bfc
Sha256: 29c3070735d58c5877e45b8ad45e4729864385196127ca8d930ca31ecd71be5e
                                        
                                            GET /wp-content/cache/autoptimize/css/autoptimize_single_e5462eb1094e15f13f6c01dafab314c0.css HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 750
cache-control: public, max-age=30672000,public, immutable,public
expires: Sun, 19 Nov 2023 20:21:57 GMT
last-modified: Mon, 28 Nov 2022 08:41:22 GMT
etag: "b5e-63847432-0;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2910), with no line terminators
Size:   750
Md5:    06daa4be33261e4319bad6035354e62c
Sha1:   2b12ee345877a289fe00b98ee1802948ef399f26
Sha256: 9711d540882969a66b848ce0108dd83cd28a101b73fb6f58d970d4f405087270
                                        
                                            GET /wp-content/uploads/maxmegamenu/style.css HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 5334
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Fri, 11 Nov 2022 03:04:39 GMT
etag: "11bcb-636dbbc7-0;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1230)
Size:   5334
Md5:    960b82957f2035f56f69f9276d44d364
Sha1:   ea0c5a0d9bb71059c32af8b761f85a7f6461a3c7
Sha256: fe99bebecf3184e019452a015fa23d6ddc301796a08c5f1140f42ab9d3defa6c
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: application/x-javascript; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 30324
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Sat, 12 Nov 2022 09:36:54 GMT
etag: "15e54-636f6936-0;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30324
Md5:    3a1740685bd5c0bbd5f2b812e1eb7fb4
Sha1:   488e07695da787fed18361c50292aef35abb5e81
Sha256: 4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 20:21:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/wpcf7_captcha/2528594551.png HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 403 Forbidden
content-type: text/html; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 1074
last-modified: Fri, 18 Feb 2022 13:00:20 GMT
etag: "d1e-620f9864-5a63d44f92619af7;br"
content-encoding: br
vary: User-Agent, Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
cache-control: public,max-age=10
server: WPX CLOUD/NOR01
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   1074
Md5:    31f6842626d07c708a5ead53490a1441
Sha1:   fb6723a9bf7eb79d66166dcb7a164a98e83f2258
Sha256: fa73e6573b4b3449c71e73b46d30ff5663e414ef40ca665be74e059bc67d0787
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4438
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:21:57 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/uploads/wpcf7_captcha/3311935808.png HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 403 Forbidden
content-type: text/html; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 1074
last-modified: Fri, 18 Feb 2022 13:00:20 GMT
etag: "d1e-620f9864-5a63d44f92619af7;br"
content-encoding: br
vary: User-Agent, Accept-Encoding
wpx: 1,1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
cache-control: public,max-age=10
server: WPX CLOUD/NOR01
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   1074
Md5:    31f6842626d07c708a5ead53490a1441
Sha1:   fb6723a9bf7eb79d66166dcb7a164a98e83f2258
Sha256: fa73e6573b4b3449c71e73b46d30ff5663e414ef40ca665be74e059bc67d0787
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4438
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:21:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4438
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:21:57 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UmhWm03jrsV8dFagrzIA0E-8eL8dykoO5kw3cYOBd172dCGqNdAX-Q==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:05:38 GMT
age: 58579
etag: "433061bbb226048765a711deca3026ee3e52372f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9203
Md5:    5d574c4db20a68295dbd06cb08f5990b
Sha1:   433061bbb226048765a711deca3026ee3e52372f
Sha256: 8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jb1eLyzn88lV_UTId-Fl3OnftDn8c7o5j8d16_nzHCNST_68MZ1pvA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:50:08 GMT
age: 81109
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4417
Md5:    a2a5c8d4113d282600462749315f2c4f
Sha1:   e2b4d2e15bb7c086333c0da438873e4c139ba931
Sha256: 9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 20:21:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 02:55:32 GMT
age: 62785
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9430
Md5:    1f434933b5bd6377d299ada22d1ae7ef
Sha1:   075531f525e625b117b2497f31139c9824d0e9c5
Sha256: b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
                                        
                                            GET /wp-content/uploads/2017/12/Untitled-1.png HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 51715
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Fri, 15 Dec 2017 06:49:42 GMT
etag: "ca03-5a337086-0;;;"
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 546 x 100, 8-bit/color RGB, non-interlaced\012- data
Size:   51715
Md5:    5cedc8645b0d98e044f9112266ff080d
Sha1:   da5299b50e47c1004e2eb1856bca3f2540cbf782
Sha256: 8523e79a7dd1897bd770739f2c1361b1ab46f9ba9e7ff50b9833b16bf29c87e2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:52:21 GMT
age: 55776
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10176
Md5:    03014221d7f49b50ffc2d1b0a0e75457
Sha1:   772d86ad983042a728ee3490630a9cf1134ad0dd
Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:01:17 GMT
age: 62440
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4916
Md5:    83c1fedec73299637cc7dc47c48af758
Sha1:   2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
Sha256: 1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4871
x-amzn-requestid: e2dfa7b8-ded7-4104-a913-1b84746a3c6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLDUUEy_oAMFgSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638118e8-0b229e0f60ff019d26800dd9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 19:35:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9BUuT9WFwAQMnl8JiTDKo-zHgDL0AdjAAAIh0Mx405zbGwhvRouebQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 12:20:15 GMT
age: 28902
etag: "d0dff35eb78f129b5da407043037bcf9c27e55c0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4871
Md5:    a4058fd62595d15c58b3d3266de9865a
Sha1:   d0dff35eb78f129b5da407043037bcf9c27e55c0
Sha256: ab996c23d58871a2ad53f0c34688c87f0d7c0eac5d0c1d8265b86951248449fe
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 20:21:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /maps?f=q&source=s_q&hl=en&geocode=&q=10+Palermo+Rd,+MUDGEE+NSW+2850+&aq=&sll=-32.9127,151.755606&sspn=0.007791,0.016512&g=3%2F28-32+Portside+Crescent,+Maryville+NSW+2239&ie=UTF8&hq=&hnear=10+Palermo+Rd,+Glen+Ayr+New+South+Wales+2850,+Australia&ll=-32.615159,149.577742&spn=0.250158,0.528374&t=m&z=12&iwloc=&output=embed HTTP/1.1 
Host: maps.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.46
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m13!1m8!1m3!1d107541.21800406471!2d149.577742!3d-32.615159!3m2!1i1024!2i768!4f13.1!2m1!1s10+Palermo+Rd,+MUDGEE+NSW+2850!5e0!6i12!3m1!1sen!5m1!1sen
server: mafe
content-length: 397
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   397
Md5:    e705e50478d952c8a3e854aa01e2aa3b
Sha1:   ea9a83f29c38e25bee76bd98d367b50995aa9ac4
Sha256: ab484026a02a638070a7d7a3cbc8870eb3af4634959abe59be7f1fdbf35d192d
                                        
                                            GET /wp-includes/css/dashicons.min.css HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 35110
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Sat, 12 Nov 2022 09:36:52 GMT
etag: "e688-636f6934-0;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (58981)
Size:   35110
Md5:    54c5bfb8a890d87139d9abfe01662c83
Sha1:   f9eddf5b8a3269e6d6fa40b4f13083705e6267c6
Sha256: 9685e5cabe4efc8c85e986725af8009b306416aad3ecc9086ca5bb12b84ce4ef
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 20:21:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 20:21:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/2017/06/service1.jpg HTTP/1.1 
Host: endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 83266
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Tue, 06 Jun 2017 06:10:39 GMT
etag: "14542-5936475f-0;;;"
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=388, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=580], baseline, precision 8, 580x388, components 3\012- data
Size:   83266
Md5:    2a3077d21aa0f8069741db0beb4b7a61
Sha1:   d5dedfcf8b411421f1fe4f577661e2e2db27b4b2
Sha256: 5cec559a3a6fd17396a29303bd263af9f807a25b2a63c630ddb2cb2bf01418e5
                                        
                                            GET /wp-content/uploads/fusion-scripts/84accb45cd0b601d7e95121bd9f97d2c.min.js HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: application/x-javascript; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 82663
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Tue, 29 Nov 2022 11:38:13 GMT
etag: "54ad7-6385ef25-0;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (22474)
Size:   82663
Md5:    39a72140bbabdd7076e9b2ae40c1da49
Sha1:   9518e94749568e6cca8c2d98a05f5e23f90d5ca7
Sha256: d3e7d9dd060e184909e3c62d458fe81524bcba63ff3e71575666da77ea87d9ac

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /maps/embed?origin=mfe&pb=!1m13!1m8!1m3!1d107541.21800406471!2d149.577742!3d-32.615159!3m2!1i1024!2i768!4f13.1!2m1!1s10+Palermo+Rd,+MUDGEE+NSW+2850!5e0!6i12!3m1!1sen!5m1!1sen HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.132
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-U6Tvrcbn7jOmUv1IT_GEzA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 914
x-xss-protection: 0
server-timing: gfet4t7; dur=243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1534)
Size:   914
Md5:    816da8b1ee55093473ecb67a09b6a7d0
Sha1:   60d6b843ecfe53f998edda0cf8b6fef1a496a23c
Sha256: 4e994e3979f033babbe6b6c194964c88e6e2f48dec513f545e32fe155a0b2493
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 20:21:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /maps-api-v3/embed/js/51/1/init_embed.js HTTP/1.1 
Host: maps.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.3
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 68704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 15:47:31 GMT
expires: Thu, 23 Nov 2023 15:47:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 21:36:22 GMT
age: 534867
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2669)
Size:   68704
Md5:    c088038bb01fdc7f15f21e2216b6b8b4
Sha1:   fa724c5616022f6825ac476354c492b0bf544d21
Sha256: b0ecfa74efada796d206177e1bc78c7ac75250608051c6576335c6231fc2de78
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 20:21:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: application/font-woff2
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 78212
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Tue, 22 Jun 2021 10:43:15 GMT
etag: "13184-60d1bec3-0;;;"
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 78212, version 331.-31261\012- data
Size:   78212
Md5:    8c4f474a3aaa695346196b1f33fab616
Sha1:   abc1ae262d760e104a5a5cb68614ac119fd0db18
Sha256: ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:58 GMT
content-length: 11616
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:58 GMT
last-modified: Wed, 16 Nov 2022 07:21:49 GMT
etag: "172a9-63748f8d-0;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47826)
Size:   11616
Md5:    c4d7cc056b49b00e05cc29cc59aa3d5a
Sha1:   48c426bec60099d2a8628df430ed682c72aab42a
Sha256: 8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
                                        
                                            GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.endapest.com.au
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 22:37:35 GMT
expires: Sun, 26 Nov 2023 22:37:35 GMT
cache-control: public, max-age=31536000
age: 251063
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Size:   45300
Md5:    5fe660c3a23b871807b0e1d3ee973d23
Sha1:   62a9dd423b30b6ee3ab3dd40d573545d579af10a
Sha256: e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
                                        
                                            GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.endapest.com.au
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:42:38 GMT
expires: Wed, 29 Nov 2023 15:42:38 GMT
cache-control: public, max-age=31536000
age: 16760
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Size:   47048
Md5:    87a1556b696ae2cb1a726bd8c4584a2f
Sha1:   1be0f6f39e0cf316f9827f945eeeaef8294cc37b
Sha256: 141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
                                        
                                            GET /s/anticslab/v16/bWt97fPFfRzkCa9Jlp6IacVcXA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.endapest.com.au
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12136
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 12:31:32 GMT
expires: Fri, 24 Nov 2023 12:31:32 GMT
cache-control: public, max-age=31536000
age: 460226
last-modified: Tue, 19 Apr 2022 18:27:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12136, version 1.0\012- data
Size:   12136
Md5:    cae549261ca235f6a254f6eed560ba20
Sha1:   ee867ac8b467c51d0455ab3438e04fbee79c2d87
Sha256: 3c478d59cd9c14ded18169933a9703a61220b737631fa08035f626f45867c134
                                        
                                            GET /wp-content/uploads/fusion-styles/18623e125bcdbb7c242706de471ca02d.min.css HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Tue, 29 Nov 2022 19:53:25 GMT
etag: "11aefa-63866335-0;br"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57275)
Size:   156671
Md5:    b0f3af32c0225193d92796e95bf18e04
Sha1:   2c3775304c1e0b1043fa0cb3f169064b3bc0c617
Sha256: 658ee80fa1ad7f6d382f37f2eb7cb90daaa034fc68caabe05c5fe44959e01996
                                        
                                            GET /wp-content/uploads/2017/12/page_title_bg.png HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/wp-content/uploads/fusion-styles/18623e125bcdbb7c242706de471ca02d.min.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 29 Nov 2022 20:21:58 GMT
content-length: 350
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:58 GMT
last-modified: Fri, 15 Dec 2017 06:49:43 GMT
etag: "15e-5a337087-0;;;"
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   350
Md5:    08e4c6e182484eae4f862eb8cd7964e8
Sha1:   34c2d7484495fec015215cbc6fa6114e67cd4c9d
Sha256: 415355437f81b37dda7c4ab673eda884072e96661a9719cf0b483241eadc132e
                                        
                                            GET /wp-json/contact-form-7/v1/contact-forms/1884/feedback/schema HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:58 GMT
x-powered-by: PHP/7.4.33
x-robots-tag: noindex
link: <https://www.endapest.com.au/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Accept-Encoding, Accept-Encoding,Origin
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 20:21:58 GMT
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: same-origin
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
content-encoding: gzip
server: WPX CLOUD/NOR01
x-cache-status: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (3804), with no line terminators
Size:   926
Md5:    de09037c9c0e7f2727e4c1ea7bbe706f
Sha1:   d06b16b50b50d2b0cbfb2c6075f52202f3c6f8b7
Sha256: 50525d7685ee2d1a6bc617893f4bf873c40ded2876e2289d528d4b636d12a67a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.endapest.com.au/wp-content/uploads/fusion-styles/18623e125bcdbb7c242706de471ca02d.min.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: application/font-woff
                                        
date: Tue, 29 Nov 2022 20:21:58 GMT
content-length: 18364
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:58 GMT
last-modified: Tue, 22 Jun 2021 10:43:15 GMT
etag: "47bc-60d1bec3-0;;;"
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
access-control-allow-origin: *
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 18364, version 1.0\012- data
Size:   18364
Md5:    8e959e0380c51ce13f3d3b2e0ce199b9
Sha1:   5b18dafaefe7cd611793564883243751d5776642
Sha256: 76eee1df4f77092b36dd5bb653611a145fa09f8e0ae8b0d13d7bf0deb9dd3b52

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:33:54 GMT
expires: Thu, 23 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 521285
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:33:56 GMT
expires: Thu, 23 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 521283
last-modified: Wed, 11 May 2022 19:24:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.239.38.178
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 29 Nov 2022 18:46:55 GMT
expires: Tue, 29 Nov 2022 20:46:55 GMT
cache-control: public, max-age=7200
age: 5704
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /wp-content/uploads/2018/08/favicon-1.png HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 29 Nov 2022 20:21:59 GMT
content-length: 8509
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:59 GMT
last-modified: Wed, 19 Sep 2018 08:47:38 GMT
etag: "213d-5ba20d2a-0;;;"
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 63 x 63, 8-bit/color RGBA, non-interlaced\012- data
Size:   8509
Md5:    3e95ae6a0bc8bce416d24001ebe2a6f8
Sha1:   b8bfbf7727580745465a395bf7c63cb96277d4a6
Sha256: d8c2c7ec189ff527c05f1c62019dbcaecd10ef996178e95acb64d00679dddf76
                                        
                                            GET /wp-content/uploads/2020/10/canstockphoto10190134.jpg HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 611556
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Sat, 10 Oct 2020 12:31:40 GMT
etag: "954e4-5f81a9ac-0;;;"
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2], baseline, precision 8, 1600x1067, components 3\012- data
Size:   611556
Md5:    a30a3c654d76c2ac7463d6b363bd9801
Sha1:   9decfc9a628170cd8b901f6b8ce3fe37076d9592
Sha256: c620c47889d813dbf1896460dd0c53edf060ba34daf206fa59bb3b1666f904dc
                                        
                                            GET /wp-content/uploads/2020/10/canstockphoto46523934.jpg HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 680869
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Sat, 24 Oct 2020 02:54:28 GMT
etag: "a63a5-5f939764-0;;;"
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2], baseline, precision 8, 1600x1071, components 3\012- data
Size:   680869
Md5:    71fd97250f3f18680d5982b393b88be5
Sha1:   f389e8bfafccf76acafdf51fef0b2e7b3971d6e8
Sha256: 9eb0498ead5f85763e4e90ddfc4760541b99696600c3ff3b00a1079e0e1726cb
                                        
                                            GET /wp-content/uploads/2020/10/image.png HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 751212
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Sat, 17 Oct 2020 12:08:50 GMT
etag: "b766c-5f8aded2-0;;;"
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1024 x 615, 8-bit/color RGBA, non-interlaced\012- data
Size:   751212
Md5:    fc0860dfaac0d79e31a26a8f1b0842fc
Sha1:   3ddf560bdea88290d03d956b8edd8bc24df258d4
Sha256: eea77afc710ff21711d34ac8c6a1c8a15e461b688d513327c89279dfec71f792
                                        
                                            GET /wp-content/uploads/2020/10/commercial_image.png HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 29 Nov 2022 20:21:57 GMT
content-length: 2649239
cache-control: public, max-age=31536000,public
expires: Wed, 29 Nov 2023 20:21:57 GMT
last-modified: Mon, 19 Oct 2020 07:59:57 GMT
etag: "286c97-5f8d477d-0;;;"
vary: Accept-Encoding,Origin
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
pragma: public
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1600 x 1067, 8-bit/color RGBA, non-interlaced\012- data
Size:   2649239
Md5:    9db99d0f7ad3b996893f0916f74f98ed
Sha1:   a1a6a42dcaeb6e7c350e01ec94461a193458154e
Sha256: 5cdd5ffd14fd3822bbd4df555f8bfed66b39792c3ac9dbd7e05b4adb3740e4d3
                                        
                                            GET /mudgee/ HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:56 GMT
x-powered-by: PHP/7.4.33
last-modified: Tue, 29 Nov 2022 20:21:56 GMT
expires: Tue, 29 Nov 2022 21:21:56 GMT
pragma: public
cache-control: max-age=3600, public
etag: "a7c944a1c17932e7dbf3dd3e31130667"
vary: Accept-Encoding,Origin
content-encoding: gzip
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
x-cache-status: MISS
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-json/contact-form-7/v1/contact-forms/1339/feedback/schema HTTP/1.1 
Host: www.endapest.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.endapest.com.au/mudgee/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.1.147.73
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 20:21:58 GMT
x-powered-by: PHP/7.4.33
x-robots-tag: noindex
link: <https://www.endapest.com.au/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Accept-Encoding, Accept-Encoding,Origin
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 20:21:58 GMT
wpx: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: same-origin
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
content-encoding: gzip
server: WPX CLOUD/NOR01
x-cache-status: MISS
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /css?family=Montserrat:100 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 20:21:57 GMT
date: Tue, 29 Nov 2022 20:21:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---