r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10757
Expires: Mon, 06 Feb 2023 06:18:41 GMT
Date: Mon, 06 Feb 2023 03:19:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13958
Expires: Mon, 06 Feb 2023 07:12:02 GMT
Date: Mon, 06 Feb 2023 03:19:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2231
Expires: Mon, 06 Feb 2023 03:56:35 GMT
Date: Mon, 06 Feb 2023 03:19:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 02:34:01 GMT
content-type: application/json
age: 2723
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SSjBEB6bvbPvDP9oWoJBmch5uyO+9kOty1aM56/2DdtKTdJJRs2IHLLi2Ue+5NYuyFXqlDn0EzY=
x-amz-request-id: GNP1TGG4R38DH9BY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 02:53:32 GMT
age: 1552
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
robishawpainting.com/wp-admin/snog/mo/parcel/reminder/dhl/
301 Moved Permanently 162 B URL HTTP/1.1 robishawpainting.com/wp-admin/snog/mo/parcel/reminder/dhl/
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/snog/mo/parcel/reminder/dhl/ HTTP/1.1
Host: robishawpainting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Feb 2023 03:19:24 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://robishawpainting.com/wp-admin/snog/mo/parcel/reminder/dhl/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4FG4m%2BAKA7hBQxCTiqUAf8d2R6S9ylVJBUNhJjfuwls6o4jmZkxdxNIV%2F%2BnmYHE9axoY8hsqbAhWr9omi4Mf8DODlpbxkxkGxmYYQQaqfyNDmDnDCAW0NSqlLi4FirOyb50MR7S"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7950be764e67b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 03:19:24 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 6b2cd248378184daca4ff012c4b89065
6ca6c9bcad4610c3d8cb14df75a3927f3b2802a5
d3f8870393b5e93430316e5a9be78eaa2230115cc8883182d94e7a3b8d81ef40
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6
Cache-Control: max-age=161622
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:24 GMT
Etag: "63e0460c-117"
Expires: Wed, 08 Feb 2023 00:13:06 GMT
Last-Modified: Mon, 06 Feb 2023 00:13:00 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 02:51:18 GMT
age: 1686
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4583
Expires: Mon, 06 Feb 2023 04:35:47 GMT
Date: Mon, 06 Feb 2023 03:19:24 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8ZaZi46Lql5bYdpFfSE3HQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +AUTLaFSz4BKhuDpAg8iowwkhEM=
robishawpainting.com/wp-admin/snog/mo/parcel/reminder/dhl/
301 Moved Permanently 0 B URL HTTP/2 robishawpainting.com/wp-admin/snog/mo/parcel/reminder/dhl/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/snog/mo/parcel/reminder/dhl/ HTTP/1.1
Host: robishawpainting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Mon, 06 Feb 2023 03:19:26 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://robishawpainting.com/remodeling-services/
x-powered-by: WP Engine
set-cookie: apbct_timestamp=1675653564; path=/; secure; SameSite=Lax
apbct_site_landing_ts=1675653564; path=/; secure; HttpOnly; SameSite=Lax
apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=Lax
apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%252293ede43aaeada328f3947fbc5f502457%2522%257D; path=/; secure; HttpOnly; SameSite=Lax
apbct_urls=%7B%22robishawpainting.com%2Fwp-admin%2Fsnog%2Fmo%2Fparcel%2Freminder%2Fdhl%2F%22%3A%5B1675653564%5D%7D; expires=Thu, 09-Feb-2023 03:19:24 GMT; Max-Age=259200; path=/; domain=robishawpainting.com; secure; HttpOnly; SameSite=Lax
apbct_site_referer=UNKNOWN; expires=Thu, 09-Feb-2023 03:19:24 GMT; Max-Age=259200; path=/; domain=robishawpainting.com; secure; HttpOnly; SameSite=Lax
ct_sfw_pass_key=1f368441fc07e6817aaf46151e1eb81f0; expires=Wed, 08-Mar-2023 03:19:24 GMT; Max-Age=2592000; path=/; secure; SameSite=Lax
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://robishawpainting.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-tag: 8e8_HTTP.404,8e8_HTTP.301
x-cacheable: NO:Passed
cache-control: max-age=0, must-revalidate, private
x-cache: MISS
x-pass-why: wp-admin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnY2I4NxLx1TYmt69NamSgPkeDNqHrgt4%2BkoBKcZkcrqFR1hlhFP7jt9%2BzhizhdsOeZIZyGo4ftyHhM77rCz%2BIolDKBJpeF9QQflVx5DkT6iTmek56tztUp%2FipnlfQ1eF3PKZ0M6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7950be787bf80b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 6b2cd248378184daca4ff012c4b89065
6ca6c9bcad4610c3d8cb14df75a3927f3b2802a5
d3f8870393b5e93430316e5a9be78eaa2230115cc8883182d94e7a3b8d81ef40
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 8
Cache-Control: max-age=161622
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:26 GMT
Etag: "63e0460c-117"
Expires: Wed, 08 Feb 2023 00:13:08 GMT
Last-Modified: Mon, 06 Feb 2023 00:13:00 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5306
Expires: Mon, 06 Feb 2023 04:47:52 GMT
Date: Mon, 06 Feb 2023 03:19:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5306
Expires: Mon, 06 Feb 2023 04:47:52 GMT
Date: Mon, 06 Feb 2023 03:19:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5306
Expires: Mon, 06 Feb 2023 04:47:52 GMT
Date: Mon, 06 Feb 2023 03:19:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a24cf7b2db6d65c3fe5daf78b3309ced
a3653a9a7baea412808dd91572ff21e1a505c26f
f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nvfp0sEYw5bxnFHisq80WCXh6T-LdFlPqs95tyX2epjMfhM_hjUj0A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 19763
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad2298793399bf73c51c7d60952065c1
816bd4c36ceea2c46489ae72fde0b4a94c7c4bef
dc540d64e5e0835c7007e89ca3b5dd620b43a87e13309f323f3843a5f908a199
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8649
x-amzn-requestid: f85f3c9d-95c1-4db6-af5f-595070fe46c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHzboAMFQCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-6eed72bf20887cac6dc1a56a;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tNp3KhwtaSjchn-VAo1VellQ63I1W9uIbkQ_84Y7z_4z--vGfz8PGA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:53:56 GMT
age: 19530
etag: "816bd4c36ceea2c46489ae72fde0b4a94c7c4bef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd67ec8ef-bdc5-4f9b-a7be-c0d8b932923a.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd67ec8ef-bdc5-4f9b-a7be-c0d8b932923a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f267c5cee67458c0f6ef42c4feb5217e
f5092ce77834e8f1f245b987204ff6a194c38ef6
84c5cde3d7e06e6dd32d1c98172606c8d912c7032a4677f8851e42e4b195e420
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd67ec8ef-bdc5-4f9b-a7be-c0d8b932923a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9451
x-amzn-requestid: 3f95347b-f0bf-43dd-90fc-5087bf0de607
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4okJGUCoAMF0sA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0214d-53d6a2de41af72770b086196;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H_s21wzDvh5_yMsyrtmGLDQ6DI3TgkQ1tGP-OWQlygLQzziVMORH4g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:54:04 GMT
age: 19522
etag: "f5092ce77834e8f1f245b987204ff6a194c38ef6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d63833d-c4af-4746-a163-2d9da6b2bf67.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d63833d-c4af-4746-a163-2d9da6b2bf67.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 27b516a4bb5fa5512a31aa8de5f9706e
03aeba4fafc64130967d3645081426f81b5f7dd1
7e5d809bf4e1b6f7f25bf604c1e5efcaf2a442ebfb53397d65820ebb1eaf754a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d63833d-c4af-4746-a163-2d9da6b2bf67.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8845
x-amzn-requestid: 4cae7b8e-f650-4d61-9f3d-8cce7410ba1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pOKFamIAMF4gQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0225a-51cd8f5b2d810ad94f52a5e3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:40:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WhhBAtYjlLj3PcIM5a-OwGIDFLeHYNF5Tg99rpTFMa326gTFJ56zBA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:51:21 GMT
age: 19685
etag: "03aeba4fafc64130967d3645081426f81b5f7dd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:09 GMT
age: 19757
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 352e4166a431e781e56cc7f169c7f8ca
866b76c34076cf2e18c6a071336fcf4f581f3c4d
75ba13b601f4b00c5b091eb29e7f6739ffee3e127bd6d3c4b35cc967bb6d354a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9779
x-amzn-requestid: 101b984b-9c04-4d07-b1fe-3d888f4bcd49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftcNRFV_oAMF2_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba721-72679ba0378015034e17b8ca;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 12:05:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FRZf4nkQyttwihy5BBbuHzT9lYQvBPqcOTdT5esu46vqMTvXAi5aQw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 18:39:44 GMT
age: 31182
etag: "866b76c34076cf2e18c6a071336fcf4f581f3c4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 34a7f951271466232ee9cbe436260985
34de7a3ea64bfd39417ec6039628a09689fe2783
03942edfa00c788f7640653fd1399b5142675bb1e7aa6f4607bfa46c4de1df95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3729
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:26 GMT
Last-Modified: Mon, 06 Feb 2023 02:17:17 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 279 B IP
Hash 370e74ead61664d84985db7a9087c0e4
7c55daf6c9231e1586a0c9d48375766e7f02405f
ddc18509904868cb8e31ad5cbbd27245fc163eaac44d40a7e95fb795c6e248db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6463
Cache-Control: max-age=154403
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:26 GMT
Etag: "63e010a2-117"
Expires: Tue, 07 Feb 2023 22:12:49 GMT
Last-Modified: Sun, 05 Feb 2023 20:25:06 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 471 B IP
Hash 34a7f951271466232ee9cbe436260985
34de7a3ea64bfd39417ec6039628a09689fe2783
03942edfa00c788f7640653fd1399b5142675bb1e7aa6f4607bfa46c4de1df95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3729
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:26 GMT
Last-Modified: Mon, 06 Feb 2023 02:17:17 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 34a7f951271466232ee9cbe436260985
34de7a3ea64bfd39417ec6039628a09689fe2783
03942edfa00c788f7640653fd1399b5142675bb1e7aa6f4607bfa46c4de1df95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3729
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:26 GMT
Last-Modified: Mon, 06 Feb 2023 02:17:17 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 279 B IP
Hash 370e74ead61664d84985db7a9087c0e4
7c55daf6c9231e1586a0c9d48375766e7f02405f
ddc18509904868cb8e31ad5cbbd27245fc163eaac44d40a7e95fb795c6e248db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6463
Cache-Control: max-age=154403
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:26 GMT
Etag: "63e010a2-117"
Expires: Tue, 07 Feb 2023 22:12:49 GMT
Last-Modified: Sun, 05 Feb 2023 20:25:06 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
hb.wpmucdn.com/robishawpainting.com/52ceff49-df7f-4a97-b715-eec6e7afad37.js
200 OK 432 kB URL HTTP/2 hb.wpmucdn.com/robishawpainting.com/52ceff49-df7f-4a97-b715-eec6e7afad37.js
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (45108), with CRLF, LF line terminators
Size 432 kB (431660 bytes)
Hash b245f2c0730791750ff7f8100cb47e7a
19038f93bc8b9fdd25eb077514fa0cd927977e0a
60a2dab492f6244769a7faa8c351bb7ce27a95acca3ede46fd8db6997ed23551
GET /robishawpainting.com/52ceff49-df7f-4a97-b715-eec6e7afad37.js HTTP/1.1
Host: hb.wpmucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:19:26 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 1101156
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestcountrycode: NO
vary: Accept-Encoding
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"d8eae754bc5dd8b21f7176c41f2b694c"
last-modified: Thu, 26 Jan 2023 04:23:44 GMT
cdn-cachedat: 02/06/2023 03:19:21
x-amz-server-side-encryption: AES256
x-amz-meta-hb-minify: minify=0.0%, origSize=128668
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1297ac48d8edf90130b16341586b3077
cdn-cache: HIT
X-Firefox-Spdy: h2
robishawpainting.com/remodeling-services/
200 OK 42 kB URL HTTP/2 robishawpainting.com/remodeling-services/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (26346)
Hash 00c0507e0d51d6d652285be281dd4592
b347bf98087d89bba5adf16527009bae8563dc7c
f6245a5f776b2a4f90d76d34404f117dbdeef0dd3f2bbbbad5474512780acd46
Analyzer Verdict Alert fortinet Phishing
GET /remodeling-services/ HTTP/1.1
Host: robishawpainting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: apbct_timestamp=1675653564; apbct_site_landing_ts=1675653564; apbct_page_hits=1; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%252293ede43aaeada328f3947fbc5f502457%2522%257D; apbct_urls=%7B%22robishawpainting.com%2Fwp-admin%2Fsnog%2Fmo%2Fparcel%2Freminder%2Fdhl%2F%22%3A%5B1675653564%5D%7D; apbct_site_referer=UNKNOWN; ct_sfw_pass_key=1f368441fc07e6817aaf46151e1eb81f0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:19:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-powered-by: WP Engine
set-cookie: apbct_timestamp=1675653561; path=/; secure; SameSite=Lax
apbct_site_landing_ts=1675653561; path=/; secure; HttpOnly; SameSite=Lax
apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=Lax
apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b69197e7be245618c862a75fa8f1c9eb%2522%257D; path=/; secure; HttpOnly; SameSite=Lax
apbct_urls=%7B%22robishawpainting.com%2Fremodeling-services%2F%22%3A%5B1675653561%5D%7D; expires=Thu, 09-Feb-2023 03:19:21 GMT; Max-Age=259200; path=/; domain=robishawpainting.com; secure; HttpOnly; SameSite=Lax
apbct_site_referer=UNKNOWN; expires=Thu, 09-Feb-2023 03:19:21 GMT; Max-Age=259200; path=/; domain=robishawpainting.com; secure; HttpOnly; SameSite=Lax
ct_sfw_pass_key=1f368441fc07e6817aaf46151e1eb81f0; expires=Wed, 08-Mar-2023 03:19:21 GMT; Max-Age=2592000; path=/; secure; SameSite=Lax
x-litespeed-tag: 8e8_HTTP.200
link: <https://robishawpainting.com/wp-json/>; rel="https://api.w.org/", <https://robishawpainting.com/wp-json/wp/v2/pages/691>; rel="alternate"; type="application/json", <https://robishawpainting.com/?p=691>; rel=shortlink
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwtsCLmoFYbn4wrCODeCwyTy%2Fm4uE3led1kNq4zh1HoTGePr0J%2Ff%2FYgLQMWkGLqOAElbj0veojkHRBl8l%2B9PPVb8YTAJs12qi95K2IixzIiQBrJb1gZN2wPfTHNB6Hf74CEzugfk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7950be846f550b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hb.wpmucdn.com/robishawpainting.com/bcd7c8cc-03ca-4682-95c6-2d40da048777.js
200 OK 54 kB URL HTTP/2 hb.wpmucdn.com/robishawpainting.com/bcd7c8cc-03ca-4682-95c6-2d40da048777.js
IP
ASN #34989 ServeTheWorld AS
File type HTML document, ASCII text, with very long lines (8352), with CRLF, LF line terminators
Hash 0c0aef837013c967d500eaa32f85c062
e17ec9d4df9b7caa9199d811402ac3afd99be6f4
fe3154e4e3be6fcab0cf62d44c48e4609dfbad47bccb249c566da5b890ccf2af
GET /robishawpainting.com/bcd7c8cc-03ca-4682-95c6-2d40da048777.js HTTP/1.1
Host: hb.wpmucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:19:26 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 1101156
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestcountrycode: NO
vary: Accept-Encoding
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"787af7c2a9e66e1e4cfa347924345f75"
last-modified: Sun, 29 Jan 2023 15:20:46 GMT
cdn-cachedat: 02/06/2023 03:19:21
x-amz-server-side-encryption: AES256
x-amz-meta-hb-minify: minify=47.1%, origSize=3349
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 5c6c1b5b06dc4b9cb53e86c84967e0a6
cdn-cache: HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 3874fdaf7a9f3d03b47144069d1c531d
39e61b4103a61d8a98c82e320a8a2e72d59998e7
c7d9959c0932a314011977b42774811a568fd4fd4e1e1765cfa98a90baeb2adc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:26 GMT
Server: ECS (amb/6BA5)
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9V1g.woff
200 OK 66 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9V1g.woff
IP
File type Web Open Font Format, TrueType, length 65760, version 1.1\012- data
Hash 3bb9ab2862ae072e657fb2fb2b6a3279
37ada8de241d44c2dda5d779778d606f93ddfb3e
9ec8c55ca9a20762804eddbda1f3bb327d2d19245d89a7ee6f2076421c60c6c1
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9V1g.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://robishawpainting.com
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 65760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 02:07:18 GMT
expires: Sat, 03 Feb 2024 02:07:18 GMT
cache-control: public, max-age=31536000
age: 263529
last-modified: Wed, 27 Apr 2022 16:10:12 GMT
content-type: font/woff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLmr19lFQ.woff2
200 OK 58 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLmr19lFQ.woff2
IP
Hash 0e6b904da3cb790085284c923ecc24dd
2feb16fe3bc93e9b158edf6f1504b0fd839a0b4a
04626851e07918307fc7ff5d8012dcb5c5036cd2571031e01c8640870865a38e
GET /s/poppins/v20/pxiDyp8kv8JHgFVrJJLmr19lFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://robishawpainting.com
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 56648
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:40:45 GMT
expires: Fri, 02 Feb 2024 00:40:45 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:12:39 GMT
content-type: font/woff2
age: 355122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7V14.woff2
200 OK 49 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7V14.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 49104, version 1.0\012- data
Hash 0debef05807771edda9c8d32f7d42384
c6234a3ada4a34cddac37cb5d8dabe1e57f1146c
4f73127335c22d96e1ee451f7b8ab5d5d6b9ba742735bb647e406e1945659bb6
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7V14.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://robishawpainting.com
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 49104
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 10:05:21 GMT
expires: Sat, 03 Feb 2024 10:05:21 GMT
cache-control: public, max-age=31536000
age: 234846
last-modified: Wed, 27 Apr 2022 16:11:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrFJU.woff2
200 OK 50 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrFJU.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 49652, version 1.0\012- data
Hash 46ff920efe7721f9087376e8131619e8
5f86acfc17011505072d796e70ed9ea7c428aadc
078a838f0e1e77b39512df1902c5197ac824cfb8d6f13e988126a8bdf597edb2
GET /s/poppins/v20/pxiEyp8kv8JHgFVrFJU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://robishawpainting.com
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 49652
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:40:44 GMT
expires: Fri, 02 Feb 2024 00:40:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:03:58 GMT
content-type: font/woff2
age: 355123
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hb.wpmucdn.com/robishawpainting.com/054f1375-09bf-4009-b7a9-e24126e3f6a8.css
200 OK 69 kB URL HTTP/2 hb.wpmucdn.com/robishawpainting.com/054f1375-09bf-4009-b7a9-e24126e3f6a8.css
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (22455), with CRLF, LF line terminators
Hash 6c8fcfb1be94403e706c6b1936c1383b
2a13a639dae37a6337903811ca1d72d28d4e308c
771599203ab6aa90ccaecb432bbbb80f6bc1bcd0c696c9b2960a474181b62e47
GET /robishawpainting.com/054f1375-09bf-4009-b7a9-e24126e3f6a8.css HTTP/1.1
Host: hb.wpmucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:19:26 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 1101156
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"0be8ece3058acb5249f0c492768fbdff"
last-modified: Sun, 29 Jan 2023 15:20:42 GMT
cdn-cachedat: 02/06/2023 03:19:21
x-amz-server-side-encryption: AES256
x-amz-meta-hb-minify: minify=0.0%, origSize=2991
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: b840b184f4740a45c2c5fb5931dc9d36
cdn-cache: HIT
X-Firefox-Spdy: h2
hb.wpmucdn.com/robishawpainting.com/87c18b19-afca-4263-a9d2-c6da7459fa2c.css
200 OK 61 kB URL HTTP/2 hb.wpmucdn.com/robishawpainting.com/87c18b19-afca-4263-a9d2-c6da7459fa2c.css
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (50129), with CRLF line terminators
Hash 7d82aae6e32221efe1b9dbfb464fd93e
497494474ae689aaece52e22f469fe6ef9195cd6
9b99e9f3215b2ffc68dc67cee388316f5ca261c2da87acdf534196710c5e8aae
GET /robishawpainting.com/87c18b19-afca-4263-a9d2-c6da7459fa2c.css HTTP/1.1
Host: hb.wpmucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:19:26 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 1101156
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"5dfbff59dcfc4e304ec9a07232537dec"
last-modified: Thu, 26 Jan 2023 04:23:42 GMT
cdn-cachedat: 02/06/2023 03:19:21
x-amz-server-side-encryption: AES256
x-amz-meta-hb-minify: minify=15.0%, origSize=58974
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 67564ef6d0c93d150c6c612c7b802483
cdn-cache: HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu170w7.woff2
200 OK 40 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu170w7.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 39956, version 1.0\012- data
Hash afc099b271ff9df5bdda33beea60a772
9c56903effc03eb5b91b7552961a168a6d3db5f8
e58b260ced203e2ffce7aa502b51ebadb6ffee21b6d5cf72fc4c43b0e835d1bf
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu170w7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://robishawpainting.com
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39956
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 21:46:48 GMT
expires: Tue, 30 Jan 2024 21:46:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:56:44 GMT
content-type: font/woff2
age: 538359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w7.woff2
200 OK 40 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w7.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 40236, version 1.0\012- data
Hash 5c283c768487bbacab2a3e33e3e39e3c
e4233b9d0137355f9522d7c5bf99d9c688617c6b
356e58889a7cf422acc2c715a26996890c929b9b3b8a0e124a9cf4a795734732
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://robishawpainting.com
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 05:21:06 GMT
expires: Fri, 02 Feb 2024 05:21:06 GMT
cache-control: public, max-age=31536000
age: 338301
last-modified: Mon, 11 Jul 2022 19:01:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.0/js/all.min.js
200 OK 49 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.0/js/all.min.js
IP
Hash 3a0a14dc7381ee5200cadbe0af4ee7de
e319fbaf1ec7364ed15abab70480a3f5a88b537f
72d422ca01aa5059f41ff11b170fe69f993a39c7b0b06dc17fd072866b187d83
GET /ajax/libs/font-awesome/6.1.0/js/all.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:19:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 500921
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "623106fb-7a4b9"
last-modified: Tue, 15 Mar 2022 21:36:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 13872869
expires: Sat, 27 Jan 2024 03:19:26 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrhqNIKX5tCPNUIguFSS8AOMgWL%2B0UkgmRqHSctn7wAD23dhr91ngnqDi3wrArf99HRJ%2Fq4peGZT167Y%2F2dnBhPf8a6IUq5XbGGTi7OH6jBKEbKxKshq100e1V4a96%2FEkkhYJIJW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7950be875e530b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.siteminds.net/m/1.8/mind_loader.php?pid=Q5aB4zx3B2&band_type=br&opt_type=0
200 OK 5.5 kB URL HTTP/1.1 www.siteminds.net/m/1.8/mind_loader.php?pid=Q5aB4zx3B2&band_type=br&opt_type=0
IP
Hash ab9a9d745670b7ab2e0a3eea456ff7a1
93438f6f82a0ea82040ab6be92af34cd1af59e9c
9f3667d890439242c4561cb85686d07181e7c5e46b44865e02be8891b4b17d45
GET /m/1.8/mind_loader.php?pid=Q5aB4zx3B2&band_type=br&opt_type=0 HTTP/1.1
Host: www.siteminds.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 03:19:27 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 mod_ssl/2.2.15 OpenSSL/1.0.1e-fips
Content-Length: 5529
Keep-Alive: timeout=5, max=120
Connection: Keep-Alive
Content-Type: application/x-javascript
www.siteminds.net/m/1.8/mind_rs_prd.php
200 OK 25 kB URL HTTP/1.1 www.siteminds.net/m/1.8/mind_rs_prd.php
IP
Hash 9f9f4f3d2b189502fb887d7f6fcccc48
b1d74e89f5fca9304944b84ad60cf87d16d95193
48c3233f67a3994c59fe38a321b93269ce06af208808abe4b12a8cada0436d51
GET /m/1.8/mind_rs_prd.php HTTP/1.1
Host: www.siteminds.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 03:19:27 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 mod_ssl/2.2.15 OpenSSL/1.0.1e-fips
Keep-Alive: timeout=5, max=119
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/x-javascript
www.siteminds.net/m/1.8/bottom_right/mind_local.css
200 OK 2.5 kB URL HTTP/1.1 www.siteminds.net/m/1.8/bottom_right/mind_local.css
IP
Hash 93b4e3c828114f594808c260319f82e1
dd6abcae15320459a14f1092d60b61fc3bc02dab
54e958eb7ebd1de2a12d695a038eadc62e8e72b03376b1101ea98e9dfb7e4ee0
GET /m/1.8/bottom_right/mind_local.css HTTP/1.1
Host: www.siteminds.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 03:19:27 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 mod_ssl/2.2.15 OpenSSL/1.0.1e-fips
Last-Modified: Thu, 02 May 2019 20:00:29 GMT
ETag: "11007c-9d5-587ed15f61140"
Accept-Ranges: bytes
Content-Length: 2517
Keep-Alive: timeout=5, max=118
Connection: Keep-Alive
Content-Type: text/css
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 4912a3f8c887edec8c4175e31a704d67
8ecdd8ea83ba390262bbe4f9ce752e44ebc94cb9
4e82c61b6ced7d1b6759ee33366bef4799dcb5bd21024911545a9441d47fc469
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 06 Feb 2023 03:19:27 GMT
Last-Modified: Mon, 06 Feb 2023 02:51:12 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: n-gsv8xTLOZhCwlr5Ku7qbisnZPaZG1JqG6kN893A23qh6EPbFgjDQ==
Age: 1695
www.siteminds.net/m/1.8/mind_jsn_chk_av.php?band_type=br&pid=Q5aB4zx3B2&dr=undefined&pm=false&dw=NaN&dh=NaN&avname=undefined&avnum=undefined&ap=undefined&left_side=undefined&forcemob=undefined&opt_type=0&callback=0
200 OK 420 B URL HTTP/1.1 www.siteminds.net/m/1.8/mind_jsn_chk_av.php?band_type=br&pid=Q5aB4zx3B2&dr=undefined&pm=false&dw=NaN&dh=NaN&avname=undefined&avnum=undefined&ap=undefined&left_side=undefined&forcemob=undefined&opt_type=0&callback=0
IP
File type ASCII text, with very long lines (420), with no line terminators
Hash 0245852c9c3787c9f696d5ac5f30a2c3
3b1d0fc34a785c71a8d72d75d38e1da3ed2f8cf0
a205e0960e9e942e1f10011c5ca5fd56be1557e74ea85ea8245d2b75ad3020c7
GET /m/1.8/mind_jsn_chk_av.php?band_type=br&pid=Q5aB4zx3B2&dr=undefined&pm=false&dw=NaN&dh=NaN&avname=undefined&avnum=undefined&ap=undefined&left_side=undefined&forcemob=undefined&opt_type=0&callback=0 HTTP/1.1
Host: www.siteminds.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 03:19:27 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 mod_ssl/2.2.15 OpenSSL/1.0.1e-fips
Access-Control-Allow-Origin: *
Last-Modified: Mon, 06 Feb 2023 03:19:27 GMT
Expires: Mon, 06 Feb 2023 03:19:27 GMT
Cache-Control: private, max-age=30, no-transform
Alternate-Protocol: 443:quic
Vary: *
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 420
Keep-Alive: timeout=5, max=117
Connection: Keep-Alive
Content-Type: text/javascript; charset=UTF-8
api.userway.org/api/tunings/E8voaT4ZKw
200 OK 845 B URL HTTP/2 api.userway.org/api/tunings/E8voaT4ZKw
IP
File type JSON data\012- , ASCII text, with very long lines (845), with no line terminators
Hash 82796c398557a2125a9e328550e57a56
66acd73ff90b4a6ffe9c7cba0f845c3799d5e0a7
b4a12e4f16c71f25fb08388c0d2285cd522b524d8a119e02576547b3aedd68a0
POST /api/tunings/E8voaT4ZKw HTTP/1.1
Host: api.userway.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1447
Origin: https://robishawpainting.com
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:19:27 GMT
content-type: application/json; charset=utf-8
content-length: 845
x-service-version: uw-pr
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-headers: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
x-service-request-id: usrf57fade8a68a4fd
etag: W/"34d-ZqzXP/kLSm/+nHy6D4RcN5nV4Kc"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP
File type ASCII text, with very long lines (32341)
Hash 856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.siteminds.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 06:03:15 GMT
expires: Fri, 02 Feb 2024 06:03:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 335772
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Source+Sans+Pro
200 OK 15 kB URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro
IP
Hash 27cc9f9177742e559da662c79d982238
5b1cb7b1d34e7a455d57c283fe560988ed10d428
2ba977f7979232c777d563b85e2401d4b5a4dd495a2a4993d318247cec04ae9e
GET /css?family=Source+Sans+Pro HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.siteminds.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 03:19:27 GMT
date: Mon, 06 Feb 2023 03:19:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
files.hellonetcdn.com/st/js/gocast_combined_g16.css?s=2
200 OK 7.0 kB URL HTTP/2 files.hellonetcdn.com/st/js/gocast_combined_g16.css?s=2
IP
Hash 0a08ee1f5c14387dcfe0fec0e8d280ce
9c45f7bcf8916c65f4ed4c4e8f65aa4ab0ac37db
1f6c01271d8508c5f4cb37813a49f7f1a92d75dee095631b2d1a4730f7f98575
GET /st/js/gocast_combined_g16.css?s=2 HTTP/1.1
Host: files.hellonetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.siteminds.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 464673
cache-control: max-age=604800
content-type: text/css
date: Mon, 06 Feb 2023 03:19:28 GMT
etag: "54283038"
expires: Mon, 13 Feb 2023 03:19:28 GMT
last-modified: Wed, 30 Jul 2014 18:38:35 GMT
server: ECS (ska/F709)
vary: Accept-Encoding
x-cache: HIT
content-length: 6989
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.siteminds.net/m/1.8/br.php?&band_type=br&pid=Q5aB4zx3B2&ismobile=false&dr=undefined&opt_type=0
200 OK 86 kB URL HTTP/1.1 www.siteminds.net/m/1.8/br.php?&band_type=br&pid=Q5aB4zx3B2&ismobile=false&dr=undefined&opt_type=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1107)
Hash 5976576f4c7f802c2bb0bb02dae9ebd9
582ef6eb0ce508996bdf72c0f26939372034a422
94f1e1072c87cc9db386b6e61ffd79fed5da8410235c025bb5bc0bf1a8dd73e7
GET /m/1.8/br.php?&band_type=br&pid=Q5aB4zx3B2&ismobile=false&dr=undefined&opt_type=0 HTTP/1.1
Host: www.siteminds.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robishawpainting.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 03:19:27 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 mod_ssl/2.2.15 OpenSSL/1.0.1e-fips
Keep-Alive: timeout=5, max=116
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
securepubads.g.doubleclick.net/tag/js/gpt.js
200 OK 27 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP
File type ASCII text, with very long lines (39302)
Hash 7a948f2ef1cd6fe8d0b0191dda6d3c2f
4a20adcc9af4f774d7af798d0ac1c768d05d76d6
a966287584c5d304d5e94b697fdf9d45f814664eab893f68a0d270149de3d0d5
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27284
date: Mon, 06 Feb 2023 03:19:28 GMT
expires: Mon, 06 Feb 2023 03:19:28 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1474 / 183 of 1000 / last-modified: 1675465842"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.userway.org/widgetapp/2023-02-03/locales/en-US.json
200 OK 218 B URL HTTP/2 cdn.userway.org/widgetapp/2023-02-03/locales/en-US.json
IP
ASN #60068 Datacamp Limited
File type JSON data\012- , ASCII text, with very long lines (433), with no line terminators
Hash e0dd40222d5dd642ea1d737eba1ddd9e
d472a375c74b0894094d07cd084647b6d0c07f09
15c343a26743a34755b3f5caf054249bad9534505c0482eb1111819a096adb4f
GET /widgetapp/2023-02-03/locales/en-US.json HTTP/1.1
Host: cdn.userway.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://robishawpainting.com
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:19:27 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
last-modified: Fri, 03 Feb 2023 23:45:42 GMT
etag: W/"0c4b53012957584c54e80867ff489590"
cache-control: max-age=25920000, public
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: k37lqBxiGmfpcxWFVuq6BuiBpgOG7RJhiDsmQz4Ll-WwinJpBnOELg==
age: 281
x-accel-expires: @1701388918
server: CDN77-Turbo
x-77-nzt: AblMCQ2vtv7/SdECAA
x-77-nzt-ray: c0a4cc28030727f5bf71e063fd4c5d35
x-cache: HIT
x-age: 184649
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.siteminds.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 15:38:44 GMT
expires: Tue, 30 Jan 2024 15:38:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
age: 560444
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.siteminds.net/m/1.8/img/info-64t.png
200 OK 1.6 kB URL HTTP/1.1 www.siteminds.net/m/1.8/img/info-64t.png
IP
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 2066774c90c8e69302047df77d6de984
78b272efe2da115aeabb1155bb7edcfcb0cbe1e0
7cf92b6809d9ccc99fea214f77eff1d8a08d550e8500ff0af30a79c6a05c40dd
GET /m/1.8/img/info-64t.png HTTP/1.1
Host: www.siteminds.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.siteminds.net/m/1.8/br.php?&band_type=br&pid=Q5aB4zx3B2&ismobile=false&dr=undefined&opt_type=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 03:19:28 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 mod_ssl/2.2.15 OpenSSL/1.0.1e-fips
Last-Modified: Thu, 02 May 2019 20:00:30 GMT
ETag: "110081-63c-587ed16055380"
Accept-Ranges: bytes
Content-Length: 1596
Keep-Alive: timeout=5, max=115
Connection: Keep-Alive
Content-Type: image/png
www.siteminds.net/m/1.8/nx_proxy.php?action_request=a71&pid=Q5aB4zx3B2&_=1675653611031
200 OK 328 B URL HTTP/1.1 www.siteminds.net/m/1.8/nx_proxy.php?action_request=a71&pid=Q5aB4zx3B2&_=1675653611031
IP
File type ASCII text, with very long lines (327)
Hash 28b7b70e5e8f3025a9c8249503ae8a96
72c1a52e05e5725c17fc2f7dc03c9d70404694a2
0dabfbc4252cd3b713d46124f1173ad58afb80f2d05f6cb0c5562155950c55ba
GET /m/1.8/nx_proxy.php?action_request=a71&pid=Q5aB4zx3B2&_=1675653611031 HTTP/1.1
Host: www.siteminds.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.siteminds.net/m/1.8/br.php?&band_type=br&pid=Q5aB4zx3B2&ismobile=false&dr=undefined&opt_type=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 03:19:28 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 mod_ssl/2.2.15 OpenSSL/1.0.1e-fips
Content-Length: 328
Keep-Alive: timeout=5, max=114
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
200 OK 103 kB IP
Size 103 kB (102550 bytes)
Hash 054aeb5c31a4d659535500e37ada52ce
626019c492cf0f7b982560f9bc6ab1417b2b9e38
9dc0c7c675249c5d15cf849fed8e2afd1f113e183057876d8662265817a1f466
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9d7d54937b70d60ca299d07980bc1e1e
42ee245e31b6c480419253d420a75159e107cc65
fd8c0e9b7ce1332347da031c471053f5acaab963f5aafd0e29bb94b90bcf9293
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.userway.org/widgetapp/images/body_wh.svg
200 OK 606 B URL HTTP/2 cdn.userway.org/widgetapp/images/body_wh.svg
IP
ASN #60068 Datacamp Limited
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1038), with no line terminators
Hash 57df39f580e064c552dc7f6de7f91b00
b7f915aba7a624d638706efd6c0c1852704ae1bc
cb88b67cf66ee5477a26f43b1d4175e773e71c9c7f7ec61595064ff1236f52c3
GET /widgetapp/images/body_wh.svg HTTP/1.1
Host: cdn.userway.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:19:28 GMT
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
cache-control: max-age=25920000, public
via: 1.1 acf2dd107c5d6d9bebe3457b4f66431e.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-P1
x-amz-cf-id: H63vQnKv-vxXtqjau29OuDfvuK3Hm4C_brayiLqFNlhc5_reAyFlXw==
age: 54
x-accel-expires: @1699529294
server: CDN77-Turbo
x-77-nzt: AblMCQ0LZib/cjEfAA
x-77-nzt-ray: c0a4cc28030727f5c071e0639646de19
x-cache: HIT
x-age: 2044274
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.userway.org/widgetapp/images/spin_wh.svg
200 OK 667 B URL HTTP/2 cdn.userway.org/widgetapp/images/spin_wh.svg
IP
ASN #60068 Datacamp Limited
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text
Hash ef16c2a58df7cf73d417eac6617bdda9
bd4516384e93fb9069cd76bd361d5783843e3e40
3b72046399598163967959d5e00420afc8ca0a70a5f3e10ccae6ee695325b238
GET /widgetapp/images/spin_wh.svg HTTP/1.1
Host: cdn.userway.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:19:28 GMT
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
cache-control: max-age=25920000, public
vary: Accept-Encoding
via: 1.1 65300528c6bb92d6f3753956257cb94e.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-P1
x-amz-cf-id: qEmd4YY0_H0K5-nYuAwD0ivav68EljmduqRTRXHFbnvIvTi8YwqtAw==
age: 53
x-accel-expires: @1699529293
server: CDN77-Turbo
x-77-nzt: AblMCQ0PQ4z/czEfAA
x-77-nzt-ray: c0a4cc28030727f5c071e0637708e719
x-cache: HIT
x-age: 2044275
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9d7d54937b70d60ca299d07980bc1e1e
42ee245e31b6c480419253d420a75159e107cc65
fd8c0e9b7ce1332347da031c471053f5acaab963f5aafd0e29bb94b90bcf9293
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
acd668a340b0e0a083b1629020f179db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
200 OK 2.7 kB URL HTTP/2 acd668a340b0e0a083b1629020f179db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: acd668a340b0e0a083b1629020f179db.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robishawpainting.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Mon, 06 Feb 2023 03:19:28 GMT
expires: Tue, 06 Feb 2024 03:19:28 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023013101&st=env
200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023013101&st=env
IP
File type JSON data\012- , ASCII text, with very long lines (14790), with no line terminators
Hash 2e685c33c9a837aeebdf31ae489e4140
6940db97afe6df807d67f1590c5b39174dee75b3
22753220a6f2e6f8c0c7d7b8a5c7117aac8d555f699a2505d63233cd3e71fa50
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023013101&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://robishawpainting.com
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Mon, 06 Feb 2023 03:19:28 GMT
server: cafe
content-length: 11165
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 711bfa565919548ccadd9e9e1ac41792
4ff0e50ab07d187f3e71e30924990461c77f8f04
92d179de98d6fd14807963bae6dae8852197f9fd7e498c3abd98143ff209ca28
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 040d512b73ad828b2dd7409c0c9dab49
a7b7256940377241abd22db537a864ec6348bf90
6e7f979d255eba736072b159be75a5865fd307781806c412ea66bb0f80e38aa6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:19:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 654bb4afbee97a7f7f52d4241fd50349
12867dd41b8f393490f2dc22bcbdf7b275d505be
288956f7512ad18e8f6cf0d0692c301a265f5058b40a0a4e95bcc9773c138c7b
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robishawpainting.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 06 Feb 2023 03:19:29 GMT
date: Mon, 06 Feb 2023 03:19:29 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-xUbvBC6ZfvLr6Ea3mOd4og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0f48a44e1aece8d271028a7b0684cac
9f7247a3bb9248cd281c568ebba6e52b38b00149
0a34b5dc66f170403e79b2315a7cacef1703ce3777a20914525f86d46c0cd637
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11481
x-amzn-requestid: b50de2d1-c23b-4908-8fc3-e84eea0382a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRFL-oAMFnSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-0254cda141886e0f39e8f8b3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KIJ6iTpVC0gVV6Q0dd_-ZTWkwm3q0vP52N3088Rd7O9pb8D39XfnBg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 19770
etag: "9f7247a3bb9248cd281c568ebba6e52b38b00149"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hb.wpmucdn.com/robishawpainting.com/69343d31-9226-4739-ba97-9cf76047aecd.js
200 OK 0 B URL HTTP/2 hb.wpmucdn.com/robishawpainting.com/69343d31-9226-4739-ba97-9cf76047aecd.js
IP
ASN #34989 ServeTheWorld AS
GET /robishawpainting.com/69343d31-9226-4739-ba97-9cf76047aecd.js HTTP/1.1
Host: hb.wpmucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:19:26 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 1101156
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestcountrycode: NO
vary: Accept-Encoding
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"ae88629d2ad0324344ab903eb05a2832"
last-modified: Sun, 29 Jan 2023 15:20:43 GMT
cdn-cachedat: 02/06/2023 03:19:21
x-amz-server-side-encryption: AES256
x-amz-meta-hb-minify: minify=0.0%, origSize=43245
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 839afab88531a86727c38d30c26e61a4
cdn-cache: HIT
X-Firefox-Spdy: h2
cdn.userway.org/widgetapp/2023-02-03/widget_app_base_1675467753789.js
200 OK 0 B URL HTTP/2 cdn.userway.org/widgetapp/2023-02-03/widget_app_base_1675467753789.js
IP
ASN #60068 Datacamp Limited
GET /widgetapp/2023-02-03/widget_app_base_1675467753789.js HTTP/1.1
Host: cdn.userway.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:19:27 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
last-modified: Fri, 03 Feb 2023 23:45:42 GMT
etag: W/"d5404079026900f5c1e497379b26176f"
cache-control: max-age=25920000, public
vary: Accept-Encoding
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: u3ILzOGzsRekJNFy1pZZ0BgNgYMyn2RxGr3PywaoJvM8cwnFGq-wLw==
age: 353
x-accel-expires: @1701388973
server: CDN77-Turbo
x-77-nzt: AblMCQ2dH0T/EtECAA
x-77-nzt-ray: c0a4cc28030727f5bf71e0632b25c406
x-cache: HIT
x-age: 184594
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
hb.wpmucdn.com/robishawpainting.com/ddd5b079-7362-45ef-a1ec-a0560efab4df.js
200 OK 0 B URL HTTP/2 hb.wpmucdn.com/robishawpainting.com/ddd5b079-7362-45ef-a1ec-a0560efab4df.js
IP
ASN #34989 ServeTheWorld AS
GET /robishawpainting.com/ddd5b079-7362-45ef-a1ec-a0560efab4df.js HTTP/1.1
Host: hb.wpmucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:19:26 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 1101156
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestcountrycode: NO
vary: Accept-Encoding
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"9da7fcf5d030e0d568df6a2c5fa713f7"
last-modified: Thu, 02 Feb 2023 15:01:29 GMT
cdn-cachedat: 02/06/2023 03:19:22
x-amz-server-side-encryption: AES256
x-amz-meta-hb-minify: minify=0.0%, origSize=53149
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 3d0b7889107280bf2fef007e47e51452
cdn-cache: HIT
X-Firefox-Spdy: h2
www.clickcease.com/monitor/stat.js
200 OK 0 B URL HTTP/2 www.clickcease.com/monitor/stat.js
IP
GET /monitor/stat.js HTTP/1.1
Host: www.clickcease.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 11:31:37 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 6Er2d0GJvgnFniPQXIH7h8kzG7dJBNJf
server: AmazonS3
content-encoding: gzip
date: Mon, 06 Feb 2023 03:19:22 GMT
etag: W/"1c27f449b067550681f23ad3e53988fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gG8ihgQ1EwfuRjZzxhhcQoES1w6ln_7VAp3hGRhoNdJNAwLloXsgmA==
age: 8
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
content-security-policy: frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: microphone 'none'; camera 'none';
X-Firefox-Spdy: h2
hb.wpmucdn.com/robishawpainting.com/8b6fb543-8168-4c93-8549-10e6d2dddee5.js
200 OK 0 B URL HTTP/2 hb.wpmucdn.com/robishawpainting.com/8b6fb543-8168-4c93-8549-10e6d2dddee5.js
IP
ASN #34989 ServeTheWorld AS
GET /robishawpainting.com/8b6fb543-8168-4c93-8549-10e6d2dddee5.js HTTP/1.1
Host: hb.wpmucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robishawpainting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:19:26 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 1101156
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestcountrycode: NO
vary: Accept-Encoding
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"eeca36bc5efdcb2fb67026f5a4a90a1b"
last-modified: Thu, 26 Jan 2023 04:23:39 GMT
cdn-cachedat: 02/06/2023 03:19:21
x-amz-server-side-encryption: AES256
x-amz-meta-hb-minify: minify=0.0%, origSize=89684
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: bbd23d6a3c6c81f52788dae6e735a81b
cdn-cache: HIT
X-Firefox-Spdy: h2
188.114.97.1
35.241.9.150
185.76.9.18
194.242.11.186
104.17.24.14
93.184.220.29