oh42fifty.org/2020/01/24/top-8-films-of-the-80s
301 Moved Permanently 162 B URL HTTP/1.1 oh42fifty.org/2020/01/24/top-8-films-of-the-80s
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET /2020/01/24/top-8-films-of-the-80s HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 06 Oct 2022 21:46:19 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s
X-ac: 3.arn _atomic_ams BYPASS
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: he0Uu1Q5waO70tCiGadBZzKpkgpacEU-2uHtv7JMLjilRp6dzxZdWQ==
Age: 107941
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2495
Expires: Thu, 06 Oct 2022 22:27:54 GMT
Date: Thu, 06 Oct 2022 21:46:19 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9834
Expires: Fri, 07 Oct 2022 00:30:14 GMT
Date: Thu, 06 Oct 2022 21:46:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dLbeNqcFst21ydFyeAJyB2eHS/8bs7+v4FO0HNm5IA6fvGSNGahA5MXjeFUiWw8kKRBWHIX/xOI=
x-amz-request-id: YJPF35N9VHF41VQV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 20:58:53 GMT
age: 2847
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 21:01:58 GMT
Expires: Thu, 06 Oct 2022 21:07:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vDcQ0JPYpCV3zsXgxR1ZmRMx3PXYxrDqW0Cuyj66jBwPlRZZ0m1XSQ==
Age: 2662
ocsp.digicert.com/
200 OK 471 B IP
Hash 8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6413
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:20 GMT
Last-Modified: Thu, 06 Oct 2022 19:59:27 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QXuT7Iv/avAapfvT9XgpEw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1A4XUktgEBsPQJDfprGRpFI6kIU=
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn-images.mailchimp.com/embedcode/classic-10_7.css
200 OK 1.3 kB URL HTTP/1.1 cdn-images.mailchimp.com/embedcode/classic-10_7.css
IP
File type ASCII text, with very long lines (398)
Hash 5e4b40134a8471fe4b1110bf58764e9c
ce96c14babd9c2139a4529fca412d597a63cc2d7
6552a745b136325bc30da26ec6f0aa75e5bc24daa431cfc7eb7b526d57dee82e
GET /embedcode/classic-10_7.css HTTP/1.1
Host: cdn-images.mailchimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Dec 2015 16:52:30 GMT
x-amz-version-id: null
Server: AmazonS3
Content-Encoding: gzip
Date: Thu, 06 Oct 2022 01:46:59 GMT
ETag: W/"ae0fc9b84c30cada1784022044962394"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uJs-oNNIj6PbVM3z2uV_sXZ_QNueQQxOj3krzKIGLZ0RGQYkpYueJQ==
Age: 71963
c0.wp.com/c/6.0.2/wp-includes/css/dist/block-library/style.min.css
200 OK 14 kB URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/css/dist/block-library/style.min.css
IP
File type ASCII text, with very long lines (43771)
Hash b3db38d8c3b0e7275d26b55666e92c54
83ab0ef892208b83102e21ea9b16601ce438f021
e41731b4b596f557cf90d08a5a610ee270eba103188d82098acfed477dd9d754
GET /c/6.0.2/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
content-encoding: br
expires: Fri, 06 Oct 2023 21:46:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js
200 OK 5.8 kB URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js
IP
File type ASCII text, with very long lines (11126)
Hash c767561b64e603f91b406db4d0b8d1a5
95fc16117735613daaa2f9a4fb94859823960d8d
a9065f75de45fab830ecb514e71490dd6ed73cd6d3b42c57cab33e115a8f954b
GET /c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Fri, 06 Oct 2023 21:46:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
Hash 4af6ef5fbb74ce766be4387c1d682d5d
59eec581ff529d4e24614e01316bca6bbcc481d3
e140e0c319d895721ced144d1261cf61959bb6fd86e59865b1db24433afc2415
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:46:21 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "6FEE1BA6D01C6E008B7B8890052AD02DEA61ACC2"
Expires: Fri, 07 Oct 2022 08:00:00 GMT
Last-Modified: Thu, 06 Oct 2022 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2656
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756196ddff20b521-OSL
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
oh42fifty.org/wp-content/uploads/2019/10/42Fifty_Oct_Bannerfix-1024x291.png
200 OK 47 kB URL HTTP/2 oh42fifty.org/wp-content/uploads/2019/10/42Fifty_Oct_Bannerfix-1024x291.png
IP
File type PNG image data, 1024 x 291, 8-bit/color RGBA, non-interlaced\012- data
Hash 141cff316d4bda54be994c387fdade66
df8d6ab51b674a2f32addb3dfd0f44eb722ce908
cd3fc89ba9c64f2cba8e1b0208071ac9e058e9207b8aeb740a9ceefa3f0a6392
GET /wp-content/uploads/2019/10/42Fifty_Oct_Bannerfix-1024x291.png HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: image/png
content-length: 46879
strict-transport-security: max-age=31536000
last-modified: Thu, 10 Oct 2019 16:26:32 GMT
etag: "5d9f5bb8-b71f"
accept-ranges: bytes
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
oh42fifty.org/wp-content/plugins/ml-slider/assets/sliders/flexslider/flexslider.css?ver=3.27.13
200 OK 1.6 kB URL HTTP/2 oh42fifty.org/wp-content/plugins/ml-slider/assets/sliders/flexslider/flexslider.css?ver=3.27.13
IP
File type ASCII text, with very long lines (3746)
Hash 9c9bcc7d7b298a59baf5f923b8f13ab6
7302da7557aaee879d6fe4f45ae3355006d0bd5a
6e005991f80e9c2b9171adffdd935598c3b9b405aaf4fc4b6cef908c6e207487
GET /wp-content/plugins/ml-slider/assets/sliders/flexslider/flexslider.css?ver=3.27.13 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Tue, 27 Sep 2022 03:22:03 GMT
vary: Accept-Encoding
etag: W/"63326c5b-ea3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 27120, version 1.0\012- data
Hash 43e7d3f1dec74478587a2b3cfa272631
c065f24ac428353854ebd6715c49966fc4f4c762
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
GET /s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oh42fifty.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 17:22:44 GMT
expires: Wed, 04 Oct 2023 17:22:44 GMT
cache-control: public, max-age=31536000
age: 188617
last-modified: Tue, 26 Apr 2022 16:42:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oh42fifty.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 18:59:14 GMT
expires: Tue, 03 Oct 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 269228
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/jetpack/modules/wpgroho.js?ver=11.5-a.1
200 OK 1.3 kB URL HTTP/2 oh42fifty.org/wp-content/plugins/jetpack/modules/wpgroho.js?ver=11.5-a.1
IP
Hash 53835f2b4447749c50d1deb8d1030ab1
47d1c3d1f52c1e5485c6817242413bc9983feb3b
db12fec5e0b910880440f8a49e5e1c7e61b32a20891904488db9eafa035d6729
GET /wp-content/plugins/jetpack/modules/wpgroho.js?ver=11.5-a.1 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Tue, 28 Jul 2020 17:06:48 GMT
vary: Accept-Encoding
etag: W/"5f205b28-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type gzip compressed data, max compression\012- data
Hash baa587b3377f3ff7c343050b15d7924e
6584a37717b01652e72e35cd5bd4815f6e14c15b
3bc13a6c54b4cf589dfc823d4caa1b146945ca7e5ebc2303906b938d48f357aa
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oh42fifty.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 05:42:51 GMT
expires: Fri, 06 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 57811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6352
Expires: Thu, 06 Oct 2022 23:32:14 GMT
Date: Thu, 06 Oct 2022 21:46:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6352
Expires: Thu, 06 Oct 2022 23:32:14 GMT
Date: Thu, 06 Oct 2022 21:46:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6352
Expires: Thu, 06 Oct 2022 23:32:14 GMT
Date: Thu, 06 Oct 2022 21:46:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6352
Expires: Thu, 06 Oct 2022 23:32:14 GMT
Date: Thu, 06 Oct 2022 21:46:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg
200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a1a279f8386262762dcf70621e06ed5
0e1d6cefe5ffe1994f26322962df8b0a13743339
a4146e8a0561009b63c55d0c13673958546b96f684a9c5a43a1f3200782798e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3777
x-amzn-requestid: 093c576f-e1f7-4d45-9f8c-7ca3e7539313
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPtDEpSIAMF_Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df986-3cbcc83c1db24bbf193c3047;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: GXneoYCI_hqJxLyI-RAxkJJf08pBsc6usoQlztb3HHPQSd1PDh7kgQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:52:47 GMT
age: 86015
etag: "0e1d6cefe5ffe1994f26322962df8b0a13743339"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/molongui-authorship/assets/css/author-box.cf86.min.css?ver=4.6.12
200 OK 17 kB URL HTTP/2 oh42fifty.org/wp-content/plugins/molongui-authorship/assets/css/author-box.cf86.min.css?ver=4.6.12
IP
File type ASCII text, with very long lines (57341), with no line terminators
Hash f911bdc5aa53f384ccba30f5304b7e71
e250cbd7df769895a72342e150d1213e6d7706cd
37af7c301ff2132904973b90583dbac6c80fb556164e26bfd02180946c0f3103
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/molongui-authorship/assets/css/author-box.cf86.min.css?ver=4.6.12 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Fri, 09 Sep 2022 17:26:08 GMT
vary: Accept-Encoding
etag: W/"631b7730-dffd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e520f87cae411cfc2ed1c8a14184385
69ad212cb7ae309d4f02019552887135bfae67da
723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 3lKuGlFCBN2wEsp9-Oa3ysQg62py090H30jy6_bR02Ufs0KGPrVC4w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:37:08 GMT
age: 554
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
secure.gravatar.com/js/gprofiles.js?ver=202240
200 OK 18 kB URL HTTP/2 secure.gravatar.com/js/gprofiles.js?ver=202240
IP
File type ASCII text, with very long lines (24043), with no line terminators
Hash 4486b95695ef355aeb1846bb2f48125b
32ab0c2a5566be18dd3602413c479fd111c3b0bd
e4dfb5c2e46f1f1c2609f7254756e70de94de99a8c8ba1c174eec2faa44b5bce
GET /js/gprofiles.js?ver=202240 HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 11:48:47 GMT
etag: W/"6323111f-5deb"
content-encoding: br
expires: Thu, 13 Oct 2022 21:46:21 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.27.13
200 OK 5.1 kB URL HTTP/2 oh42fifty.org/wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.27.13
IP
Hash 053acaf26dbf34905725d72a6c5c6a16
f3afe169f76533a47155c22eb9c17b908d5f6d1b
c9b4821cb3c07228fc7ea9a981c60233bdc30a7e67e0762c7cbc0f91da2d7a82
GET /wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.27.13 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Tue, 27 Sep 2022 03:22:03 GMT
vary: Accept-Encoding
etag: W/"63326c5b-1a3e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: e5d0bb7a-b9d5-49b1-b51c-8db019da641f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQOGEQloAMFjgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa5a-519d91fb0b83920960da479d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:42:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: l1HGT5ycH36vVojsOPFptRSU1YJFvLbBsgiWJqzRlRIGgm2o5vf6jg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:58:56 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 85646
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/uploads/2022/09/website-background-tile-lovely-subtle-light-tile-pattern-vol5-graphic-web-backgrounds-fbv-spm-e1664491910188.jpg
200 OK 49 kB URL HTTP/2 oh42fifty.org/wp-content/uploads/2022/09/website-background-tile-lovely-subtle-light-tile-pattern-vol5-graphic-web-backgrounds-fbv-spm-e1664491910188.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 628x331, components 3\012- data
Hash 53d4258baf0bf56e508ef76d8bd289b2
e5c8d6871255b8958455132a63f4c66d0a0c660d
8528b064cc6908ce9536689aeb7fd2f8564724b5c65b2188d1e38f42d745a1e4
GET /wp-content/uploads/2022/09/website-background-tile-lovely-subtle-light-tile-pattern-vol5-graphic-web-backgrounds-fbv-spm-e1664491910188.jpg HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:22 GMT
content-type: image/jpeg
content-length: 49173
strict-transport-security: max-age=31536000
last-modified: Thu, 29 Sep 2022 22:51:50 GMT
etag: "63362186-c015"
expires: Thu, 13 Oct 2022 21:46:22 GMT
cache-control: max-age=604800
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A11.5-a.1&blog=126022543&post=7126&tz=-5&srv=oh42fifty.org&hp=atomic&ac=2&=0&host=oh42fifty.org&ref=&fcp=2625&rand=0.18758351380333982
200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A11.5-a.1&blog=126022543&post=7126&tz=-5&srv=oh42fifty.org&hp=atomic&ac=2&=0&host=oh42fifty.org&ref=&fcp=2625&rand=0.18758351380333982
IP
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A11.5-a.1&blog=126022543&post=7126&tz=-5&srv=oh42fifty.org&hp=atomic&ac=2&=0&host=oh42fifty.org&ref=&fcp=2625&rand=0.18758351380333982 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:22 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/themes/Newsmag/images/icons/newsmag.woff?16
200 OK 24 kB URL HTTP/2 oh42fifty.org/wp-content/themes/Newsmag/images/icons/newsmag.woff?16
IP
File type Web Open Font Format, TrueType, length 23816, version 0.0\012- data
Hash 2c645a0b66cc091ea551375f2ba3b058
6b5f29da9636bccc7122ad5704b215fbdef79c03
e3619033670d012da540e2154524e4d1a05420a5064767239f5cd8911f75c9aa
GET /wp-content/themes/Newsmag/images/icons/newsmag.woff?16 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://oh42fifty.org/wp-content/themes/Newsmag/style.css?ver=5.2.1
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:22 GMT
content-type: application/font-woff
content-length: 23816
strict-transport-security: max-age=31536000
last-modified: Fri, 09 Sep 2022 17:12:36 GMT
etag: "631b7404-5d08"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
s0.wp.com/_static/??-eJx9i0EOwjAMwD5ElqGiTRwQT0FdG6BrG0aSiu9v2oET4mZZNn4WCC82YsPaYCntkVixpEyK70aNnp5jIelmPeDv2MeaGCYvWL0ayUZg4kPWf1NOWsnAdT3eEoevuMsex+291stxGE5uHM+9m1elpz5a
200 OK 8.4 kB URL HTTP/2 s0.wp.com/_static/??-eJx9i0EOwjAMwD5ElqGiTRwQT0FdG6BrG0aSiu9v2oET4mZZNn4WCC82YsPaYCntkVixpEyK70aNnp5jIelmPeDv2MeaGCYvWL0ayUZg4kPWf1NOWsnAdT3eEoevuMsex+291stxGE5uHM+9m1elpz5a
IP
Hash bae8132858e057eb2f9b3fa7c913f41e
9c424f9adf8f6156b6f3f1f6fcbdbd9efbd35c93
811da8387cf1a68698245606f5e7b0b8e6a586131906fba6614ad11275941123
GET /_static/??-eJx9i0EOwjAMwD5ElqGiTRwQT0FdG6BrG0aSiu9v2oET4mZZNn4WCC82YsPaYCntkVixpEyK70aNnp5jIelmPeDv2MeaGCYvWL0ayUZg4kPWf1NOWsnAdT3eEoevuMsex+291stxGE5uHM+9m1elpz5a HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:22 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 28 Sep 2022 15:11:57 GMT
etag: W/"6334643d-785e"
content-encoding: br
expires: Thu, 28 Sep 2023 15:12:00 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
s0.wp.com/_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j
200 OK 12 kB URL HTTP/2 s0.wp.com/_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j
IP
File type Unicode text, UTF-8 text, with very long lines (3416)
Hash 6b5a87bcd42807564a1c5db0f1a16a13
e481f7db96d3639626b955cf3eba53b5305b4dd1
f79b261bb81728b695327670f7b97c1cf70a183704be1941228d9d5b95351884
GET /_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:22 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 07:43:45 GMT
etag: W/"63218631-a4f5"
content-encoding: br
expires: Thu, 14 Sep 2023 07:43:50 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1652185836h&ver=6.1-alpha-53451
200 OK 5.3 kB URL HTTP/2 s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1652185836h&ver=6.1-alpha-53451
IP
File type ASCII text, with very long lines (15660)
Hash 88b6b08ca6f109a59d75b5094c0ba0c2
43042175a498200ad74ad7f6e70fb7504df7f41e
501ce8ef637056675c8c07039b66a08d644e6834d529d67dcb8f7fba6e1ab1f2
GET /wp-includes/js/wp-emoji-release.min.js?m=1652185836h&ver=6.1-alpha-53451 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:22 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"627a5af9-48b9"
content-encoding: br
expires: Fri, 06 Oct 2023 07:48:32 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
i0.wp.com/wp_user_avatar
400 Bad Request 49 B IP
File type ASCII text, with no line terminators
Hash 4ff4ebed4d93633e71d991de649b394b
662c5b644f8044040644cbfed791208aba42ef1d
23663030c710b18965a228d681f516e809797feea911243ea706cadba06a0306
GET /wp_user_avatar HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 06 Oct 2022 21:46:22 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-nc: HIT arn 7
s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes
200 OK 6.2 kB URL HTTP/2 s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes
IP
File type ASCII text, with very long lines (2702)
Hash 5ceee1e118ba621552e0ceac3ff6339b
c3752095f8b8b8091e633c54aaf4887a7d0dc14b
7e3d5563d7a40c3c59df5d871e989d2ae35fc60565cac4210e32dbd749898379
GET /wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:22 GMT
content-type: text/css
vary: Accept-Encoding
etag: W/"63242ce6-45a9"
content-encoding: br
expires: Sat, 16 Sep 2023 07:59:40 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
i0.wp.com/oh42fifty.org/wp-content/uploads/2020/01/image.jpeg-14.jpg?w=960&ssl=1
200 OK 613 kB URL HTTP/2 i0.wp.com/oh42fifty.org/wp-content/uploads/2020/01/image.jpeg-14.jpg?w=960&ssl=1
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 613 kB (613286 bytes)
Hash 64965b4cb90fdbc1b7db11a8ad821fb7
5e3e8e7da52efe11d431d7167331e64ed9e0eebb
1e24b7daa1009533a174606a8c6a4ebf2a5666352c713adbce996ffa76127a5f
GET /oh42fifty.org/wp-content/uploads/2020/01/image.jpeg-14.jpg?w=960&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:22 GMT
content-type: image/webp
content-length: 613286
last-modified: Thu, 06 Oct 2022 21:46:22 GMT
expires: Sun, 06 Oct 2024 09:46:22 GMT
cache-control: public, max-age=63115200
link: <https://oh42fifty.org/wp-content/uploads/2020/01/image.jpeg-14.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "4826c31843aa74d7"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
s0.wp.com/_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j
200 OK 58 kB URL HTTP/2 s0.wp.com/_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j
IP
Hash f1ae8f2f31dc11536ad4cc4edec00b22
a4ab79b2a1cb0c824537e01d070572e104e4c0fa
3697615447f398e65ba99d6b4fa3d58743a9d7a431514cf0355e406ca261864d
GET /_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:22 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 23 Nov 2021 21:55:38 GMT
etag: W/"619d635a-4b6b"
content-encoding: br
expires: Wed, 23 Nov 2022 21:55:44 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20221003/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Thu, 06 Oct 2022 05:39:19 GMT
expires: Thu, 20 Oct 2022 05:39:19 GMT
cache-control: public, max-age=1209600
age: 58023
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/oh42fifty.org/wp-content/uploads/2022/09/5C7CACF0-AB38-4BAB-BBFF-58B4B1E6B33B-e1664467911652.png?resize=100%2C75&ssl=1
200 OK 5.2 kB URL HTTP/2 i0.wp.com/oh42fifty.org/wp-content/uploads/2022/09/5C7CACF0-AB38-4BAB-BBFF-58B4B1E6B33B-e1664467911652.png?resize=100%2C75&ssl=1
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash ef3c35bbccab189b05b77df02f825840
506ad332edc8485700f6e6cf468008df6bdeeb0a
a9fab587f63151e4369596f8cebc15aa22a7b3aa23217ff6a751612cf513e20d
GET /oh42fifty.org/wp-content/uploads/2022/09/5C7CACF0-AB38-4BAB-BBFF-58B4B1E6B33B-e1664467911652.png?resize=100%2C75&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:23 GMT
content-type: image/webp
content-length: 5236
last-modified: Thu, 06 Oct 2022 21:46:23 GMT
expires: Sun, 06 Oct 2024 09:46:23 GMT
cache-control: public, max-age=63115200
link: <https://oh42fifty.org/wp-content/uploads/2022/09/5C7CACF0-AB38-4BAB-BBFF-58B4B1E6B33B-e1664467911652.png>; rel="canonical"
x-content-type-options: nosniff
etag: "170d334b26147572"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 87465c15992fe10c24c62a185f8c171d
fa938b624d06d1e2927c8eda6a44b2a32d930f59
239ef7fe5df8c396d96a928c20d66c842a5ec3e9ff71a3cd7c0068906fc3e537
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=oh42fifty.org
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=oh42fifty.org
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=oh42fifty.org HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 06 Oct 2022 21:46:23 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=oh42fifty.org
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=oh42fifty.org
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=oh42fifty.org HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 06 Oct 2022 21:46:23 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/oh42fifty.org/wp-content/uploads/2022/09/66A77A1F-8C19-4A38-8CC1-A720F6EFA52A-1.png?resize=100%2C75&ssl=1
200 OK 14 kB URL HTTP/2 i0.wp.com/oh42fifty.org/wp-content/uploads/2022/09/66A77A1F-8C19-4A38-8CC1-A720F6EFA52A-1.png?resize=100%2C75&ssl=1
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash fae04eb3d354192f06fef6b5aa79bf60
fba5bb4766a7b52f336273a9a84caae0394accc6
c4f9f6a19da5f1d179b70e4582b753ffa29fe333690332dcf7f7ecc3bf9f767f
GET /oh42fifty.org/wp-content/uploads/2022/09/66A77A1F-8C19-4A38-8CC1-A720F6EFA52A-1.png?resize=100%2C75&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:23 GMT
content-type: image/webp
content-length: 13868
last-modified: Thu, 06 Oct 2022 21:46:23 GMT
expires: Sun, 06 Oct 2024 09:46:23 GMT
cache-control: public, max-age=63115200
link: <https://oh42fifty.org/wp-content/uploads/2022/09/66A77A1F-8C19-4A38-8CC1-A720F6EFA52A-1.png>; rel="canonical"
x-content-type-options: nosniff
etag: "ce5444941dcbfd18"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 87465c15992fe10c24c62a185f8c171d
fa938b624d06d1e2927c8eda6a44b2a32d930f59
239ef7fe5df8c396d96a928c20d66c842a5ec3e9ff71a3cd7c0068906fc3e537
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/oh42fifty.org/wp-content/uploads/2022/09/IMG_1484-rotated.jpg?resize=100%2C75&ssl=1
200 OK 2.3 kB URL HTTP/2 i0.wp.com/oh42fifty.org/wp-content/uploads/2022/09/IMG_1484-rotated.jpg?resize=100%2C75&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x75, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cde9742a2a83282fb82b61cdcc913953
376e624dd349c1305cf940bf6f4c7b5e7224df23
005a2a2a4965770448f4f52b190c00182397c04f94e4f72e8eb01b033fd650e7
GET /oh42fifty.org/wp-content/uploads/2022/09/IMG_1484-rotated.jpg?resize=100%2C75&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:24 GMT
content-type: image/webp
content-length: 2272
last-modified: Thu, 06 Oct 2022 21:46:23 GMT
expires: Sun, 06 Oct 2024 09:46:23 GMT
cache-control: public, max-age=63115200
link: <https://oh42fifty.org/wp-content/uploads/2022/09/IMG_1484-rotated.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "8abb0b89cb5d38b5"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 68cae76ca08d4e9629466fe6e31c4401
174a7298fb239a33068a15a2e900956dee1f5c2c
e0a2fb0dd6b622408d720f55ba8a8e21edd3d6ab6072aaa716e13ae6af3f6381
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=oh42fifty.org&callback=_gfp_s_&client=ca-pub-9153099261159525
200 OK 202 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=oh42fifty.org&callback=_gfp_s_&client=ca-pub-9153099261159525
IP
File type ASCII text, with no line terminators
Hash e75cab09e017aac96f33451228e4715d
70974a738485140b3facecaf463e6b62cd468a71
9d8a702df6ebfaeeb2e7b174afec2e0c9b6a47ebfd7b1c3dd53ec0c3bd36b918
GET /gampad/cookie.js?domain=oh42fifty.org&callback=_gfp_s_&client=ca-pub-9153099261159525 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 06 Oct 2022 21:46:24 GMT
server: cafe
cache-control: private
content-length: 202
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 68cae76ca08d4e9629466fe6e31c4401
174a7298fb239a33068a15a2e900956dee1f5c2c
e0a2fb0dd6b622408d720f55ba8a8e21edd3d6ab6072aaa716e13ae6af3f6381
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/oh42fifty.org/wp-content/uploads/2022/09/IMG-1418.jpg?resize=100%2C75&ssl=1
200 OK 1.8 kB URL HTTP/2 i0.wp.com/oh42fifty.org/wp-content/uploads/2022/09/IMG-1418.jpg?resize=100%2C75&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x75, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 73b347b3c6b63d34945fc31108471658
b120d6c5f4aa4b69fff8e46fedfb35803fb4f942
29a76d0104cf54794a69b756e493cc596f87189a409e07569c9e190438c25fc0
GET /oh42fifty.org/wp-content/uploads/2022/09/IMG-1418.jpg?resize=100%2C75&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:24 GMT
content-type: image/webp
content-length: 1800
last-modified: Thu, 06 Oct 2022 21:46:24 GMT
expires: Sun, 06 Oct 2024 09:46:24 GMT
cache-control: public, max-age=63115200
link: <https://oh42fifty.org/wp-content/uploads/2022/09/IMG-1418.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "095cc50630b16af7"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 36b2ebb263a694be6b81a02818e3d9e4
b73b329f15a2fc2ab0d6ea468695b3f79c27be94
e76b12ed5b195fddd74ac3f63fd2f985e22fea47c025eec8b0260b5560f9c515
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 06 Oct 2022 21:46:24 GMT
expires: Thu, 06 Oct 2022 21:46:24 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 20:36:17 GMT
expires: Thu, 05 Oct 2023 20:36:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 90607
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 38c8ed81c69d2af0003394c9fb9274c5
a71c6fb6d685275f8a8c7d9d87860df08a450038
fdff30d374603ecd62c6d244a1175731787725dba48777122802055969be28f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:46:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash b6a8e3691b1e299106dfba5f04c674eb
ee8ed6e0460076e98db0e226783b175fc1e02e36
5a68520155ac1ff007c1e65dc77265e7c4b1d3032c96d5eed206c00e7574b3d7
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 06 Oct 2022 21:46:24 GMT
date: Thu, 06 Oct 2022 21:46:24 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-BN40v2tGMhL7_3WfETp8rQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pixel.wp.com/boom.gif?bilmur=1&batcache_hit=0&provider=wordpress.com&service=atomic&host_name=oh42fifty.org&url_path=%2F2020%2F01%2F24%2Ftop-8-films-of-the-80s%2F&nt_fetchStart=1057&nt_domainLookupStart=1057&nt_domainLookupEnd=1057&nt_connectStart=1057&nt_connectEnd=1057&nt_secureConnectionStart=1056&nt_requestStart=1059&nt_responseStart=1885&nt_responseEnd=1902&nt_domLoading=1894&nt_domInteractive=2685&nt_domContentLoadedEventStart=2694&nt_domContentLoadedEventEnd=2794&nt_domComplete=3173&nt_loadEventStart=3173&nt_loadEventEnd=3197&nt_redirectCount=0&nt_api_level=2&first_contentful_paint=2625&resource_size=2198694&resource_transferred=521229&js_size=615402&js_transferred=177931&resource_cache_percent=10&js_cache_percent=0&last_resource_end=5740
204 No Content 0 B URL HTTP/2 pixel.wp.com/boom.gif?bilmur=1&batcache_hit=0&provider=wordpress.com&service=atomic&host_name=oh42fifty.org&url_path=%2F2020%2F01%2F24%2Ftop-8-films-of-the-80s%2F&nt_fetchStart=1057&nt_domainLookupStart=1057&nt_domainLookupEnd=1057&nt_connectStart=1057&nt_connectEnd=1057&nt_secureConnectionStart=1056&nt_requestStart=1059&nt_responseStart=1885&nt_responseEnd=1902&nt_domLoading=1894&nt_domInteractive=2685&nt_domContentLoadedEventStart=2694&nt_domContentLoadedEventEnd=2794&nt_domComplete=3173&nt_loadEventStart=3173&nt_loadEventEnd=3197&nt_redirectCount=0&nt_api_level=2&first_contentful_paint=2625&resource_size=2198694&resource_transferred=521229&js_size=615402&js_transferred=177931&resource_cache_percent=10&js_cache_percent=0&last_resource_end=5740
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /boom.gif?bilmur=1&batcache_hit=0&provider=wordpress.com&service=atomic&host_name=oh42fifty.org&url_path=%2F2020%2F01%2F24%2Ftop-8-films-of-the-80s%2F&nt_fetchStart=1057&nt_domainLookupStart=1057&nt_domainLookupEnd=1057&nt_connectStart=1057&nt_connectEnd=1057&nt_secureConnectionStart=1056&nt_requestStart=1059&nt_responseStart=1885&nt_responseEnd=1902&nt_domLoading=1894&nt_domInteractive=2685&nt_domContentLoadedEventStart=2694&nt_domContentLoadedEventEnd=2794&nt_domComplete=3173&nt_loadEventStart=3173&nt_loadEventEnd=3197&nt_redirectCount=0&nt_api_level=2&first_contentful_paint=2625&resource_size=2198694&resource_transferred=521229&js_size=615402&js_transferred=177931&resource_cache_percent=10&js_cache_percent=0&last_resource_end=5740 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 06 Oct 2022 21:46:27 GMT
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbba56f647bf5989ca51863632bbebfc
26694f34166345ee5693653e0101db6b910e68ba
ec5cc38f2a77e8e655aeeb7a376cf882ccb7163e4ef9d1ce4633ab4754e48765
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4140
x-amzn-requestid: f3cb33c4-26b6-4fd8-9293-dfb42be34600
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZiEZ4IAMFvLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-424459547db8b3d721d75e54;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: q70sezhl0h-lASzUDh5_WQ6KraRa3fWYl_tO0iuE0CpbJ5GeiihgMw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:36:30 GMT
age: 598
etag: "26694f34166345ee5693653e0101db6b910e68ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.0.2
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.0.2
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.0.2 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sat, 01 Oct 2022 15:22:14 GMT
vary: Accept-Encoding
etag: W/"63385b26-3a75"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
secure.gravatar.com/dist/css/hovercard.min.css?ver=202240
200 OK 0 B URL HTTP/2 secure.gravatar.com/dist/css/hovercard.min.css?ver=202240
IP
GET /dist/css/hovercard.min.css?ver=202240 HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:22 GMT
content-type: text/css
last-modified: Wed, 11 Nov 2020 15:57:10 GMT
etag: W/"5fac09d6-1e86"
content-encoding: br
expires: Thu, 13 Oct 2022 21:46:22 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
0.gravatar.com/dist/css/services.min.css?ver=202240z
200 OK 0 B URL HTTP/2 0.gravatar.com/dist/css/services.min.css?ver=202240z
IP
GET /dist/css/services.min.css?ver=202240z HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:22 GMT
content-type: text/css
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
etag: W/"5ab37b5c-a54"
content-encoding: br
expires: Thu, 13 Oct 2022 21:46:22 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
oh42fifty.org/2020/01/24/top-8-films-of-the-80s
301 Moved Permanently 0 B URL HTTP/2 oh42fifty.org/2020/01/24/top-8-films-of-the-80s
IP
Analyzer Verdict Alert fortinet Phishing
GET /2020/01/24/top-8-films-of-the-80s HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 06 Oct 2022 21:46:20 GMT
content-type: text/html; charset=UTF-8
location: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
strict-transport-security: max-age=31536000
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
vary: Cookie
set-cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220; expires=Thu, 06-Oct-2022 22:16:20 GMT; Max-Age=1800; path=/
x-pingback: https://oh42fifty.org/xmlrpc.php
x-redirect-by: WordPress
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/wp-trending-post-slider-and-widget/assets/css/wtpsw-public.css?ver=1.5.5
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/wp-trending-post-slider-and-widget/assets/css/wtpsw-public.css?ver=1.5.5
IP
GET /wp-content/plugins/wp-trending-post-slider-and-widget/assets/css/wtpsw-public.css?ver=1.5.5 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Thu, 29 Sep 2022 20:10:34 GMT
vary: Accept-Encoding
etag: W/"6335fbba-2861"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
stats.wp.com/e-202240.js
200 OK 0 B IP
GET /e-202240.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 25 Sep 2023 06:12:14 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.2.0
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.2.0
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.2.0 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sat, 01 Oct 2022 15:22:14 GMT
vary: Accept-Encoding
etag: W/"63385b26-3601"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
secure.gravatar.com/dist/css/services.min.css?ver=202240
200 OK 0 B URL HTTP/2 secure.gravatar.com/dist/css/services.min.css?ver=202240
IP
GET /dist/css/services.min.css?ver=202240 HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:22 GMT
content-type: text/css
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
etag: W/"5ab37b5c-a54"
content-encoding: br
expires: Thu, 13 Oct 2022 21:46:22 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/td-composer/legacy/Newsmag/assets/css/td_legacy_main.css?ver=9051206d0908def74825384f6e829588
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/td-composer/legacy/Newsmag/assets/css/td_legacy_main.css?ver=9051206d0908def74825384f6e829588
IP
GET /wp-content/plugins/td-composer/legacy/Newsmag/assets/css/td_legacy_main.css?ver=9051206d0908def74825384f6e829588 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Fri, 09 Sep 2022 17:12:56 GMT
vary: Accept-Encoding
etag: W/"631b7418-92837"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/themes/Newsmag/style.css?ver=5.2.1
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/themes/Newsmag/style.css?ver=5.2.1
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Newsmag/style.css?ver=5.2.1 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Fri, 09 Sep 2022 17:12:36 GMT
vary: Accept-Encoding
etag: W/"631b7404-25662"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
s0.wp.com/wp-content/js/bilmur.min.js?m=202240
200 OK 0 B URL HTTP/2 s0.wp.com/wp-content/js/bilmur.min.js?m=202240
IP
GET /wp-content/js/bilmur.min.js?m=202240 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b68a-16da"
content-encoding: br
expires: Tue, 03 Oct 2023 00:00:01 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/td-composer/legacy/Newsmag/includes/demos/magazine/demo_style.css?ver=5.2.1
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/td-composer/legacy/Newsmag/includes/demos/magazine/demo_style.css?ver=5.2.1
IP
GET /wp-content/plugins/td-composer/legacy/Newsmag/includes/demos/magazine/demo_style.css?ver=5.2.1 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Fri, 09 Sep 2022 17:12:56 GMT
vary: Accept-Encoding
etag: W/"631b7418-104a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/advanced-post-slider/advps-style.css?ver=6.0.2
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/advanced-post-slider/advps-style.css?ver=6.0.2
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/advanced-post-slider/advps-style.css?ver=6.0.2 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sat, 23 Jul 2022 03:23:13 GMT
vary: Accept-Encoding
etag: W/"62db69a1-19a9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/wp-trending-post-slider-and-widget/assets/css/slick.css?ver=1.5.5
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/wp-trending-post-slider-and-widget/assets/css/slick.css?ver=1.5.5
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-trending-post-slider-and-widget/assets/css/slick.css?ver=1.5.5 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Thu, 29 Sep 2022 20:10:34 GMT
vary: Accept-Encoding
etag: W/"6335fbba-627"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5-a.1
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5-a.1
IP
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.5-a.1 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Sep 2022 17:43:06 GMT
vary: Accept-Encoding
etag: W/"632c9eaa-14ef8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Wed, 05 Oct 2022 15:54:45 GMT
vary: Accept-Encoding
etag: W/"633da8c5-30cd"
expires: Thu, 13 Oct 2022 21:46:21 GMT
cache-control: max-age=604800
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/text-media-widget-styles/css/widget-text.css?ver=20170607
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/text-media-widget-styles/css/widget-text.css?ver=20170607
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/mu-plugins/wpcomsh/vendor/automattic/text-media-widget-styles/css/widget-text.css?ver=20170607 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Wed, 05 Oct 2022 15:54:45 GMT
vary: Accept-Encoding
etag: W/"633da8c5-33c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
vary: Accept-Encoding
etag: W/"62551487-48b9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP
GET /c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Fri, 06 Oct 2023 21:46:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
jetpack.wordpress.com/jetpack-comment/?blogid=126022543&postid=7126&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=wp_user_avatar&greeting=Leave+a+Reply&jetpack_comments_nonce=ff51c58223&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=11.5-a.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=e54109f02c4afb7dd04d1b3a7e3bdbe0931c8c6b
200 OK 0 B URL HTTP/2 jetpack.wordpress.com/jetpack-comment/?blogid=126022543&postid=7126&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=wp_user_avatar&greeting=Leave+a+Reply&jetpack_comments_nonce=ff51c58223&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=11.5-a.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=e54109f02c4afb7dd04d1b3a7e3bdbe0931c8c6b
IP
GET /jetpack-comment/?blogid=126022543&postid=7126&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=wp_user_avatar&greeting=Leave+a+Reply&jetpack_comments_nonce=ff51c58223&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=11.5-a.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=e54109f02c4afb7dd04d1b3a7e3bdbe0931c8c6b HTTP/1.1
Host: jetpack.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
content-encoding: br
x-ac: 4.arn _dca BYPASS
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h
200 OK 0 B URL HTTP/2 s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h
IP
GET /wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:22 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"5ffc31a9-465"
content-encoding: br
expires: Thu, 10 Nov 2022 15:10:52 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Dec 2021 16:56:48 GMT
vary: Accept-Encoding
etag: W/"61af9250-2ad"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/wp-trending-post-slider-and-widget/assets/js/wtpsw-public.js?ver=1.5.5
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/wp-trending-post-slider-and-widget/assets/js/wtpsw-public.js?ver=1.5.5
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-trending-post-slider-and-widget/assets/js/wtpsw-public.js?ver=1.5.5 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Thu, 29 Sep 2022 20:10:34 GMT
vary: Accept-Encoding
etag: W/"6335fbba-1fbf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.2.0
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.2.0
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.2.0 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Sat, 01 Oct 2022 15:22:14 GMT
vary: Accept-Encoding
etag: W/"63385b26-494e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.2.0
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.2.0
IP
GET /wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.2.0 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Sat, 01 Oct 2022 15:22:14 GMT
vary: Accept-Encoding
etag: W/"63385b26-114c3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslider.min.js?ver=3.27.13
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslider.min.js?ver=3.27.13
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslider.min.js?ver=3.27.13 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Tue, 27 Sep 2022 03:22:03 GMT
vary: Accept-Encoding
etag: W/"63326c5b-5d2d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto+Condensed%3A400%2C500%2C700&display=swap&ver=5.2.1
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto+Condensed%3A400%2C500%2C700&display=swap&ver=5.2.1
IP
GET /css?family=Open+Sans%3A400%2C600%2C700%7CRoboto+Condensed%3A400%2C500%2C700&display=swap&ver=5.2.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 21:46:21 GMT
date: Thu, 06 Oct 2022 21:46:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/advanced-post-slider/bxslider/jquery.bxslider.min.js?ver=6.0.2
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/advanced-post-slider/bxslider/jquery.bxslider.min.js?ver=6.0.2
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/advanced-post-slider/bxslider/jquery.bxslider.min.js?ver=6.0.2 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Sat, 23 Jul 2022 03:23:13 GMT
vary: Accept-Encoding
etag: W/"62db69a1-4b9f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.2.0
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.2.0
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.2.0 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Sat, 01 Oct 2022 15:22:14 GMT
vary: Accept-Encoding
etag: W/"63385b26-c5ad"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
0.gravatar.com/dist/css/hovercard.min.css?ver=202240z
200 OK 0 B URL HTTP/2 0.gravatar.com/dist/css/hovercard.min.css?ver=202240z
IP
GET /dist/css/hovercard.min.css?ver=202240z HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:22 GMT
content-type: text/css
last-modified: Wed, 11 Nov 2020 15:57:10 GMT
etag: W/"5fac09d6-1e86"
content-encoding: br
expires: Thu, 13 Oct 2022 21:46:22 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/post-content-shortcodes/styles/default-styles.css?ver=1.0
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/post-content-shortcodes/styles/default-styles.css?ver=1.0
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/post-content-shortcodes/styles/default-styles.css?ver=1.0 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2019 15:47:27 GMT
vary: Accept-Encoding
etag: W/"5c910f0f-53d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery.min.js
IP
GET /c/6.0.2/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
content-encoding: br
expires: Fri, 06 Oct 2023 21:46:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.2.0
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.2.0
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.2.0 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sat, 01 Oct 2022 15:22:14 GMT
vary: Accept-Encoding
etag: W/"63385b26-18549"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/td-composer/legacy/Newsmag/js/tagdiv_theme.min.js?ver=5.2.1
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/td-composer/legacy/Newsmag/js/tagdiv_theme.min.js?ver=5.2.1
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/td-composer/legacy/Newsmag/js/tagdiv_theme.min.js?ver=5.2.1 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Fri, 09 Sep 2022 17:12:56 GMT
vary: Accept-Encoding
etag: W/"631b7418-3ef2c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664378836
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664378836
IP
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664378836 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Wed, 28 Sep 2022 15:27:16 GMT
vary: Accept-Encoding
etag: W/"633467d4-29ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/advanced-post-slider/js/advps.frnt.script.js?ver=6.0.2
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/advanced-post-slider/js/advps.frnt.script.js?ver=6.0.2
IP
GET /wp-content/plugins/advanced-post-slider/js/advps.frnt.script.js?ver=6.0.2 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Sat, 23 Jul 2022 03:23:13 GMT
vary: Accept-Encoding
etag: W/"62db69a1-398"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-admin/admin-ajax.php
200 OK 0 B URL HTTP/2 oh42fifty.org/wp-admin/admin-ajax.php
IP
Analyzer Verdict Alert fortinet Phishing
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 51
Origin: https://oh42fifty.org
Connection: keep-alive
Referer: https://oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:23 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
set-cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220; expires=Thu, 06-Oct-2022 22:16:20 GMT; Max-Age=1798; path=/
access-control-allow-origin: https://oh42fifty.org
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
200 OK 0 B URL HTTP/2 oh42fifty.org/2020/01/24/top-8-films-of-the-80s/
IP
Analyzer Verdict Alert fortinet Phishing
GET /2020/01/24/top-8-films-of-the-80s/ HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
vary: Accept-Encoding, Cookie
set-cookie: ppwp_wp_session=41eca929fc09b8b28545a01e946c0900%7C%7C1665094580%7C%7C1665094220; expires=Thu, 06-Oct-2022 22:16:20 GMT; Max-Age=1800; path=/
x-pingback: https://oh42fifty.org/xmlrpc.php
link: <https://oh42fifty.org/wp-json/>; rel="https://api.w.org/", <https://oh42fifty.org/wp-json/wp/v2/posts/7126>; rel="alternate"; type="application/json", <https://wp.me/p8wMdF-1QW>; rel=shortlink
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP
GET /c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:46:21 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Fri, 06 Oct 2023 21:46:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
192.0.78.239
93.184.220.29
104.18.21.226
23.36.76.226