firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 21:08:48 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: V2N6mfOv-X6KlGdeZr_Kq6V985nXSq66teQZtMzS9-kGXW3sHDFfdg==
Age: 3491
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15371
Expires: Thu, 08 Sep 2022 02:23:11 GMT
Date: Wed, 07 Sep 2022 22:07:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7otcBugbclfm4xHFAXU_byN3YNohlmir_KOylOsIyRTIxYkp88VnlA==
age: 66026
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 22:07:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bettervision2020.com/
301 Moved Permanently 20 B IP
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Sep 2022 22:07:00 GMT
Server: Apache
X-Redirect-By: WordPress
Content-Encoding: gzip
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://bettervision2020.com/
Cache-Control: max-age=0
Expires: Wed, 07 Sep 2022 22:07:00 GMT
Keep-Alive: timeout=2, max=500
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 07 Sep 2022 21:38:18 GMT
Expires: Wed, 07 Sep 2022 22:05:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TQKBVnAkgspa-qviCO89zZofIT7sZgjrZ-qkHVcjSTyQZTYILIqHbA==
Age: 1723
ocsp.digicert.com/
200 OK 471 B IP
Hash a81b0f5b5d11bf95fc176833b2f6e808
5b194aa5a8bf3a6b0d117ccfd0f487f6db0587b5
8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3292
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 22:07:01 GMT
Last-Modified: Wed, 07 Sep 2022 21:12:09 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
bettervision2020.com/
200 OK 18 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (20800), with CRLF, CR, LF line terminators
Hash d30a080308cb2a46ff17ec167168664f
11f57958e37250f5d4fb448d15aa72ee76f66a37
9c1df1a8c7b3717c376fb18f2223d07ba8c638b2154a0075f0bd0256c8072a26
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Wed, 07 Sep 2022 14:39:04 GMT
accept-ranges: bytes
content-length: 17566
cache-control: max-age=0
expires: Wed, 07 Sep 2022 22:07:01 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Wed, 07 Sep 2022 22:07:01 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 22:07:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 22:07:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4
200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4
IP
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 11:09:47 GMT
expires: Thu, 07 Sep 2023 11:09:47 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 39434
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 22:07:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 22:07:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bettervision2020.com/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.0.3
200 OK 7.4 kB URL HTTP/2 bettervision2020.com/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.0.3
IP
Hash 4d4d57e417715717bc062849cde5fc1c
ed29086757c74aa094bee6cab4e7d49b526d1f88
263ef5bd84d5ca78e4d016226981ed31de2928e872f5c7cb4c04d505ede65f36
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.0.3 HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 31 May 2021 14:27:55 GMT
accept-ranges: bytes
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Fri, 07 Oct 2022 22:07:01 GMT
content-encoding: gzip
content-length: 7420
content-type: application/x-javascript; charset=utf-8
date: Wed, 07 Sep 2022 22:07:01 GMT
server: Apache
X-Firefox-Spdy: h2
bettervision2020.com/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5
200 OK 9.2 kB URL HTTP/2 bettervision2020.com/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5
IP
File type HTML document, ASCII text, with very long lines (25075)
Hash 6fd993295c10af28ab2c97111929ac30
800fffb83a99e8bc9de54cc783b741dc203939d0
f11a157690810efe6d8654ef9a3ff8fe10e41bebd0c0d8cd36f7e229750f2dec
GET /wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5 HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 31 May 2021 14:27:55 GMT
accept-ranges: bytes
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Fri, 07 Oct 2022 22:07:01 GMT
content-encoding: gzip
content-length: 9161
content-type: application/x-javascript; charset=utf-8
date: Wed, 07 Sep 2022 22:07:01 GMT
server: Apache
X-Firefox-Spdy: h2
bettervision2020.com/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=1.5.75
200 OK 6.1 kB URL HTTP/2 bettervision2020.com/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=1.5.75
IP
File type ASCII text, with very long lines (24110)
Hash 7ab8d3ba1d5a2f96626648b90fdc55c5
558a2a26ffdaf36cc5d4edac62c7d680f2fa7910
69d9815a8ea613418eb73030fdc9f746802282ca698358fbb7bf9b9b817e6c63
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=1.5.75 HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 31 May 2021 14:27:55 GMT
accept-ranges: bytes
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Fri, 07 Oct 2022 22:07:01 GMT
content-encoding: gzip
content-length: 6141
content-type: application/x-javascript; charset=utf-8
date: Wed, 07 Sep 2022 22:07:01 GMT
server: Apache
X-Firefox-Spdy: h2
bettervision2020.com/wp-content/plugins/photo-gallery/js/jquery.fullscreen-0.4.1.min.js?ver=0.4.1
200 OK 2.5 kB URL HTTP/2 bettervision2020.com/wp-content/plugins/photo-gallery/js/jquery.fullscreen-0.4.1.min.js?ver=0.4.1
IP
Hash ea83177d4cb30222e59c38dd78299698
eb099c8f87e5b17f2cdc5ba76b0f6c683391d0bf
39137ee3995c87d76315d9725ec88d8b631a559adb6b37a4f655703701e59ef2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/js/jquery.fullscreen-0.4.1.min.js?ver=0.4.1 HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 31 May 2021 14:27:55 GMT
accept-ranges: bytes
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Fri, 07 Oct 2022 22:07:01 GMT
content-encoding: gzip
content-length: 2460
content-type: application/x-javascript; charset=utf-8
date: Wed, 07 Sep 2022 22:07:01 GMT
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6WYDeWd4kSRJCSn0ba9eeQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: J9TK0CjBBWcEI+ZetHXhCf4dnWA=
bettervision2020.com/wp-content/cache/min/1/147db3552b227eedc58c4d99ee3a1734.css
200 OK 41 kB URL HTTP/2 bettervision2020.com/wp-content/cache/min/1/147db3552b227eedc58c4d99ee3a1734.css
IP
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash d61c46dde4be28bd88ffa9edd3768455
e0d26ecb376a1ccb1fdcb0fa0e7574d9c52d5050
0c9365e40a3ba88dd3fb544707085daf7b0e8a11a39f31ca7550de99afa3a850
GET /wp-content/cache/min/1/147db3552b227eedc58c4d99ee3a1734.css HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Wed, 15 Dec 2021 22:27:55 GMT
accept-ranges: bytes
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Thu, 07 Sep 2023 22:07:01 GMT
content-encoding: gzip
content-length: 40769
content-type: text/css; charset=utf-8
date: Wed, 07 Sep 2022 22:07:01 GMT
server: Apache
X-Firefox-Spdy: h2
bettervision2020.com/wp-content/cache/min/1/wp-content/themes/revolutionary-child/assets/wow-0a837544c93e5b9f73fe60e5408344de.js
200 OK 1.8 kB URL HTTP/2 bettervision2020.com/wp-content/cache/min/1/wp-content/themes/revolutionary-child/assets/wow-0a837544c93e5b9f73fe60e5408344de.js
IP
File type ASCII text, with very long lines (4915)
Hash b8a26168712cce281f6583198ec26472
51b64ab025d0828ec992be2e4ed40e3f96062400
c6ff31f0226cce5be8d4379d5371a084fa6d12757244fdc319abd3e64219f93f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/min/1/wp-content/themes/revolutionary-child/assets/wow-0a837544c93e5b9f73fe60e5408344de.js HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Wed, 31 Aug 2022 10:39:51 GMT
accept-ranges: bytes
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Fri, 07 Oct 2022 22:07:01 GMT
content-encoding: gzip
content-length: 1775
content-type: application/x-javascript; charset=utf-8
date: Wed, 07 Sep 2022 22:07:01 GMT
server: Apache
X-Firefox-Spdy: h2
bettervision2020.com/wp-content/cache/min/1/wp-content/themes/mts_schema/js/customscript-7dbb24751680ebea24b9ae378fc2acfd.js
200 OK 2.3 kB URL HTTP/2 bettervision2020.com/wp-content/cache/min/1/wp-content/themes/mts_schema/js/customscript-7dbb24751680ebea24b9ae378fc2acfd.js
IP
File type ASCII text, with very long lines (1577)
Hash 13091c456fdf33bd3fb4cfc51dbc827d
2a0867065a3c9385df5b1c3a1d344b80f833b8d7
3dbf18b0264e07320494b418d1d37cb012dbdd4f3603a9b7d8d002d694f7f587
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/min/1/wp-content/themes/mts_schema/js/customscript-7dbb24751680ebea24b9ae378fc2acfd.js HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Wed, 31 Aug 2022 10:39:51 GMT
accept-ranges: bytes
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Fri, 07 Oct 2022 22:07:01 GMT
content-encoding: gzip
content-length: 2278
content-type: application/x-javascript; charset=utf-8
date: Wed, 07 Sep 2022 22:07:01 GMT
server: Apache
X-Firefox-Spdy: h2
bettervision2020.com/wp-content/themes/revolutionary-child/assets/slick.min.js?ver=5.7.7
200 OK 11 kB URL HTTP/2 bettervision2020.com/wp-content/themes/revolutionary-child/assets/slick.min.js?ver=5.7.7
IP
File type ASCII text, with very long lines (42862), with CRLF line terminators
Hash 8e88253794d5d6521963e74c0c6fb17d
48658773d7289a2ab3fd478ab341b16112d45f4a
3d81fae85230aad3783e1c1f45e5f2be708ec796eb134daab7045fa8dc310436
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/revolutionary-child/assets/slick.min.js?ver=5.7.7 HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Sun, 29 Mar 2020 11:14:55 GMT
accept-ranges: bytes
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Fri, 07 Oct 2022 22:07:01 GMT
content-encoding: gzip
content-length: 10783
content-type: application/x-javascript; charset=utf-8
date: Wed, 07 Sep 2022 22:07:01 GMT
server: Apache
X-Firefox-Spdy: h2
bettervision2020.com/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.5.75
200 OK 31 kB URL HTTP/2 bettervision2020.com/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.5.75
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 55da2186b65dcbb9f08e586ffde80ad7
d597f3b046a83f86376f6f536cf7d98ccb4aaeed
3bab0249fa30d2d6b9abca642f09460f070f3db52d2f1c26123dd5b9f7b6776c
GET /wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.5.75 HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 31 May 2021 14:27:55 GMT
accept-ranges: bytes
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Fri, 07 Oct 2022 22:07:01 GMT
content-encoding: gzip
content-length: 31081
content-type: application/x-javascript; charset=utf-8
date: Wed, 07 Sep 2022 22:07:01 GMT
server: Apache
X-Firefox-Spdy: h2
bettervision2020.com/wp-includes/js/wp-embed.min.js?ver=5.7.7
200 OK 765 B URL HTTP/2 bettervision2020.com/wp-includes/js/wp-embed.min.js?ver=5.7.7
IP
File type ASCII text, with very long lines (1391)
Hash fe875afb236ee8f0d50040fe58d848d4
e6b1b67093b429c95d5b9db07a7eba39e02cf0e5
328a6a072b91134f2802ae25e070f38ff156ceee2c6ec6a6253ae4b27af73b49
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=5.7.7 HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Thu, 25 Feb 2021 03:55:08 GMT
accept-ranges: bytes
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Fri, 07 Oct 2022 22:07:01 GMT
content-encoding: gzip
content-length: 765
content-type: application/x-javascript; charset=utf-8
date: Wed, 07 Sep 2022 22:07:01 GMT
server: Apache
X-Firefox-Spdy: h2
bettervision2020.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
200 OK 2.7 kB URL HTTP/2 bettervision2020.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
IP
File type ASCII text, with very long lines (7889)
Hash f30be0c895abc6e9806990de4a5c6a3f
4c3a309acb1a36dfc1196d0f99648efecc63edc6
5527d8cc1ff8638d6eb220120e306257877fcaf9c25f1b3e58c428808293a7d0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 31 May 2021 14:36:07 GMT
accept-ranges: bytes
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Fri, 07 Oct 2022 22:07:01 GMT
content-encoding: gzip
content-length: 2704
content-type: application/x-javascript; charset=utf-8
date: Wed, 07 Sep 2022 22:07:01 GMT
server: Apache
X-Firefox-Spdy: h2
bettervision2020.com/wp-content/themes/revolutionary-child/assets/parallax.min.js?ver=5.7.7
200 OK 3.2 kB URL HTTP/2 bettervision2020.com/wp-content/themes/revolutionary-child/assets/parallax.min.js?ver=5.7.7
IP
Hash 22fdac16dec7f59a549ce41e7bb18e9e
c149c30d394808478f58c3b68e7f04b112b76a1a
1919d441238781354ea11391b3af555fb51d86bc91f3abf71364ede88eb164a1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/revolutionary-child/assets/parallax.min.js?ver=5.7.7 HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Sun, 29 Mar 2020 11:14:55 GMT
accept-ranges: bytes
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Fri, 07 Oct 2022 22:07:01 GMT
content-encoding: gzip
content-length: 3171
content-type: application/x-javascript; charset=utf-8
date: Wed, 07 Sep 2022 22:07:01 GMT
server: Apache
X-Firefox-Spdy: h2
bettervision2020.com/wp-content/plugins/wp-accessibility-helper/assets/js/wp-accessibility-helper.min.js?ver=1.0.0
200 OK 2.7 kB URL HTTP/2 bettervision2020.com/wp-content/plugins/wp-accessibility-helper/assets/js/wp-accessibility-helper.min.js?ver=1.0.0
IP
File type ASCII text, with very long lines (8913), with no line terminators
Hash 2b0f810aaf59328ec50bfc239370a7ec
65359cd619953ef5f6a60ee6bf0aa73d1deb07c0
c1832104e14ce49fb11054f1f484b1ec5c11ec5110a7be9d3364e1cd2e63300a
GET /wp-content/plugins/wp-accessibility-helper/assets/js/wp-accessibility-helper.min.js?ver=1.0.0 HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 31 May 2021 14:28:06 GMT
accept-ranges: bytes
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Fri, 07 Oct 2022 22:07:01 GMT
content-encoding: gzip
content-length: 2699
content-type: application/x-javascript; charset=utf-8
date: Wed, 07 Sep 2022 22:07:01 GMT
server: Apache
X-Firefox-Spdy: h2
bettervision2020.com/wp-content/themes/mts_schema/js/owl.carousel.min.js
200 OK 14 kB URL HTTP/2 bettervision2020.com/wp-content/themes/mts_schema/js/owl.carousel.min.js
IP
File type ASCII text, with very long lines (32068)
Hash 4bb1f7155dd1e7c15dd972e214db090e
b24931497916110036d29b379b09f72aba8f6431
aa9e6e683063d08ac17e5c157c088510bd1cb6e97899819869cc7f0d13b16464
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/mts_schema/js/owl.carousel.min.js HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Tue, 17 Sep 2019 16:33:04 GMT
accept-ranges: bytes
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Fri, 07 Oct 2022 22:07:01 GMT
content-encoding: gzip
content-length: 13561
content-type: application/x-javascript; charset=utf-8
date: Wed, 07 Sep 2022 22:07:01 GMT
server: Apache
X-Firefox-Spdy: h2
bettervision2020.com/wp-content/themes/mts_schema/images/nobg.png
200 OK 68 B URL HTTP/2 bettervision2020.com/wp-content/themes/mts_schema/images/nobg.png
IP
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 73031b554fd75a3df2b54c9fc5d2d654
447a248347bf2e003df3dd1750403068575ee019
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92
GET /wp-content/themes/mts_schema/images/nobg.png HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 17 Sep 2019 16:33:04 GMT
accept-ranges: bytes
content-length: 68
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Thu, 05 Jan 2023 22:07:01 GMT
content-type: image/png
date: Wed, 07 Sep 2022 22:07:01 GMT
server: Apache
X-Firefox-Spdy: h2
bettervision2020.com/wp-content/themes/mts_schema/style.css
200 OK 13 kB URL HTTP/2 bettervision2020.com/wp-content/themes/mts_schema/style.css
IP
File type Unicode text, UTF-8 text, with very long lines (2006)
Hash a9b4feeeb3600aedc517c74ed631517c
0f48eecaeef53b276e6fa5757a48204513cf47d7
0a37c80eeb52d96cee5f614f5d48ce14d4e3063b6f09e9d76dabdcef7c747798
GET /wp-content/themes/mts_schema/style.css HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/wp-content/cache/min/1/147db3552b227eedc58c4d99ee3a1734.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 17 Feb 2020 23:34:32 GMT
accept-ranges: bytes
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Thu, 07 Sep 2023 22:07:01 GMT
content-encoding: gzip
content-length: 13009
content-type: text/css; charset=utf-8
date: Wed, 07 Sep 2022 22:07:01 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 22:07:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 22:07:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bettervision2020.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 08:31:01 GMT
expires: Wed, 06 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 135360
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 22:07:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 22:07:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bettervision2020.com/wp-content/uploads/2020/03/Better-Vision-Optometric-Center.png
200 OK 23 kB URL HTTP/2 bettervision2020.com/wp-content/uploads/2020/03/Better-Vision-Optometric-Center.png
IP
File type PNG image data, 250 x 77, 8-bit/color RGBA, non-interlaced\012- data
Hash 4611f1d2f99b39cbed5fbbb7ac80512f
eb5a5dd5474bf17cf2bce96707764f0fbb097c23
25a084179f66720246a0605cffae1f0afacb25479637719de29dee33226f996a
GET /wp-content/uploads/2020/03/Better-Vision-Optometric-Center.png HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sun, 29 Mar 2020 11:17:24 GMT
accept-ranges: bytes
content-length: 22764
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Thu, 05 Jan 2023 22:07:02 GMT
content-type: image/png
date: Wed, 07 Sep 2022 22:07:02 GMT
server: Apache
X-Firefox-Spdy: h2
bettervision2020.com/wp-content/themes/mts_schema/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/2 bettervision2020.com/wp-content/themes/mts_schema/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/mts_schema/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bettervision2020.com/wp-content/cache/min/1/147db3552b227eedc58c4d99ee3a1734.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 17 Sep 2019 16:33:04 GMT
accept-ranges: bytes
content-length: 77160
cache-control: max-age=10368000
expires: Thu, 05 Jan 2023 22:07:02 GMT
vary: Accept-Encoding
content-type: font/woff2
date: Wed, 07 Sep 2022 22:07:02 GMT
server: Apache
X-Firefox-Spdy: h2
bettervision2020.com/wp-content/uploads/2020/03/of2.jpg
200 OK 232 kB URL HTTP/2 bettervision2020.com/wp-content/uploads/2020/03/of2.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1191x826, components 3\012- data
Size 232 kB (232429 bytes)
Hash 6e60eb94d3cf118d886350f3fe6cd0cc
c3583103526d4cb72162d9ff511f1ea9618b9c51
1e7542f12fefca062c054018974d2cb8676d3045722281c928748e2996af608e
GET /wp-content/uploads/2020/03/of2.jpg HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sun, 29 Mar 2020 11:47:41 GMT
accept-ranges: bytes
content-length: 232429
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Thu, 05 Jan 2023 22:07:02 GMT
content-type: image/jpeg
date: Wed, 07 Sep 2022 22:07:02 GMT
server: Apache
X-Firefox-Spdy: h2
bettervision2020.com/wp-content/uploads/2020/03/of1.jpg
200 OK 232 kB URL HTTP/2 bettervision2020.com/wp-content/uploads/2020/03/of1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1265x797, components 3\012- data
Size 232 kB (231735 bytes)
Hash f8d43333d273f4562f1411e1d1309f00
2d86cda20f944e9d484b4f9444857145d2790522
603c69c68dd21ab7b53c4062a173db6dec5d80ab09e8d0b4cd227aa603b609d9
GET /wp-content/uploads/2020/03/of1.jpg HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sun, 29 Mar 2020 11:47:18 GMT
accept-ranges: bytes
content-length: 231735
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Thu, 05 Jan 2023 22:07:02 GMT
content-type: image/jpeg
date: Wed, 07 Sep 2022 22:07:02 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash de50d39318f58f490483c86aecd38e4c
f92177f493cb7bab9c5ce67f6b41f9214920907d
8bca037d0d46ddd72b4c1bbfc2829f96bc9e7bfb28724af3010f1441d14b7180
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 22:07:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Wed, 07 Sep 2022 20:41:12 GMT
expires: Wed, 07 Sep 2022 22:41:12 GMT
cache-control: public, max-age=7200
age: 5150
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/plugins/ua/linkid.js
200 OK 859 B URL HTTP/2 www.google-analytics.com/plugins/ua/linkid.js
IP
File type ASCII text, with very long lines (1335)
Hash 904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237
GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 21:47:07 GMT
expires: Wed, 07 Sep 2022 22:47:07 GMT
cache-control: public, max-age=3600
age: 1195
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash de50d39318f58f490483c86aecd38e4c
f92177f493cb7bab9c5ce67f6b41f9214920907d
8bca037d0d46ddd72b4c1bbfc2829f96bc9e7bfb28724af3010f1441d14b7180
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 22:07:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bettervision2020.com/wp-content/themes/mts_schema/images/favicon.png
200 OK 4.2 kB URL HTTP/2 bettervision2020.com/wp-content/themes/mts_schema/images/favicon.png
IP
File type PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 9cd9877ac8b6f799cca5d9ee2b784ecd
46696bec58e775cf809dab4969c8f1da036c384b
8a43af0fa70295eb53f1abd57fcdbe8a84b2b9345bfc07f544775aa09be4689f
GET /wp-content/themes/mts_schema/images/favicon.png HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 17 Sep 2019 16:33:04 GMT
accept-ranges: bytes
content-length: 4166
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Thu, 05 Jan 2023 22:07:02 GMT
content-type: image/png
date: Wed, 07 Sep 2022 22:07:02 GMT
server: Apache
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j96&a=1121211203&t=pageview&_s=1&dl=https%3A%2F%2Fbettervision2020.com%2F&ul=en-us&de=UTF-8&dt=Optometrist%20in%20Fayetteville%2C%20NC%20%7C%20Better%20Vision%20Optometric%20Center&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aGBAAUAjAAAAAC~&jid=1642383214&gjid=1109400921&cid=1266836802.1662588416&tid=UA-162524496-6&_gid=760254473.1662588416&_r=1&_slc=1&z=742636016
200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&a=1121211203&t=pageview&_s=1&dl=https%3A%2F%2Fbettervision2020.com%2F&ul=en-us&de=UTF-8&dt=Optometrist%20in%20Fayetteville%2C%20NC%20%7C%20Better%20Vision%20Optometric%20Center&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aGBAAUAjAAAAAC~&jid=1642383214&gjid=1109400921&cid=1266836802.1662588416&tid=UA-162524496-6&_gid=760254473.1662588416&_r=1&_slc=1&z=742636016
IP
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j96&a=1121211203&t=pageview&_s=1&dl=https%3A%2F%2Fbettervision2020.com%2F&ul=en-us&de=UTF-8&dt=Optometrist%20in%20Fayetteville%2C%20NC%20%7C%20Better%20Vision%20Optometric%20Center&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aGBAAUAjAAAAAC~&jid=1642383214&gjid=1109400921&cid=1266836802.1662588416&tid=UA-162524496-6&_gid=760254473.1662588416&_r=1&_slc=1&z=742636016 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://bettervision2020.com
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://bettervision2020.com
date: Wed, 07 Sep 2022 22:07:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bettervision2020.com/wp-content/themes/mts_schema/images/apple-touch-icon-144-precomposed.png
200 OK 12 kB URL HTTP/2 bettervision2020.com/wp-content/themes/mts_schema/images/apple-touch-icon-144-precomposed.png
IP
File type PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash d03258c9b842257bdd7d3331ba489bb8
ab1a27211a737e7ae1ec7669e47b68dfbcf17901
6e5ff69148e2ce3877182bf1ec70d1e01abc680cb0c1dd9b28e5b1ef4239d5d2
GET /wp-content/themes/mts_schema/images/apple-touch-icon-144-precomposed.png HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 17 Sep 2019 16:33:04 GMT
accept-ranges: bytes
content-length: 12485
cache-control: public, must-revalidate, proxy-revalidate, public
expires: Thu, 05 Jan 2023 22:07:02 GMT
content-type: image/png
date: Wed, 07 Sep 2022 22:07:02 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10226
Expires: Thu, 08 Sep 2022 00:57:28 GMT
Date: Wed, 07 Sep 2022 22:07:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10226
Expires: Thu, 08 Sep 2022 00:57:28 GMT
Date: Wed, 07 Sep 2022 22:07:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10226
Expires: Thu, 08 Sep 2022 00:57:28 GMT
Date: Wed, 07 Sep 2022 22:07:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70c964498818242b742575cfa1769b67
cde85fbe83c9e29618edf4e05002bd623e3ab965
bdb0e76fe216f742789ba5a77645c640fe0c7f207707181e618fa31d4cf58605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8462
x-amzn-requestid: 1a501a0a-2671-468b-885b-2a2efb73bc2e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDq64HbCIAMFjGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317beab-395f6d1436b027ee60d00abd;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:42:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZWf6CXKcClMXAXmFXNp0sxVCMUFyZqhhh7B83tJMX_jvteLRDzG8QA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:42:06 GMT
age: 1496
etag: "cde85fbe83c9e29618edf4e05002bd623e3ab965"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg
200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 932f4d99fb1927aae3010e00472b38c3
b95ee99dafca1695d6b86763fce0ceb058f40ef3
da9dbade65f50c1f9ca10956dc863759dd1e0cdf7e28721c79831c288d3ae24e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3604
x-amzn-requestid: 11fdc239-01ad-4031-947b-5522e4f3eb0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDrVCG9KIAMFb6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bf53-62404fcd44c49b0a09de8f9b;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:44:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tyv2j7Q_SkmwmknhE2LoW5aAXDsdLTcXHfNnQY3qMjTJtpKNEzNebQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:49:34 GMT
age: 1048
etag: "b95ee99dafca1695d6b86763fce0ceb058f40ef3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 05:12:06 GMT
age: 60896
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bettervision2020.com/wp-content/uploads/2019/05/ek-carousel-pattern.png
404 Not Found 22 kB URL HTTP/2 bettervision2020.com/wp-content/uploads/2019/05/ek-carousel-pattern.png
IP
Hash ab5bd50bbe85efa45af591cb362e90c1
ed04b01f7487bf42b4d39a8d72ba34e9ea603b48
cdf9e221512b31d7a8521d5f61cd47773594d4f49dac64d068d5f3ec4236c7b0
GET /wp-content/uploads/2019/05/ek-carousel-pattern.png HTTP/1.1
Host: bettervision2020.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://bettervision2020.com/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
date: Wed, 07 Sep 2022 22:07:01 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 79f4356c488498012cc7fc03be21e3df
dd9cd9b711d7112efa85eff8a798346dbd7d5f5f
ebd84bf1db6b39b92be1020c7ea5c32eaa23dfb347ec83941d5bc56e80855ebc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12661
x-amzn-requestid: 71ef9e09-ccf1-4930-865d-665ece4bf3a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3hXnFnXIAMFqKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312e296-627daf7c7ad3e23a60b183cd;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 05:13:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xwunW741LulZXvM0har5nqrcCiyYoUwvhCWiPsEvs5P2VKSe476_Cw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:14:32 GMT
etag: "dd9cd9b711d7112efa85eff8a798346dbd7d5f5f"
content-type: image/jpeg
age: 85950
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f29d8aaae2d67c27c58001e7553dea7
5200b601017ce86614783b76fd2a775c1c48d4e9
6b55c4d692cf584e0319b07251d9845749fe8954062dab66e003dd2706451504
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4805
x-amzn-requestid: 270858f2-c94d-4047-8e3b-c49a5a603610
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjbiJHuZoAMFpSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ad940-3ba2164762e4f74227b6a23b;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 02:56:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: do30zKZmrP_j4feGGu8G39ibskE4dXxTL8YzpAR7PCFpQuJalYeJqA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:57:21 GMT
age: 581
etag: "5200b601017ce86614783b76fd2a775c1c48d4e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Ubuntu%7COpen%20Sans%3Anormal%7COpen%20Sans%3A600%7COpen%20Sans%3A700&subset=greek%2Clatin%2Cgreek-ext%2Cvietnamese%2Ccyrillic-ext%2Clatin-ext%2Ccyrillic,latin&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Ubuntu%7COpen%20Sans%3Anormal%7COpen%20Sans%3A600%7COpen%20Sans%3A700&subset=greek%2Clatin%2Cgreek-ext%2Cvietnamese%2Ccyrillic-ext%2Clatin-ext%2Ccyrillic,latin&display=swap
IP
GET /css?family=Ubuntu%7COpen%20Sans%3Anormal%7COpen%20Sans%3A600%7COpen%20Sans%3A700&subset=greek%2Clatin%2Cgreek-ext%2Cvietnamese%2Ccyrillic-ext%2Clatin-ext%2Ccyrillic,latin&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bettervision2020.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Sep 2022 22:07:01 GMT
date: Wed, 07 Sep 2022 22:07:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
67.225.140.87
23.36.77.32
93.184.220.29