oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions
192.0.78.239301 Moved Permanently 162 B URL HTTP/1.1 oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions
IP 192.0.78.239:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET /2019/01/17/nfl-conference-championship-weekend-predictions HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 08 Oct 2022 20:08:08 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions
X-ac: 3.arn _atomic_ams BYPASS
firefox.settings.services.mozilla.com/v1/
54.230.111.118200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1aac651ec250c598683dd17ca2002c07
11595ac82e017f95190c2a36dc77323a3fedcbfc
93fa640d042452ae8455d026e30e3b4594c13d4be65f3552a4b5edae027c02f9
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, Content-Length, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 08 Oct 2022 19:38:24 GMT
Expires: Sat, 08 Oct 2022 20:23:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KFK9IwZKpe0eUMerLe_gPP9Hd8KLmOXmrR0B-6Cpd9pWtYLPglTldw==
Age: 1784
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1273d41c84b2b39f78a8033130d00282
556757697b70e019ed502585fcc888e2403f3229
ee3c03cc0a659fbc43d34feaa79a8ad6627b9c525d675956cdb434c1590db89e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE3C03CC0A659FBC43D34FEAA79A8AD6627B9C525D675956CDB434C1590DB89E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2709
Expires: Sat, 08 Oct 2022 20:53:17 GMT
Date: Sat, 08 Oct 2022 20:08:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7cba6aada5c0a04c1c0644769c09f64e
ed02f174a9b718951911343af8ec181c6d205b1d
ba863e734d5d38ed160758ab0b09d1b0f44fc795dcbcee4199329b011fcd1bd1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA863E734D5D38ED160758AB0B09D1B0F44FC795DCBCEE4199329B011FCD1BD1"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2647
Expires: Sat, 08 Oct 2022 20:52:15 GMT
Date: Sat, 08 Oct 2022 20:08:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0+goCWafTCgqe29e5XsYJUg0mN76YNnIZXUivro+02rSShL0rZnVtTz0kBOpTKXLFrEQRzgrchk=
x-amz-request-id: JYP211PQFGFMH0MR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 08 Oct 2022 19:31:46 GMT
age: 2182
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.118200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sat, 08 Oct 2022 19:29:41 GMT
Cache-Control: max-age=3600
Expires: Sat, 08 Oct 2022 20:23:31 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2SmQ7TESV1YUQ0lFzL6gNRKussTAsV_Wp5NxnXQELUuuqhNKabdjlg==
Age: 2307
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5479444ef227af03029fbb9d154f0107
0563678ec07ab3707b716ca4c638ece4c8ad7de4
4850d49786a140003b90ae108104ffbfe80a6e0d9f584656a09f0fff11dc9d0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5949
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:08:09 GMT
Last-Modified: Sat, 08 Oct 2022 18:29:00 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.210.158.59101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: t6FUorqRG2BFISYAFY/Dmg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lUap4/LVjv3xXcG/0mp/NgiA/XI=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1d13c38762edee3ea0af663f3e4553be
894a45402ded63c20b5062b2aae8b3894be80996
781d3684b9efe9d34182e7a740c759749a80c085576681bd5077d342e4448ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:08:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn-images.mailchimp.com/embedcode/classic-10_7.css
54.230.217.92200 OK 1.3 kB URL HTTP/1.1 cdn-images.mailchimp.com/embedcode/classic-10_7.css
IP 54.230.217.92:0
File type ASCII text, with very long lines (398)
Hash c74ba4de1e990be8d3c913034c1ba5b4
67a33e92ecc8312ed6a60ddafe8eb61792d988bc
e210f74d985ed4922d3dd7b60092b3daaf1382446438a5fab9aa002da16bf1cd
GET /embedcode/classic-10_7.css HTTP/1.1
Host: cdn-images.mailchimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Dec 2015 16:52:30 GMT
x-amz-version-id: null
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 08 Oct 2022 05:17:15 GMT
ETag: W/"ae0fc9b84c30cada1784022044962394"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LRTl_2zD5qZonYYIc6P2cVT2S-ZKUyMeqj4bR10Z-BiGKRC6uIyxqQ==
Age: 53460
cdn.jsdelivr.net/npm/css-element-queries@1.2.2/src/ResizeSensor.min.js?ver=1.2.2
151.101.85.229200 OK 1.8 kB URL HTTP/2 cdn.jsdelivr.net/npm/css-element-queries@1.2.2/src/ResizeSensor.min.js?ver=1.2.2
IP 151.101.85.229:0
File type ASCII text, with very long lines (3803)
Hash babc5019b367a13238a520c9a6864ebd
245cd55bd95fbb5401bc124f4227cf819ab2444e
4d37e7082ffec4ac2afa5188e0adaef653a0e7faac255d9ed888d53efaf932dc
GET /npm/css-element-queries@1.2.2/src/ResizeSensor.min.js?ver=1.2.2 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.2.2
x-jsd-version-type: version
etag: W/"1034-thrJ34sByVtsbgGEAc78PSCmfTo"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 08 Oct 2022 20:08:10 GMT
age: 5852485
x-served-by: cache-fra19161-FRA, cache-bma1681-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1772
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.0.77.37200 OK 5.1 kB URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash ad0e58dbad385cecc627e0b10d1930d3
1ffd2d2dbc9bc6b113ff40f05bea18e9c5b2ea9f
07c66e581312ab656c80dd094589e129ddbc5da4430c40cb19b9eee8d0c5be3d
GET /c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Sun, 08 Oct 2023 20:08:10 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ee96d771e1664e3afe56cf32bfe45eee
3ab9109d6f7a952cf2f7071ecb5ee186f9eebf6a
df7a23267a1a0bddc477d2b3f4c870b6a6ab7b4dca5fc38164d814ccae2b2fdd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:08:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 946e07b74699d9ab605815bf1ac3d345
1d62f15a40cc5d6ec3ac7e3c6c0f68dd84d4f42a
1090903354433a2296513dbab8c878c4b4b814de8c4fdb7ec78aaae556773576
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:08:10 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "89C41FEA6B86564A75AC34B5755F0E724367F8C0"
Expires: Sun, 09 Oct 2022 07:00:00 GMT
Last-Modified: Sat, 08 Oct 2022 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 149
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 757181c89da8b518-OSL
oh42fifty.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js
192.0.78.239200 OK 5.5 kB URL HTTP/2 oh42fifty.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js
IP 192.0.78.239:0
File type ASCII text, with very long lines (2134)
Hash ebcb63eff39695a8c0c0a3e326c54b8e
9a544f4e76e70e9913a36c4b5150067042a0d193
8677d5dacd676c95f7056f5f434e6f8d7e8a0236dd775336ba846ca25ec8474e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Wed, 05 Oct 2022 15:54:45 GMT
vary: Accept-Encoding
etag: W/"633da8c5-30cd"
expires: Sat, 15 Oct 2022 20:08:10 GMT
cache-control: max-age=604800
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8a2449aeb44e755b2e6897d30993dda0
16cd83b0e0975ebf09e7035c26bbda168af42ac8
fd80527f810be13b70107c447b6f6f226c6145fbcc3b5446f9c834bca2f1597b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:08:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
oh42fifty.org/wp-content/plugins/advanced-post-slider/bxslider/jquery.bxslider.min.js?ver=6.0.2
192.0.78.239200 OK 5.7 kB URL HTTP/2 oh42fifty.org/wp-content/plugins/advanced-post-slider/bxslider/jquery.bxslider.min.js?ver=6.0.2
IP 192.0.78.239:0
File type ASCII text, with very long lines (19040)
Hash 9f90f8a880a132ece043cda803b6fd9d
e9754cd0f481ce2692f3e350a2568722201ca345
d3abd13c7e18be0b6401605d4341a004c0881bcb904fb15a89547a9ee6f8913a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/advanced-post-slider/bxslider/jquery.bxslider.min.js?ver=6.0.2 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Sat, 23 Jul 2022 03:23:13 GMT
vary: Accept-Encoding
etag: W/"62db69a1-4b9f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/css/dist/block-library/style.min.css
192.0.77.37200 OK 16 kB URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/css/dist/block-library/style.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (43771)
Hash 9d6b3178bdd9c4ca0846c4cfb240adcb
61845a074007adba45fd652f76ba358ac00fe380
c7a7eb44899248955ca94c21682e91158d3f4e3a47e00352b19a6fcd329fd2ad
GET /c/6.0.2/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
content-encoding: br
expires: Sun, 08 Oct 2023 20:08:10 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/themes/Newsmag/style.css?ver=5.2.1
192.0.78.239200 OK 26 kB URL HTTP/2 oh42fifty.org/wp-content/themes/Newsmag/style.css?ver=5.2.1
IP 192.0.78.239:0
File type ASCII text, with very long lines (1412)
Hash d45280d77cbb24ee6b19c3a81dbeab78
927b342a45d3096be33877cd5332d2512569dc57
19ca616082b0232a9937061f79ba428187dd1119d09fb392eede66ca446841d1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Newsmag/style.css?ver=5.2.1 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Fri, 09 Sep 2022 17:12:36 GMT
vary: Accept-Encoding
etag: W/"631b7404-25662"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
stats.wp.com/e-202240.js
192.0.76.3200 OK 30 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (2690)
Hash d4a619d10bed83596418bdc2e579eea9
6904b17aa13e20c31a1fb14baad3a939b7038851
869439f5b99477ddae6d0ab0809b363c7ec9f82488cd6d607c29e990d33a5ddc
GET /e-202240.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 25 Sep 2023 06:12:14 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
216.58.207.195200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oh42fifty.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 18:59:14 GMT
expires: Tue, 03 Oct 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 436136
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/uploads/2019/10/42Fifty_Oct_Bannerfix-1024x291.png
192.0.78.239200 OK 47 kB URL HTTP/2 oh42fifty.org/wp-content/uploads/2019/10/42Fifty_Oct_Bannerfix-1024x291.png
IP 192.0.78.239:0
File type PNG image data, 1024 x 291, 8-bit/color RGBA, non-interlaced\012- data
Hash 141cff316d4bda54be994c387fdade66
df8d6ab51b674a2f32addb3dfd0f44eb722ce908
cd3fc89ba9c64f2cba8e1b0208071ac9e058e9207b8aeb740a9ceefa3f0a6392
GET /wp-content/uploads/2019/10/42Fifty_Oct_Bannerfix-1024x291.png HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: image/png
content-length: 46879
strict-transport-security: max-age=31536000
last-modified: Thu, 10 Oct 2019 16:26:32 GMT
etag: "5d9f5bb8-b71f"
accept-ranges: bytes
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8a2449aeb44e755b2e6897d30993dda0
16cd83b0e0975ebf09e7035c26bbda168af42ac8
fd80527f810be13b70107c447b6f6f226c6145fbcc3b5446f9c834bca2f1597b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:08:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
oh42fifty.org/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5-a.1
192.0.78.239200 OK 17 kB URL HTTP/2 oh42fifty.org/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5-a.1
IP 192.0.78.239:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 27eea270535b13266a40018359b93562
5e7853e1fef0ffaa817919840d31c8d21ce6ecb9
35dd36d582a59dddd01a552d6c4b4134c7b3e6bcfd8be0915a891bb48142edd5
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.5-a.1 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Sep 2022 17:43:06 GMT
vary: Accept-Encoding
etag: W/"632c9eaa-14ef8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.2.0
192.0.78.239200 OK 3.3 kB URL HTTP/2 oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.2.0
IP 192.0.78.239:0
File type ASCII text, with very long lines (13825), with no line terminators
Hash c8eed22c6e3a7bf67ee8b1dbbe609963
3d3e68769e77addef4da8eb3326eb762d81cf036
74917b2c4c533d47997e46d1f053583625a684cb2c8f0052dad1dd80ff26d91f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.2.0 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sat, 01 Oct 2022 15:22:14 GMT
vary: Accept-Encoding
etag: W/"63385b26-3601"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/post-content-shortcodes/styles/default-styles.css?ver=1.0
192.0.78.239200 OK 985 B URL HTTP/2 oh42fifty.org/wp-content/plugins/post-content-shortcodes/styles/default-styles.css?ver=1.0
IP 192.0.78.239:0
Hash 50d28b5f4c99afa1758ca18f0b27d8e8
25e0f591b6fac49cbd4ae2025262fc968ad326e3
5e786867f2bb57f2401b17d8725ba79f9f7d6edc23c269254f6e01fe892515c0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/post-content-shortcodes/styles/default-styles.css?ver=1.0 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2019 15:47:27 GMT
vary: Accept-Encoding
etag: W/"5c910f0f-53d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/wp-trending-post-slider-and-widget/assets/css/slick.css?ver=1.5.5
192.0.78.239200 OK 1.0 kB URL HTTP/2 oh42fifty.org/wp-content/plugins/wp-trending-post-slider-and-widget/assets/css/slick.css?ver=1.5.5
IP 192.0.78.239:0
File type ASCII text, with very long lines (339)
Hash 6e5af6eb5b671174966aea638aa62260
eea6b9e7680314048534ae3d8425170ed6f71bc6
8841d7b39174e7bda59b23e7366cb3657c32e8d6a30c2bccde3e7bdd2ae2b6d2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-trending-post-slider-and-widget/assets/css/slick.css?ver=1.5.5 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Thu, 29 Sep 2022 20:10:34 GMT
vary: Accept-Encoding
etag: W/"6335fbba-627"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e30ca5022768294665070cafc9d489c
c6ebf53c21206cfcf8e70279d3ae43f0170ade3a
6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: Y_VpleudG3M2sQd7mFGVhPvfULiNQl3YY8xuhiTnTE5VIC64O8vqMA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:44:19 GMT
age: 80631
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.2.0
192.0.78.239200 OK 26 kB URL HTTP/2 oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.2.0
IP 192.0.78.239:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ac68298fc657dbdb9935270b98256e13
59a085ada9504827150d36f0e08ed38f837b29ae
1046c8145862b400630fcd85491600f88c47255939b94c83cfa92e5608f224a0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.2.0 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sat, 01 Oct 2022 15:22:14 GMT
vary: Accept-Encoding
etag: W/"63385b26-18549"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/wp-trending-post-slider-and-widget/assets/css/wtpsw-public.css?ver=1.5.5
192.0.78.239200 OK 7.3 kB URL HTTP/2 oh42fifty.org/wp-content/plugins/wp-trending-post-slider-and-widget/assets/css/wtpsw-public.css?ver=1.5.5
IP 192.0.78.239:0
File type ASCII text, with CRLF line terminators
Hash ef9f8575e83591081b7710e8d8d629f5
ea489dd3d970a9616cef1eb3429ac360fda972b9
28fb23ad1480a9ed7d2a37672b1af7fb904625c027db300774993a9e516abb8b
GET /wp-content/plugins/wp-trending-post-slider-and-widget/assets/css/wtpsw-public.css?ver=1.5.5 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Thu, 29 Sep 2022 20:10:34 GMT
vary: Accept-Encoding
etag: W/"6335fbba-2861"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57a0ead-deef-46c2-985b-fb7ba539285b.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57a0ead-deef-46c2-985b-fb7ba539285b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9bc50d1380ae8fc980ae1cc38f2371c7
be79aecfd7eefa89c409ed743402a292ff0ce6c0
43e015802ba453d4cd79984b53efa8a529ece62760f6693f9daeb2388179201f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57a0ead-deef-46c2-985b-fb7ba539285b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6366
x-amzn-requestid: ddcd915d-2606-4243-969e-19fb02b5b6d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1EJGoSIAMFcSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409bb3-1c7bd17a2dcdd25e4da6d346;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:35:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Cm4uaStVKEsemoOHrc04J9qNysQJoMB7-R8LEzmlRXt47mpXi2NRPA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:50:12 GMT
age: 80278
etag: "be79aecfd7eefa89c409ed743402a292ff0ce6c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/text-media-widget-styles/css/widget-text.css?ver=20170607
192.0.78.239200 OK 5.5 kB URL HTTP/2 oh42fifty.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/text-media-widget-styles/css/widget-text.css?ver=20170607
IP 192.0.78.239:0
Hash f7524cf38e6237fc780190e9329b20c8
d1d8579d2944d6cca58eda22cef1b100fd1e46df
91433f0cd26ea6141b17ef394cdfb62d14d66edac9f7baebc0dabe40b41053a0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/mu-plugins/wpcomsh/vendor/automattic/text-media-widget-styles/css/widget-text.css?ver=20170607 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Wed, 05 Oct 2022 15:54:45 GMT
vary: Accept-Encoding
etag: W/"633da8c5-33c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcff4d93b-bc27-41dd-ad6a-5d295cfb6472.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcff4d93b-bc27-41dd-ad6a-5d295cfb6472.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7dcf23b32642f7a82a0a7d734a631bca
9dc8bd1a00dcb896fade6d3112ef53439ecb8fe7
add9aab4427819610f8d693758a752910cf314346e974b7636a82381ab9daa4d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcff4d93b-bc27-41dd-ad6a-5d295cfb6472.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4252
x-amzn-requestid: 8d6a225c-6389-4f20-9b90-494841f47c99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1R4GjCIAMFX-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409c0b-4076dc933185d9fd6b68e802;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:37:15 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Wb1JAlWtR9sSEi_KuYZivvMivSxZjo92LGpWgFppol5zgapK6eQ-dg==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:37:16 GMT
etag: "9dc8bd1a00dcb896fade6d3112ef53439ecb8fe7"
content-type: image/jpeg
age: 81054
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/themes/Newsmag/images/icons/newsmag.woff?16
192.0.78.239200 OK 24 kB URL HTTP/2 oh42fifty.org/wp-content/themes/Newsmag/images/icons/newsmag.woff?16
IP 192.0.78.239:0
File type Web Open Font Format, TrueType, length 23816, version 0.0\012- data
Hash 2c645a0b66cc091ea551375f2ba3b058
6b5f29da9636bccc7122ad5704b215fbdef79c03
e3619033670d012da540e2154524e4d1a05420a5064767239f5cd8911f75c9aa
GET /wp-content/themes/Newsmag/images/icons/newsmag.woff?16 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://oh42fifty.org/wp-content/themes/Newsmag/style.css?ver=5.2.1
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128; redirect=1665346090
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: application/font-woff
content-length: 23816
strict-transport-security: max-age=31536000
last-modified: Fri, 09 Sep 2022 17:12:36 GMT
etag: "631b7404-5d08"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A11.5-a.1&blog=126022543&post=4047&tz=-5&srv=oh42fifty.org&hp=atomic&ac=2&=0&host=oh42fifty.org&ref=&fcp=2715&rand=0.07792962813441262
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A11.5-a.1&blog=126022543&post=4047&tz=-5&srv=oh42fifty.org&hp=atomic&ac=2&=0&host=oh42fifty.org&ref=&fcp=2715&rand=0.07792962813441262
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A11.5-a.1&blog=126022543&post=4047&tz=-5&srv=oh42fifty.org&hp=atomic&ac=2&=0&host=oh42fifty.org&ref=&fcp=2715&rand=0.07792962813441262 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.0.2
192.0.78.239200 OK 51 kB URL HTTP/2 oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.0.2
IP 192.0.78.239:0
File type ASCII text, with very long lines (14965), with no line terminators
Hash 7c2a6045c7b69187e9e90a1a1576615e
bbbd3f236bb427571ce3268b5ebcb7620adab349
dd1908902f58000f512850ec37d46904e5fe9f4c086577dd9cdce35a79398f58
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.0.2 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sat, 01 Oct 2022 15:22:14 GMT
vary: Accept-Encoding
etag: W/"63385b26-3a75"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
i0.wp.com/oh42fifty.org/wp-content/uploads/2020/03/cropped-42fifty_logo-e1540586978540.png?fit=192%2C192&ssl=1
192.0.77.2200 OK 3.3 kB URL HTTP/2 i0.wp.com/oh42fifty.org/wp-content/uploads/2020/03/cropped-42fifty_logo-e1540586978540.png?fit=192%2C192&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 38a6380545f2f916a80343b6cfeb8162
3e2bb81c3f72c1615c43f7f1d53400d6aa0cae15
94312b98eddf1e1966162a5b3ca7299f319a6050f9e1ca3ca207ec2b536a2642
GET /oh42fifty.org/wp-content/uploads/2020/03/cropped-42fifty_logo-e1540586978540.png?fit=192%2C192&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:11 GMT
content-type: image/webp
content-length: 3314
last-modified: Thu, 06 Oct 2022 21:46:22 GMT
expires: Sun, 06 Oct 2024 09:46:22 GMT
cache-control: public, max-age=63115200
link: <https://oh42fifty.org/wp-content/uploads/2020/03/cropped-42fifty_logo-e1540586978540.png>; rel="canonical"
x-content-type-options: nosniff
etag: "c57017e86687c367"
vary: Accept
x-nc: HIT arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/oh42fifty.org/wp-content/uploads/2020/03/cropped-42fifty_logo-e1540586978540.png?fit=32%2C32&ssl=1
192.0.77.2200 OK 626 B URL HTTP/2 i0.wp.com/oh42fifty.org/wp-content/uploads/2020/03/cropped-42fifty_logo-e1540586978540.png?fit=32%2C32&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 723a39bd71682e3d7b4b461aae5f75f2
91fc161bfd910a0a0f6ea2a2bb76f841557dac2b
c93284494fdcf4e463e627534b1224d811c52232b25a1040d42a8efbe589c0dd
GET /oh42fifty.org/wp-content/uploads/2020/03/cropped-42fifty_logo-e1540586978540.png?fit=32%2C32&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:11 GMT
content-type: image/webp
content-length: 626
last-modified: Thu, 06 Oct 2022 21:46:22 GMT
expires: Sun, 06 Oct 2024 09:46:22 GMT
cache-control: public, max-age=63115200
link: <https://oh42fifty.org/wp-content/uploads/2020/03/cropped-42fifty_logo-e1540586978540.png>; rel="canonical"
x-content-type-options: nosniff
etag: "1976fd34bc989c1b"
vary: Accept
x-nc: HIT arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=wp_user_avatar&forcedefault=y&r=G
192.0.73.2302 Found 0 B URL HTTP/2 1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=wp_user_avatar&forcedefault=y&r=G
IP 192.0.73.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=wp_user_avatar&forcedefault=y&r=G HTTP/1.1
Host: 1.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 08 Oct 2022 20:08:11 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: http://i0.wp.com/wp_user_avatar
last-modified: Sat, 01 Mar 2008 02:44:06 GMT
link: <https://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=wp_user_avatar&forcedefault=y&r=G>; rel="canonical"
expires: Sat, 08 Oct 2022 20:13:11 GMT
cache-control: max-age=300
x-nc: HIT arn 3
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0aca7edf23f6d8fb3c0b5a89400d3118
67e4a61460cb43d6882f3378d0455835d323c63f
acf66c6d19fa651d5a9a59b67b3e4c116485a2f60a5dd4d753afa411811019e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:08:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
0.gravatar.com/dist/css/hovercard.min.css?ver=202240z
192.0.73.2200 OK 1.8 kB URL HTTP/2 0.gravatar.com/dist/css/hovercard.min.css?ver=202240z
IP 192.0.73.2:0
File type ASCII text, with very long lines (7814), with no line terminators
Hash 8361744368b8cd0a2c629d42437b0f6c
662e61e5253acf429e1344c5f047f74e5c02071e
0889bce9f985d43c131446932da1058d04712d5af2c8d3ad0ea691efad02ef86
GET /dist/css/hovercard.min.css?ver=202240z HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:11 GMT
content-type: text/css
last-modified: Wed, 11 Nov 2020 15:57:10 GMT
etag: W/"5fac09d6-1e86"
content-encoding: br
expires: Sat, 15 Oct 2022 20:08:11 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.34200 OK 54 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (2910)
Hash 3afa612c1c1a50c5f872f36e225e5a6a
4c8492581dc293875c39ef8564fd0c8885b8d53f
82d9a545ee1d98b202360065a52a23fdfba3f3e3ea78cd8f3c6d36a5a6fb11ac
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Sat, 08 Oct 2022 20:08:11 GMT
expires: Sat, 08 Oct 2022 20:08:11 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 14906752503862405743
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 54533
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0aca7edf23f6d8fb3c0b5a89400d3118
67e4a61460cb43d6882f3378d0455835d323c63f
acf66c6d19fa651d5a9a59b67b3e4c116485a2f60a5dd4d753afa411811019e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:08:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
142.250.74.98200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20221003/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Sat, 08 Oct 2022 05:39:19 GMT
expires: Sat, 22 Oct 2022 05:39:19 GMT
cache-control: public, max-age=1209600
age: 52132
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/oh42fifty.org/wp-content/uploads/2019/01/fdsafdsa.png?resize=640%2C360&ssl=1
192.0.77.2200 OK 90 kB URL HTTP/2 i0.wp.com/oh42fifty.org/wp-content/uploads/2019/01/fdsafdsa.png?resize=640%2C360&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b3e5767b1f55541b48296e2d2ed2408f
2c34a85583957febaea7989af5199aecafae96f4
ae093ec971e3fe51f801ba53eb9a864c910114e24a9cb9704654c25f62b4d9ce
GET /oh42fifty.org/wp-content/uploads/2019/01/fdsafdsa.png?resize=640%2C360&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:12 GMT
content-type: image/webp
content-length: 89962
last-modified: Sat, 08 Oct 2022 20:08:12 GMT
expires: Tue, 08 Oct 2024 08:08:12 GMT
cache-control: public, max-age=63115200
link: <https://oh42fifty.org/wp-content/uploads/2019/01/fdsafdsa.png>; rel="canonical"
x-content-type-options: nosniff
etag: "75cdaefd3d1118bf"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/oh42fifty.org/wp-content/uploads/2022/09/66A77A1F-8C19-4A38-8CC1-A720F6EFA52A-1.png?resize=100%2C75&ssl=1
192.0.77.2200 OK 14 kB URL HTTP/2 i0.wp.com/oh42fifty.org/wp-content/uploads/2022/09/66A77A1F-8C19-4A38-8CC1-A720F6EFA52A-1.png?resize=100%2C75&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fae04eb3d354192f06fef6b5aa79bf60
fba5bb4766a7b52f336273a9a84caae0394accc6
c4f9f6a19da5f1d179b70e4582b753ffa29fe333690332dcf7f7ecc3bf9f767f
GET /oh42fifty.org/wp-content/uploads/2022/09/66A77A1F-8C19-4A38-8CC1-A720F6EFA52A-1.png?resize=100%2C75&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:12 GMT
content-type: image/webp
content-length: 13868
last-modified: Thu, 06 Oct 2022 21:46:23 GMT
expires: Sun, 06 Oct 2024 09:46:23 GMT
cache-control: public, max-age=63115200
link: <https://oh42fifty.org/wp-content/uploads/2022/09/66A77A1F-8C19-4A38-8CC1-A720F6EFA52A-1.png>; rel="canonical"
x-content-type-options: nosniff
etag: "ce5444941dcbfd18"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/oh42fifty.org/wp-content/uploads/2022/09/IMG-1418.jpg?resize=100%2C75&ssl=1
192.0.77.2200 OK 1.8 kB URL HTTP/2 i0.wp.com/oh42fifty.org/wp-content/uploads/2022/09/IMG-1418.jpg?resize=100%2C75&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x75, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 73b347b3c6b63d34945fc31108471658
b120d6c5f4aa4b69fff8e46fedfb35803fb4f942
29a76d0104cf54794a69b756e493cc596f87189a409e07569c9e190438c25fc0
GET /oh42fifty.org/wp-content/uploads/2022/09/IMG-1418.jpg?resize=100%2C75&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:12 GMT
content-type: image/webp
content-length: 1800
last-modified: Thu, 06 Oct 2022 21:46:24 GMT
expires: Sun, 06 Oct 2024 09:46:24 GMT
cache-control: public, max-age=63115200
link: <https://oh42fifty.org/wp-content/uploads/2022/09/IMG-1418.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "095cc50630b16af7"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/oh42fifty.org/wp-content/uploads/2022/09/dress-code-image-1.png?resize=100%2C75&ssl=1
192.0.77.2200 OK 12 kB URL HTTP/2 i0.wp.com/oh42fifty.org/wp-content/uploads/2022/09/dress-code-image-1.png?resize=100%2C75&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7bb6e48cc1a6172cf12fd43ba8aba200
8197f07a12c1bad4d63e0d8d68134799e2be3b49
c3af9eb559ee797a0e4acce251ac25379b357777c3cc76cf18b90ad1b931b7af
GET /oh42fifty.org/wp-content/uploads/2022/09/dress-code-image-1.png?resize=100%2C75&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:12 GMT
content-type: image/webp
content-length: 11766
last-modified: Thu, 06 Oct 2022 21:46:30 GMT
expires: Sun, 06 Oct 2024 09:46:30 GMT
cache-control: public, max-age=63115200
link: <https://oh42fifty.org/wp-content/uploads/2022/09/dress-code-image-1.png>; rel="canonical"
x-content-type-options: nosniff
etag: "20f18ed49a13be2b"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/oh42fifty.org/wp-content/uploads/2022/09/5C7CACF0-AB38-4BAB-BBFF-58B4B1E6B33B-e1664467911652.png?resize=100%2C75&ssl=1
192.0.77.2200 OK 5.2 kB URL HTTP/2 i0.wp.com/oh42fifty.org/wp-content/uploads/2022/09/5C7CACF0-AB38-4BAB-BBFF-58B4B1E6B33B-e1664467911652.png?resize=100%2C75&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ef3c35bbccab189b05b77df02f825840
506ad332edc8485700f6e6cf468008df6bdeeb0a
a9fab587f63151e4369596f8cebc15aa22a7b3aa23217ff6a751612cf513e20d
GET /oh42fifty.org/wp-content/uploads/2022/09/5C7CACF0-AB38-4BAB-BBFF-58B4B1E6B33B-e1664467911652.png?resize=100%2C75&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:12 GMT
content-type: image/webp
content-length: 5236
last-modified: Thu, 06 Oct 2022 21:46:23 GMT
expires: Sun, 06 Oct 2024 09:46:23 GMT
cache-control: public, max-age=63115200
link: <https://oh42fifty.org/wp-content/uploads/2022/09/5C7CACF0-AB38-4BAB-BBFF-58B4B1E6B33B-e1664467911652.png>; rel="canonical"
x-content-type-options: nosniff
etag: "170d334b26147572"
vary: Accept
x-nc: HIT arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/oh42fifty.org/wp-content/uploads/2022/10/IMG_7814.jpg?resize=100%2C75&ssl=1
192.0.77.2200 OK 11 kB URL HTTP/2 i0.wp.com/oh42fifty.org/wp-content/uploads/2022/10/IMG_7814.jpg?resize=100%2C75&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d0480eaf4e654397f2f0c2eed7343ab0
c84a17e9ed20c66a75212ca2d85968311401dca2
d35675262cdb6f7b2744f44f72fe904407b9c32264049e41d45eabc95d14fe1d
GET /oh42fifty.org/wp-content/uploads/2022/10/IMG_7814.jpg?resize=100%2C75&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:12 GMT
content-type: image/webp
content-length: 11236
last-modified: Sat, 08 Oct 2022 20:08:12 GMT
expires: Tue, 08 Oct 2024 08:08:12 GMT
cache-control: public, max-age=63115200
link: <https://oh42fifty.org/wp-content/uploads/2022/10/IMG_7814.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "5929db916b92d1e7"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 07e328c57909afc5a9e79d7d6907e7cf
38f1cc086938281fb5fbbd1877edf17263ae1fda
76c5865adaa292511aeeea981863ca4acbb44f82980998b6aafe64c1f6feedcb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:08:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 74b63831a0a449c3e37b584db0009072
929f9f036c4a6a078c51c3b3dc2a7f902c9ee9ac
686845b4cf9a67078f03cb221ce13175a72074f6aa3804ba4fa06623ab856bae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:08:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=oh42fifty.org
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=oh42fifty.org
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=oh42fifty.org HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 08 Oct 2022 20:08:12 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=oh42fifty.org
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=oh42fifty.org
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=oh42fifty.org HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 08 Oct 2022 20:08:12 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da5f54e2d234b159e435039798b4f58c
115cbe08795735df780e8d1a5fb31141187c074e
20fefe2ac7fcd44ae4d6714ff2148b54810a8e7b7f66103e4bbe9c0156b7b2fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:08:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ed614138648c241dfe36593a86955126
d481d3eef07867f1625b6668608f1c95490d9df5
cdf207d58794e9f1b514b9d514ef4abae5cfb5d1d70de63420f0529e048ebadd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:08:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 74b63831a0a449c3e37b584db0009072
929f9f036c4a6a078c51c3b3dc2a7f902c9ee9ac
686845b4cf9a67078f03cb221ce13175a72074f6aa3804ba4fa06623ab856bae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:08:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=oh42fifty.org&callback=_gfp_s_&client=ca-pub-9153099261159525
172.217.21.162200 OK 203 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=oh42fifty.org&callback=_gfp_s_&client=ca-pub-9153099261159525
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 590ade2e3c262d17f2f0945e8ec5623b
51af2f4a3d3273e36eb1024e5a0b7bb755e79684
901206e52ee4301c6d1c1f3567864c22423f350c7555fe662e5bca5270a50175
GET /gampad/cookie.js?domain=oh42fifty.org&callback=_gfp_s_&client=ca-pub-9153099261159525 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 08 Oct 2022 20:08:12 GMT
server: cafe
cache-control: private
content-length: 203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/td-composer/legacy/Newsmag/includes/demos/magazine/demo_style.css?ver=5.2.1
192.0.78.239200 OK 1.4 kB URL HTTP/2 oh42fifty.org/wp-content/plugins/td-composer/legacy/Newsmag/includes/demos/magazine/demo_style.css?ver=5.2.1
IP 192.0.78.239:0
Hash a9fe5ab290b3ad32fd574444f06e319d
cab09a68be2c3840cd748104bf2ef1b03d328a52
4700c180e7a5462b117465b46fa7ba7f368c003b3c35d77aaaaa6a729f864568
GET /wp-content/plugins/td-composer/legacy/Newsmag/includes/demos/magazine/demo_style.css?ver=5.2.1 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Fri, 09 Sep 2022 17:12:56 GMT
vary: Accept-Encoding
etag: W/"631b7418-104a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
s0.wp.com/_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j
192.0.77.32200 OK 11 kB URL HTTP/2 s0.wp.com/_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j
IP 192.0.77.32:0
File type Unicode text, UTF-8 text, with very long lines (3416)
Hash 8a19c4c20ba853def6ed9274bab7ca45
61e4b5329dba355e3d357bbfaddf90a51b6b5101
41b09c090035d8ed9e63350d67fcdb97024a7b7e8bab5474867eca170eaa226c
GET /_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:11 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 07:43:45 GMT
etag: W/"63218631-a4f5"
content-encoding: br
expires: Thu, 14 Sep 2023 07:43:50 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 08 Oct 2022 20:08:12 GMT
expires: Sat, 08 Oct 2022 20:08:12 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 20:36:17 GMT
expires: Thu, 05 Oct 2023 20:36:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 257515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 89a17c02cdf926b852220408f32d6ad4
c22fb94c77a74cfc00d6b2cc88643afa0563abbe
2a4d9286d35271838cb99d265e2c8dbb851fa80ac2ca293571125188e684a7e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:08:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 511 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash d656fda3666e44e4194593c41ca201e4
c5be31c8df029cd3ead2fedbf369eb6e17ee8708
2178023e0b5b0583d62d17117ed98a5f97a20d232d2db6aea8ce1415d4ef8883
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 08 Oct 2022 20:08:12 GMT
date: Sat, 08 Oct 2022 20:08:12 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-flmamu_YmWuf_Z1w_b1RlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pixel.wp.com/boom.gif?bilmur=1&batcache_hit=0&provider=wordpress.com&service=atomic&host_name=oh42fifty.org&url_path=%2F2019%2F01%2F17%2Fnfl-conference-championship-weekend-predictions%2F&nt_fetchStart=1220&nt_domainLookupStart=1220&nt_domainLookupEnd=1220&nt_connectStart=1220&nt_connectEnd=1220&nt_secureConnectionStart=1220&nt_requestStart=1223&nt_responseStart=2060&nt_responseEnd=2076&nt_domLoading=2066&nt_domInteractive=2851&nt_domContentLoadedEventStart=2864&nt_domContentLoadedEventEnd=2959&nt_domComplete=4126&nt_loadEventStart=4126&nt_loadEventEnd=4149&nt_redirectCount=0&nt_api_level=2&first_contentful_paint=2715&resource_size=2222510&resource_transferred=545527&js_size=615402&js_transferred=177931&resource_cache_percent=10&js_cache_percent=0&last_resource_end=5305
192.0.76.3204 No Content 0 B URL HTTP/2 pixel.wp.com/boom.gif?bilmur=1&batcache_hit=0&provider=wordpress.com&service=atomic&host_name=oh42fifty.org&url_path=%2F2019%2F01%2F17%2Fnfl-conference-championship-weekend-predictions%2F&nt_fetchStart=1220&nt_domainLookupStart=1220&nt_domainLookupEnd=1220&nt_connectStart=1220&nt_connectEnd=1220&nt_secureConnectionStart=1220&nt_requestStart=1223&nt_responseStart=2060&nt_responseEnd=2076&nt_domLoading=2066&nt_domInteractive=2851&nt_domContentLoadedEventStart=2864&nt_domContentLoadedEventEnd=2959&nt_domComplete=4126&nt_loadEventStart=4126&nt_loadEventEnd=4149&nt_redirectCount=0&nt_api_level=2&first_contentful_paint=2715&resource_size=2222510&resource_transferred=545527&js_size=615402&js_transferred=177931&resource_cache_percent=10&js_cache_percent=0&last_resource_end=5305
IP 192.0.76.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /boom.gif?bilmur=1&batcache_hit=0&provider=wordpress.com&service=atomic&host_name=oh42fifty.org&url_path=%2F2019%2F01%2F17%2Fnfl-conference-championship-weekend-predictions%2F&nt_fetchStart=1220&nt_domainLookupStart=1220&nt_domainLookupEnd=1220&nt_connectStart=1220&nt_connectEnd=1220&nt_secureConnectionStart=1220&nt_requestStart=1223&nt_responseStart=2060&nt_responseEnd=2076&nt_domLoading=2066&nt_domInteractive=2851&nt_domContentLoadedEventStart=2864&nt_domContentLoadedEventEnd=2959&nt_domComplete=4126&nt_loadEventStart=4126&nt_loadEventEnd=4149&nt_redirectCount=0&nt_api_level=2&first_contentful_paint=2715&resource_size=2222510&resource_transferred=545527&js_size=615402&js_transferred=177931&resource_cache_percent=10&js_cache_percent=0&last_resource_end=5305 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 08 Oct 2022 20:08:15 GMT
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
s0.wp.com/wp-content/js/bilmur.min.js?m=202240
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/wp-content/js/bilmur.min.js?m=202240
IP 192.0.77.32:0
GET /wp-content/js/bilmur.min.js?m=202240 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b68a-16da"
content-encoding: br
expires: Tue, 03 Oct 2023 00:00:01 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/advanced-post-slider/advps-style.css?ver=6.0.2
192.0.78.239200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/advanced-post-slider/advps-style.css?ver=6.0.2
IP 192.0.78.239:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/advanced-post-slider/advps-style.css?ver=6.0.2 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sat, 23 Jul 2022 03:23:13 GMT
vary: Accept-Encoding
etag: W/"62db69a1-19a9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.2.0
192.0.78.239200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.2.0
IP 192.0.78.239:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.2.0 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Sat, 01 Oct 2022 15:22:14 GMT
vary: Accept-Encoding
etag: W/"63385b26-c5ad"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664378836
192.0.78.239200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664378836
IP 192.0.78.239:0
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664378836 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Wed, 28 Sep 2022 15:27:16 GMT
vary: Accept-Encoding
etag: W/"633467d4-29ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
secure.gravatar.com/dist/css/services.min.css?ver=202240
192.0.73.2200 OK 0 B URL HTTP/2 secure.gravatar.com/dist/css/services.min.css?ver=202240
IP 192.0.73.2:0
GET /dist/css/services.min.css?ver=202240 HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/css
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
etag: W/"5ab37b5c-a54"
content-encoding: br
expires: Sat, 15 Oct 2022 20:08:10 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes
IP 192.0.77.32:0
GET /wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:11 GMT
content-type: text/css
vary: Accept-Encoding
etag: W/"63242ce6-45a9"
content-encoding: br
expires: Sat, 16 Sep 2023 07:59:40 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
s0.wp.com/_static/??-eJx9i0EOwjAMwD5ElqGiTRwQT0FdG6BrG0aSiu9v2oET4mZZNn4WCC82YsPaYCntkVixpEyK70aNnp5jIelmPeDv2MeaGCYvWL0ayUZg4kPWf1NOWsnAdT3eEoevuMsex+291stxGE5uHM+9m1elpz5a
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/_static/??-eJx9i0EOwjAMwD5ElqGiTRwQT0FdG6BrG0aSiu9v2oET4mZZNn4WCC82YsPaYCntkVixpEyK70aNnp5jIelmPeDv2MeaGCYvWL0ayUZg4kPWf1NOWsnAdT3eEoevuMsex+291stxGE5uHM+9m1elpz5a
IP 192.0.77.32:0
GET /_static/??-eJx9i0EOwjAMwD5ElqGiTRwQT0FdG6BrG0aSiu9v2oET4mZZNn4WCC82YsPaYCntkVixpEyK70aNnp5jIelmPeDv2MeaGCYvWL0ayUZg4kPWf1NOWsnAdT3eEoevuMsex+291stxGE5uHM+9m1elpz5a HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:11 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 28 Sep 2022 15:11:57 GMT
etag: W/"6334643d-785e"
content-encoding: br
expires: Thu, 28 Sep 2023 15:12:00 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/td-composer/legacy/Newsmag/assets/css/td_legacy_main.css?ver=9051206d0908def74825384f6e829588
192.0.78.239200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/td-composer/legacy/Newsmag/assets/css/td_legacy_main.css?ver=9051206d0908def74825384f6e829588
IP 192.0.78.239:0
GET /wp-content/plugins/td-composer/legacy/Newsmag/assets/css/td_legacy_main.css?ver=9051206d0908def74825384f6e829588 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Fri, 09 Sep 2022 17:12:56 GMT
vary: Accept-Encoding
etag: W/"631b7418-92837"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
GET /c/6.0.2/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
content-encoding: br
expires: Sun, 08 Oct 2023 20:08:10 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.2.0
192.0.78.239200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.2.0
IP 192.0.78.239:0
GET /wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.2.0 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Sat, 01 Oct 2022 15:22:14 GMT
vary: Accept-Encoding
etag: W/"63385b26-114c3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/ml-slider/assets/sliders/flexslider/flexslider.css?ver=3.27.13
192.0.78.239200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/ml-slider/assets/sliders/flexslider/flexslider.css?ver=3.27.13
IP 192.0.78.239:0
GET /wp-content/plugins/ml-slider/assets/sliders/flexslider/flexslider.css?ver=3.27.13 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Tue, 27 Sep 2022 03:22:03 GMT
vary: Accept-Encoding
etag: W/"63326c5b-ea3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/molongui-authorship/assets/css/author-box.cf86.min.css?ver=4.6.12
192.0.78.239200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/molongui-authorship/assets/css/author-box.cf86.min.css?ver=4.6.12
IP 192.0.78.239:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/molongui-authorship/assets/css/author-box.cf86.min.css?ver=4.6.12 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Fri, 09 Sep 2022 17:26:08 GMT
vary: Accept-Encoding
etag: W/"631b7730-dffd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
192.0.78.239200 OK 0 B URL HTTP/2 oh42fifty.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 192.0.78.239:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
vary: Accept-Encoding
etag: W/"62551487-48b9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.27.13
192.0.78.239200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.27.13
IP 192.0.78.239:0
GET /wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.27.13 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Tue, 27 Sep 2022 03:22:03 GMT
vary: Accept-Encoding
etag: W/"63326c5b-1a3e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-admin/admin-ajax.php
192.0.78.239200 OK 0 B URL HTTP/2 oh42fifty.org/wp-admin/admin-ajax.php
IP 192.0.78.239:0
Analyzer Verdict Alert fortinet Phishing
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 51
Origin: https://oh42fifty.org
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128; redirect=1665346090
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:12 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
set-cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128; expires=Sat, 08-Oct-2022 20:38:08 GMT; Max-Age=1797; path=/
access-control-allow-origin: https://oh42fifty.org
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions
192.0.78.239301 Moved Permanently 0 B URL HTTP/2 oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions
IP 192.0.78.239:0
Analyzer Verdict Alert fortinet Phishing
GET /2019/01/17/nfl-conference-championship-weekend-predictions HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 08 Oct 2022 20:08:09 GMT
content-type: text/html; charset=UTF-8
location: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
strict-transport-security: max-age=31536000
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
vary: Cookie
set-cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128; expires=Sat, 08-Oct-2022 20:38:08 GMT; Max-Age=1800; path=/
x-pingback: https://oh42fifty.org/xmlrpc.php
x-redirect-by: WordPress
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
192.0.78.239200 OK 0 B URL HTTP/2 oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
IP 192.0.78.239:0
Analyzer Verdict Alert fortinet Phishing
GET /2019/01/17/nfl-conference-championship-weekend-predictions/ HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
vary: Accept-Encoding, Cookie
set-cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128; expires=Sat, 08-Oct-2022 20:38:08 GMT; Max-Age=1799; path=/
x-pingback: https://oh42fifty.org/xmlrpc.php
link: <https://oh42fifty.org/wp-json/>; rel="https://api.w.org/", <https://oh42fifty.org/wp-json/wp/v2/posts/4047>; rel="alternate"; type="application/json", <https://wp.me/p8wMdF-13h>; rel=shortlink
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/comment-reply.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/comment-reply.min.js
IP 192.0.77.37:0
GET /c/6.0.2/wp-includes/js/comment-reply.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
content-encoding: br
expires: Sun, 08 Oct 2023 20:08:10 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto+Condensed%3A400%2C500%2C700&display=swap&ver=5.2.1
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto+Condensed%3A400%2C500%2C700&display=swap&ver=5.2.1
IP 142.250.74.10:0
GET /css?family=Open+Sans%3A400%2C600%2C700%7CRoboto+Condensed%3A400%2C500%2C700&display=swap&ver=5.2.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 08 Oct 2022 20:08:10 GMT
date: Sat, 08 Oct 2022 20:08:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 0 B URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oh42fifty.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 05:42:51 GMT
expires: Fri, 06 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 224719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
192.0.78.239200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
IP 192.0.78.239:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Dec 2021 16:56:48 GMT
vary: Accept-Encoding
etag: W/"61af9250-2ad"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h
IP 192.0.77.32:0
GET /wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:11 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"5ffc31a9-465"
content-encoding: br
expires: Wed, 23 Nov 2022 13:57:43 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
secure.gravatar.com/dist/css/hovercard.min.css?ver=202240
192.0.73.2200 OK 0 B URL HTTP/2 secure.gravatar.com/dist/css/hovercard.min.css?ver=202240
IP 192.0.73.2:0
GET /dist/css/hovercard.min.css?ver=202240 HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/css
last-modified: Wed, 11 Nov 2020 15:57:10 GMT
etag: W/"5fac09d6-1e86"
content-encoding: br
expires: Sat, 15 Oct 2022 20:08:10 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/td-composer/legacy/Newsmag/js/tagdiv_theme.min.js?ver=5.2.1
192.0.78.239200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/td-composer/legacy/Newsmag/js/tagdiv_theme.min.js?ver=5.2.1
IP 192.0.78.239:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/td-composer/legacy/Newsmag/js/tagdiv_theme.min.js?ver=5.2.1 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Fri, 09 Sep 2022 17:12:56 GMT
vary: Accept-Encoding
etag: W/"631b7418-3ef2c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.0.77.37:0
GET /c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Sun, 08 Oct 2023 20:08:10 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Libre+Baskerville:r%7COpen+Sans:r,i,b,bi&subset=latin,latin-ext,latin,latin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Libre+Baskerville:r%7COpen+Sans:r,i,b,bi&subset=latin,latin-ext,latin,latin-ext
IP 142.250.74.10:0
GET /css?family=Libre+Baskerville:r%7COpen+Sans:r,i,b,bi&subset=latin,latin-ext,latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 08 Oct 2022 20:08:10 GMT
date: Sat, 08 Oct 2022 20:08:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/jetpack/modules/wpgroho.js?ver=11.5-a.1
192.0.78.239200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/jetpack/modules/wpgroho.js?ver=11.5-a.1
IP 192.0.78.239:0
GET /wp-content/plugins/jetpack/modules/wpgroho.js?ver=11.5-a.1 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Tue, 28 Jul 2020 17:06:48 GMT
vary: Accept-Encoding
etag: W/"5f205b28-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslider.min.js?ver=3.27.13
192.0.78.239200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslider.min.js?ver=3.27.13
IP 192.0.78.239:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslider.min.js?ver=3.27.13 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Tue, 27 Sep 2022 03:22:03 GMT
vary: Accept-Encoding
etag: W/"63326c5b-5d2d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
jetpack.wordpress.com/jetpack-comment/?blogid=126022543&postid=4047&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=wp_user_avatar&greeting=Leave+a+Reply&jetpack_comments_nonce=b6972a636f&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=11.5-a.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=3cb7c3cedf300e35cb2a6ae222a62b88e7606647
192.0.78.33200 OK 0 B URL HTTP/2 jetpack.wordpress.com/jetpack-comment/?blogid=126022543&postid=4047&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=wp_user_avatar&greeting=Leave+a+Reply&jetpack_comments_nonce=b6972a636f&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=11.5-a.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=3cb7c3cedf300e35cb2a6ae222a62b88e7606647
IP 192.0.78.33:0
GET /jetpack-comment/?blogid=126022543&postid=4047&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=wp_user_avatar&greeting=Leave+a+Reply&jetpack_comments_nonce=b6972a636f&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=11.5-a.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=3cb7c3cedf300e35cb2a6ae222a62b88e7606647 HTTP/1.1
Host: jetpack.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
content-encoding: br
x-ac: 4.arn _dca BYPASS
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1652185836h&ver=6.1-alpha-53567
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1652185836h&ver=6.1-alpha-53567
IP 192.0.77.32:0
GET /wp-includes/js/wp-emoji-release.min.js?m=1652185836h&ver=6.1-alpha-53567 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:11 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"627a5af9-48b9"
content-encoding: br
expires: Sat, 07 Oct 2023 11:46:38 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.0.77.37:0
GET /c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Sun, 08 Oct 2023 20:08:10 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
oh42fifty.org/wp-content/plugins/advanced-post-slider/js/advps.frnt.script.js?ver=6.0.2
192.0.78.239200 OK 0 B URL HTTP/2 oh42fifty.org/wp-content/plugins/advanced-post-slider/js/advps.frnt.script.js?ver=6.0.2
IP 192.0.78.239:0
GET /wp-content/plugins/advanced-post-slider/js/advps.frnt.script.js?ver=6.0.2 HTTP/1.1
Host: oh42fifty.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oh42fifty.org/2019/01/17/nfl-conference-championship-weekend-predictions/
Cookie: ppwp_wp_session=b4e71c48e10f4f03af6240e8f1a9d070%7C%7C1665261488%7C%7C1665261128
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:10 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Sat, 23 Jul 2022 03:23:13 GMT
vary: Accept-Encoding
etag: W/"62db69a1-398"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
0.gravatar.com/dist/css/services.min.css?ver=202240z
192.0.73.2200 OK 0 B URL HTTP/2 0.gravatar.com/dist/css/services.min.css?ver=202240z
IP 192.0.73.2:0
GET /dist/css/services.min.css?ver=202240z HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:08:11 GMT
content-type: text/css
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
etag: W/"5ab37b5c-a54"
content-encoding: br
expires: Sat, 15 Oct 2022 20:08:11 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2