r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6450
Expires: Sat, 07 Jan 2023 23:24:16 GMT
Date: Sat, 07 Jan 2023 21:36:46 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 516b9d6951b09439a51d5284994ed92f
5c78edb38bae36caa8e2db8ed6635a32e46c91dd
eaaf4ebc59d2a06d02b552154c5adb7c713ffc4a7f5caabcff1c2b4cd6ec5c7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EAAF4EBC59D2A06D02B552154C5ADB7C713FFC4A7F5CAABCFF1C2B4CD6EC5C7B"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19955
Expires: Sun, 08 Jan 2023 03:09:21 GMT
Date: Sat, 07 Jan 2023 21:36:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 07 Jan 2023 20:48:10 GMT
content-type: application/json
age: 2916
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 600f7ba6e1a6fbbd176cd2df19b1e4d9
cdd72b25fd91ee980aba193b12e890096e4fe852
860214860947dfbe26099f018747154823b175fceb2821a390cc655da191a6d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "860214860947DFBE26099F018747154823B175FCEB2821A390CC655DA191A6D0"
Last-Modified: Thu, 05 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6078
Expires: Sat, 07 Jan 2023 23:18:04 GMT
Date: Sat, 07 Jan 2023 21:36:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: x0oe1xurHNzKLdng8ox1jfwbgt2Rs0tq+9W6fQXuOBnOHBZCOcTI85lvIg6MD4s7/xtX8DQgTBo=
x-amz-request-id: 0W1VVKTECHEXFE80
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 07 Jan 2023 21:15:28 GMT
age: 1278
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
blueriversys.com/
302 Found 216 B IP
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 23d74e91d1b32dcc1680bcd59eb3b692
4aa99a1eafcf5272207f5c3498177bb1cb63a86a
717c9e6200b2f2e9e93d98fd48cd2dd3690a4fce6cf991eeeeec5c10f76ee3ba
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 07 Jan 2023 21:36:46 GMT
Server: Apache
Vary: Cookie,Accept-Encoding
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7g.th-OQB4OAzN88bjO0dGM4g1jHcY; Expires=Sat, 07 Jan 2023 23:36:46 GMT; HttpOnly; Path=/
Upgrade: h2,h2c
Location: http://blueriversys.com/home
Content-Length: 216
Status: 302 Found
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 21:36:46 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
blueriversys.com/home
200 OK 3.1 kB IP
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash f58511efd341cfba1ba9e1054ce73903
7d6446c67208211559f47e5c76209a1851a5e9f4
40aa7ee24c96506d4b796fc73bd114900fe0e6bab57929b3ff201eeba60042ca
Analyzer Verdict Alert fortinet Phishing
GET /home HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7g.th-OQB4OAzN88bjO0dGM4g1jHcY
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:47 GMT
Server: Apache
Vary: Cookie,Accept-Encoding
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM; Expires=Sat, 07 Jan 2023 23:36:47 GMT; HttpOnly; Path=/
Status: 200 OK
Content-Encoding: gzip
Content-Length: 3054
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://blueriversys.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 21:36:47 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 90227
expires: Thu, 28 Dec 2023 21:36:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRssTQd7aELrk15weg5HtcUyg4dGPGlNCmrE3%2FTkm7CWRtf1eIIyS4B%2BOG%2BR1g6fw3z4DDSrr0uvFjzwwm%2BixeWirtSABvq0st9MF5e7AdZd3YBJLlyGNmStjndCiWeB4Qam9j1T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 785fd4b74b970b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.6/umd/popper.min.js
200 OK 6.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.6/umd/popper.min.js
IP
File type ASCII text, with very long lines (20800)
Hash dfedfef5394dc12855a1ec785e3bd13b
1d8e5431e41ae6021ae6624ac3f298c3c37cf4cd
85c063db88d550571210304d57a5cd7b1e18e7b3d22e5069ac50c6e18030aecc
GET /ajax/libs/popper.js/1.14.6/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://blueriversys.com
Connection: keep-alive
Referer: http://blueriversys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 21:36:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 6634
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-51ed"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 89494
expires: Thu, 28 Dec 2023 21:36:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycNx5PZFRPbsAVt3r5Na5tI4PAIkE0m4z51wX1EZFAhkPfpVSshJaQlV0ERPDOWYV1uaLkSz2zYP2TkLbQ5pYyoe2yAgz9tebBEc9x7XUOLCs%2F8sR0yhEaFErJBMU9CsL1ltaio4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 785fd4b76b9cb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 101eeea17ae08a712763d24816169527
a5165223bb742687de33a98f74789d5fa82365a9
e864bb9cf301287ba6bcbf7acc07c1911b26cca3983318bd6330916eadb635b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6301
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 21:36:47 GMT
Last-Modified: Sat, 07 Jan 2023 19:51:46 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 101eeea17ae08a712763d24816169527
a5165223bb742687de33a98f74789d5fa82365a9
e864bb9cf301287ba6bcbf7acc07c1911b26cca3983318bd6330916eadb635b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6301
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 21:36:47 GMT
Last-Modified: Sat, 07 Jan 2023 19:51:46 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
code.jquery.com/jquery-3.3.1.slim.min.js
200 OK 24 kB URL HTTP/2 code.jquery.com/jquery-3.3.1.slim.min.js
IP
File type ASCII text, with very long lines (65247)
Hash 0f2e7d37e730fdbb1d8a1e8638529ecb
c21d16978a858baa75be15cb7e799ff000929429
cc938c08b93e67c94c68995709f52133c62cac78991f42058503b9c3d9e4b0b0
GET /jquery-3.3.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://blueriversys.com
Connection: keep-alive
Referer: http://blueriversys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 21:36:47 GMT
content-encoding: gzip
content-length: 24038
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1111d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CP/n550GEoYBCiQ1N2M0Mzc1Ni0wM2RmLTQ5ZGMtOWViYy0xY2UxZDkyMzM4NzIQ+OiCoKvU+wIaBgjvy+edBiIMOTEuOTAuNDIuMTU0KMFTMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiQ0MjVmNjYxYi0yYmVlLTQyYTMtODJhMy04YWMyNDIxNGMyNGYY5rsBIhgIAhIUY2RzMjMwLnNrMS5od2Nkbi5uZXQ=.kDMZ3WKR21WLYVj/Pr/xXsEZeHh3nwDRt0OQaebztvg=
x-hw: 1673127407.dop023.sk1.t,1673127407.cds240.sk1.hn,1673127407.cds230.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 101eeea17ae08a712763d24816169527
a5165223bb742687de33a98f74789d5fa82365a9
e864bb9cf301287ba6bcbf7acc07c1911b26cca3983318bd6330916eadb635b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6301
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 21:36:47 GMT
Last-Modified: Sat, 07 Jan 2023 19:51:46 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
blueriversys.com/css/additional.css
200 OK 4.2 kB URL HTTP/1.1 blueriversys.com/css/additional.css
IP
ASN #398101 GO-DADDY-COM-LLC
Hash 4bd884211168ed4e95ec878c29f64f09
89b18d8f5971231f15064fa3bb6465173ff571e2
e76b0694ae47b5c78a2552231d8c0ea8a1c3effb0893dd41adac52c17bcdec6a
GET /css/additional.css HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:47 GMT
Server: Apache
Content-Disposition: inline; filename=additional.css
Cache-Control: no-cache
Vary: Cookie,Accept-Encoding
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM; Expires=Sat, 07 Jan 2023 23:36:47 GMT; HttpOnly; Path=/
Upgrade: h2,h2c
Last-Modified: Thu, 05 Jan 2023 11:20:13 GMT
Status: 200 OK
Content-Encoding: gzip
Content-Length: 4162
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
blueriversys.com/js/script.js
200 OK 2.5 kB URL HTTP/1.1 blueriversys.com/js/script.js
IP
ASN #398101 GO-DADDY-COM-LLC
Hash 8e0e3542bfc2883f9ab0c7c57a0973ec
426171b05d7f6986216a3e6c3daf9260c6ed8bc9
375268698156a0a141e44f12c6c7a72ceb252d410ff0e3e1d3c2258c6f278485
Analyzer Verdict Alert fortinet Phishing
GET /js/script.js HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:47 GMT
Server: Apache
Content-Disposition: inline; filename=script.js
Cache-Control: no-cache
Vary: Cookie,Accept-Encoding
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM; Expires=Sat, 07 Jan 2023 23:36:47 GMT; HttpOnly; Path=/
Last-Modified: Thu, 05 Jan 2023 11:20:51 GMT
Status: 200 OK
Content-Encoding: gzip
Content-Length: 2497
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/javascript; charset=utf-8
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 63bccc1f66ce9e92e4b40dfb3d397e96
b256695f795919c1fa3d0de461cf4d44fb7573f3
739ed63c77b8f2f8ae1e929d2e6ce784986ea0d3230d2a65cc9f733837c8a581
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 21:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 63bccc1f66ce9e92e4b40dfb3d397e96
b256695f795919c1fa3d0de461cf4d44fb7573f3
739ed63c77b8f2f8ae1e929d2e6ce784986ea0d3230d2a65cc9f733837c8a581
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 21:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 07 Jan 2023 21:33:40 GMT
age: 187
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
blueriversys.com/js/carousel.js
200 OK 868 B URL HTTP/1.1 blueriversys.com/js/carousel.js
IP
ASN #398101 GO-DADDY-COM-LLC
Hash 9768182444b0f0ed80f7d58fcc3cb4be
29d71add6f2c1c505a2fd68f79c99b92b7a97f2a
72fa57d6cd3cc07273e8245f31e9d9985c28ee4200bcd43f7bb13907515e798a
Analyzer Verdict Alert fortinet Phishing
GET /js/carousel.js HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:47 GMT
Server: Apache
Content-Disposition: inline; filename=carousel.js
Cache-Control: no-cache
Vary: Cookie,Accept-Encoding
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM; Expires=Sat, 07 Jan 2023 23:36:47 GMT; HttpOnly; Path=/
Last-Modified: Thu, 05 Jan 2023 11:20:56 GMT
Status: 200 OK
Content-Encoding: gzip
Content-Length: 868
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/javascript; charset=utf-8
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 63bccc1f66ce9e92e4b40dfb3d397e96
b256695f795919c1fa3d0de461cf4d44fb7573f3
739ed63c77b8f2f8ae1e929d2e6ce784986ea0d3230d2a65cc9f733837c8a581
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 21:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://blueriversys.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 21:36:47 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 90835
expires: Thu, 28 Dec 2023 21:36:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VN3gctoq6rIkZIA1dm0qVZEFwgdAIVqY5XLvE5LvNdXMhcWn%2BiALuIRHz3GWHnq%2BsHr8yQQV%2BgmSReE5F5PByQSScNz%2Fs%2FIJjmGeAJ2BxyayZkWXHd%2BO3FRZJ%2BLciu0%2BKYsi20%2Fr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 785fd4b9ae1bb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 294742535da40d02498d9e1c865d4014
99d45ec581ccba41915745f22da696aa9c5758ea
645f09beffda2d924626cedd5aa832a5a0e1b136ddf3fdc0b65fd9526f8b5531
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 21:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blueriversys.com/img/logo.jpg
200 OK 6.5 kB URL HTTP/1.1 blueriversys.com/img/logo.jpg
IP
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x40, components 3\012- data
Hash 0977703014d84f99da8dd0bc28e1fbc1
ac7712f032987bd4988d29bbf4246b95adbb29b3
92fdfbd613f26868e72b5406cd12bc8d1c255a7c1f466d894f32a7d18913ffb3
GET /img/logo.jpg HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:47 GMT
Server: Apache
Content-Disposition: inline; filename=logo.jpg
Cache-Control: no-cache
Vary: Cookie
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM; Expires=Sat, 07 Jan 2023 23:36:47 GMT; HttpOnly; Path=/
Last-Modified: Thu, 05 Jan 2023 11:20:28 GMT
Content-Length: 6534
Status: 200 OK
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.digicert.com/
200 OK 471 B IP
Hash 8589b6a84dd5a09ec546aff38bbd2515
1c3a3d8a69ae7a3ebda64292caf0e0f5968e81f7
f013da155203f0509d56e8174c2ae5ed23aad413b4391f276efd388519743b17
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4906
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 21:36:47 GMT
Last-Modified: Sat, 07 Jan 2023 20:15:01 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/bootstrap.min.css
200 OK 51 kB URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/bootstrap.min.css
IP
File type ASCII text, with very long lines (65324)
Hash 36faf10167ce987b75dd4c943ac65078
7c13fd6f3d8a98b2545fd2514bd8ddd9f028b630
3365cce0e1f0cba7d0ee8d01e4cf9cc544c35fba39103f7586cd366eddbe481f
GET /bootstrap/4.2.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://blueriversys.com
Connection: keep-alive
Referer: http://blueriversys.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 21:36:47 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"f411c136e2bb302ada2120b3eb1d5bc3"
last-modified: Mon, 25 Jan 2021 22:04:07 GMT
cdn-cachedat: 08/20/2022 02:32:12
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 755
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 28b7c02df4efeec3fce9b3f8d49c5b07
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 785fd4b78c6e0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 294742535da40d02498d9e1c865d4014
99d45ec581ccba41915745f22da696aa9c5758ea
645f09beffda2d924626cedd5aa832a5a0e1b136ddf3fdc0b65fd9526f8b5531
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 21:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m5rAQcKhfWUQ4elDsQAUEw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vfUyyceW9YjjynZCOBv0Wvp11j8=
blueriversys.com/pics/og_picture.jpg
200 OK 86 kB URL HTTP/1.1 blueriversys.com/pics/og_picture.jpg
IP
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x317, components 3\012- data
Hash 3ac4728d84d49138ed390924f476131e
fc599f1e9dc6286ff6022619520650c338f3a07a
9bec099dc26eb96ff01035a66955264ee3b66352b235d3b278650cbd62f536d5
GET /pics/og_picture.jpg HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:47 GMT
Server: Apache
Content-Disposition: inline; filename=og_picture.jpg
Cache-Control: no-cache
Vary: Cookie
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM; Expires=Sat, 07 Jan 2023 23:36:47 GMT; HttpOnly; Path=/
Upgrade: h2,h2c
Last-Modified: Thu, 05 Jan 2023 11:20:23 GMT
Content-Length: 85727
Status: 200 OK
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
blueriversys.com/pics/ground_sign.jpg
200 OK 112 kB URL HTTP/1.1 blueriversys.com/pics/ground_sign.jpg
IP
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x462, components 3\012- data
Size 112 kB (111937 bytes)
Hash caa9b0e4228b50af31ed5998e8560945
514d62929cb1c64caf006ec157b7c40dbf1aa7a7
215bac014518f5dc76e0b864371de5814adec79813df211f91ff31ebfafdb035
GET /pics/ground_sign.jpg HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:47 GMT
Server: Apache
Content-Disposition: inline; filename=ground_sign.jpg
Cache-Control: no-cache
Vary: Cookie
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM; Expires=Sat, 07 Jan 2023 23:36:47 GMT; HttpOnly; Path=/
Upgrade: h2,h2c
Last-Modified: Thu, 05 Jan 2023 11:20:22 GMT
Content-Length: 111937
Status: 200 OK
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
blueriversys.com/pics/stone_garden.jpg
200 OK 124 kB URL HTTP/1.1 blueriversys.com/pics/stone_garden.jpg
IP
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x853, components 3\012- data
Size 124 kB (123616 bytes)
Hash 9a29ebf446f508c8cf4ec95914f87af1
94e961c5a6450a7d6bb05eb9a22a3afd5068d73f
35a50723f1fa8af7c462c69543ead2675fa2a388efc84cbbd1dea19e44154e8f
GET /pics/stone_garden.jpg HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:47 GMT
Server: Apache
Content-Disposition: inline; filename=stone_garden.jpg
Cache-Control: no-cache
Vary: Cookie
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM; Expires=Sat, 07 Jan 2023 23:36:47 GMT; HttpOnly; Path=/
Last-Modified: Thu, 05 Jan 2023 11:20:24 GMT
Content-Length: 123616
Status: 200 OK
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
blueriversys.com/pics/building_d_east_lawn.jpg
200 OK 116 kB URL HTTP/1.1 blueriversys.com/pics/building_d_east_lawn.jpg
IP
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x853, components 3\012- data
Size 116 kB (115750 bytes)
Hash 935285a75528b5d81095cdaffd496626
721a4d1c9b0d8ad112ce81c5e2617f085222c391
d1b2cd9a009be9b904b4ec1b5d54f793b0dfc685df1eb4bb4d83ab626912fe23
GET /pics/building_d_east_lawn.jpg HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:47 GMT
Server: Apache
Content-Disposition: inline; filename=building_d_east_lawn.jpg
Cache-Control: no-cache
Vary: Cookie
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM; Expires=Sat, 07 Jan 2023 23:36:47 GMT; HttpOnly; Path=/
Upgrade: h2,h2c
Last-Modified: Thu, 05 Jan 2023 11:20:22 GMT
Content-Length: 115750
Status: 200 OK
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
blueriversys.com/pics/home.jpg
200 OK 92 kB URL HTTP/1.1 blueriversys.com/pics/home.jpg
IP
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x640, components 3\012- data
Hash e4af84102ccb31e5fc18e75eebc5c710
9003e76f4130333c3be94435405ca649c0f21246
5fb41cea4309b8766a474b8355ab8b15cce4dad17d947a235486c61a08db733f
GET /pics/home.jpg HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:47 GMT
Server: Apache
Content-Disposition: inline; filename=home.jpg
Cache-Control: no-cache
Vary: Cookie
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM; Expires=Sat, 07 Jan 2023 23:36:47 GMT; HttpOnly; Path=/
Last-Modified: Thu, 05 Jan 2023 11:20:20 GMT
Content-Length: 91725
Status: 200 OK
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
blueriversys.com/pics/building_d_front_door.jpg
200 OK 114 kB URL HTTP/1.1 blueriversys.com/pics/building_d_front_door.jpg
IP
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x853, components 3\012- data
Size 114 kB (113661 bytes)
Hash cade402a4a41b44fc014c063cea93043
1e84f5292a2d506ab844ea21fcfffb8deadf34df
2789e5695874a75b99a5d1534e76316ba0e521a12dd293f7a1c6ec955780f453
GET /pics/building_d_front_door.jpg HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:48 GMT
Server: Apache
Content-Disposition: inline; filename=building_d_front_door.jpg
Cache-Control: no-cache
Vary: Cookie
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl8A.VgXtAvXOgiR3GSWq_SpFP-SHTfg; Expires=Sat, 07 Jan 2023 23:36:48 GMT; HttpOnly; Path=/
Last-Modified: Thu, 05 Jan 2023 11:20:25 GMT
Content-Length: 113661
Status: 200 OK
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
blueriversys.com/pics/building_d_west_garden.jpg
200 OK 104 kB URL HTTP/1.1 blueriversys.com/pics/building_d_west_garden.jpg
IP
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x853, components 3\012- data
Size 104 kB (104130 bytes)
Hash 3d51d282d16a49734a46541be3c47f0b
dd31ae82797e684a8aeeeac64ee291465bb77710
725f1b73b75e7ca83bf691e3f4e7ba93bf90d578a5c19debd1133d554c6c60eb
GET /pics/building_d_west_garden.jpg HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:48 GMT
Server: Apache
Content-Disposition: inline; filename=building_d_west_garden.jpg
Cache-Control: no-cache
Vary: Cookie
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl8A.VgXtAvXOgiR3GSWq_SpFP-SHTfg; Expires=Sat, 07 Jan 2023 23:36:48 GMT; HttpOnly; Path=/
Last-Modified: Thu, 05 Jan 2023 11:20:22 GMT
Content-Length: 104130
Status: 200 OK
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
blueriversys.com/pics/building_b_south.jpg
200 OK 93 kB URL HTTP/1.1 blueriversys.com/pics/building_b_south.jpg
IP
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 63f3dc2cb3afaf30ebbbfc537226d569
efd99e58ccd7da1441c6f8321428759e095fa33e
5f9a0f9c2707393db26683b340631211fdf878acbc7d13a89d161ff518ceed59
GET /pics/building_b_south.jpg HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:47 GMT
Server: Apache
Content-Disposition: inline; filename=building_b_south.jpg
Cache-Control: no-cache
Vary: Cookie
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM; Expires=Sat, 07 Jan 2023 23:36:47 GMT; HttpOnly; Path=/
Upgrade: h2,h2c
Last-Modified: Thu, 05 Jan 2023 11:20:25 GMT
Content-Length: 92780
Status: 200 OK
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
blueriversys.com/pics/og_picture1.jpg
200 OK 92 kB URL HTTP/1.1 blueriversys.com/pics/og_picture1.jpg
IP
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x640, components 3\012- data
Hash e4af84102ccb31e5fc18e75eebc5c710
9003e76f4130333c3be94435405ca649c0f21246
5fb41cea4309b8766a474b8355ab8b15cce4dad17d947a235486c61a08db733f
GET /pics/og_picture1.jpg HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:48 GMT
Server: Apache
Content-Disposition: inline; filename=og_picture1.jpg
Cache-Control: no-cache
Vary: Cookie
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl8A.VgXtAvXOgiR3GSWq_SpFP-SHTfg; Expires=Sat, 07 Jan 2023 23:36:48 GMT; HttpOnly; Path=/
Last-Modified: Thu, 05 Jan 2023 11:20:21 GMT
Content-Length: 91725
Status: 200 OK
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
blueriversys.com/pics/swiming_pool_pic2.jpg
200 OK 115 kB URL HTTP/1.1 blueriversys.com/pics/swiming_pool_pic2.jpg
IP
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x853, components 3\012- data
Size 115 kB (114710 bytes)
Hash e9dfc502c8dc822b85c5cce57bdef4e8
3285332b0c78f8c7533c39e332d8f0857d94154a
cdf722008e21f6504652c1a531b5dd700680dc85ce196642e51b1ea24aeaef83
GET /pics/swiming_pool_pic2.jpg HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:48 GMT
Server: Apache
Content-Disposition: inline; filename=swiming_pool_pic2.jpg
Cache-Control: no-cache
Vary: Cookie
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl8A.VgXtAvXOgiR3GSWq_SpFP-SHTfg; Expires=Sat, 07 Jan 2023 23:36:48 GMT; HttpOnly; Path=/
Last-Modified: Thu, 05 Jan 2023 11:20:19 GMT
Content-Length: 114710
Status: 200 OK
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
blueriversys.com/pics/center_lawn_garden.jpg
200 OK 125 kB URL HTTP/1.1 blueriversys.com/pics/center_lawn_garden.jpg
IP
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x853, components 3\012- data
Size 125 kB (125117 bytes)
Hash a670ff766edc49c6d264c8f4eeca993a
c3b18c08259cc76ddc7400c8a26c16ffcb45f6c9
0f69b3b3103f7565b96784a8fe67d23aa58c4a9957683a1069f214403a231345
GET /pics/center_lawn_garden.jpg HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:48 GMT
Server: Apache
Content-Disposition: inline; filename=center_lawn_garden.jpg
Cache-Control: no-cache
Vary: Cookie
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl8A.VgXtAvXOgiR3GSWq_SpFP-SHTfg; Expires=Sat, 07 Jan 2023 23:36:48 GMT; HttpOnly; Path=/
Last-Modified: Thu, 05 Jan 2023 11:20:25 GMT
Content-Length: 125117
Status: 200 OK
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
blueriversys.com/pics/blueriver-transparent4.gif
200 OK 5.2 kB URL HTTP/1.1 blueriversys.com/pics/blueriver-transparent4.gif
IP
ASN #398101 GO-DADDY-COM-LLC
File type GIF image data, version 89a, 300 x 57\012- data
Hash 3c92d4fc19842975ea0460799c5f92d1
c19b9f32571773817d11a329bb7361e283640e27
13bfb72f02a79124091c21cf6a0c167b71df4914838c4fd8d1dae8726b85b344
GET /pics/blueriver-transparent4.gif HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:48 GMT
Server: Apache
Content-Disposition: inline; filename=blueriver-transparent4.gif
Cache-Control: no-cache
Vary: Cookie
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl8A.VgXtAvXOgiR3GSWq_SpFP-SHTfg; Expires=Sat, 07 Jan 2023 23:36:48 GMT; HttpOnly; Path=/
Last-Modified: Thu, 05 Jan 2023 11:20:19 GMT
Content-Length: 5214
Status: 200 OK
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/gif
blueriversys.com/pics/swiming_pool_pic1.jpg
200 OK 115 kB URL HTTP/1.1 blueriversys.com/pics/swiming_pool_pic1.jpg
IP
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Size 115 kB (114674 bytes)
Hash 02e1dbf74ca66d749e5725bfc8660f19
eac6bf846aa81179ff056eab4232f1ee34cd1742
60735c4af35b8e18b8f0a1ac5a9557390dffc6ea99f9e40d7db3e524185a49bd
GET /pics/swiming_pool_pic1.jpg HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:48 GMT
Server: Apache
Content-Disposition: inline; filename=swiming_pool_pic1.jpg
Cache-Control: no-cache
Vary: Cookie
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl8A.VgXtAvXOgiR3GSWq_SpFP-SHTfg; Expires=Sat, 07 Jan 2023 23:36:48 GMT; HttpOnly; Path=/
Last-Modified: Thu, 05 Jan 2023 11:20:20 GMT
Content-Length: 114674
Status: 200 OK
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6734
Expires: Sat, 07 Jan 2023 23:29:03 GMT
Date: Sat, 07 Jan 2023 21:36:49 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6734
Expires: Sat, 07 Jan 2023 23:29:03 GMT
Date: Sat, 07 Jan 2023 21:36:49 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6734
Expires: Sat, 07 Jan 2023 23:29:03 GMT
Date: Sat, 07 Jan 2023 21:36:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65a13b7b11843a364e80dbc2d54345ff
5b24f4bf17da840e61d96b0ed7452911539dbf67
8dea14e05eb2a0c850fe9441b605f50ec6206baf57da4293f2297cab0a82fe37
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10064
x-amzn-requestid: 69f52653-2506-462d-9893-0f799b344286
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVkwUGirIAMFncw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8819b-0fa57a29615e8bb45dc4542a;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 20:16:27 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: wIRDocC9oXbYc6MO03kfkfBlZe44nlRSoJUaEkt23Hoxp_f51r6FAw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 ae06b19943a6bad1c1b12b79f7339498.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 04:22:22 GMT
age: 62067
etag: "5b24f4bf17da840e61d96b0ed7452911539dbf67"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
blueriversys.com/pics/building_b_east.jpg
200 OK 121 kB URL HTTP/1.1 blueriversys.com/pics/building_b_east.jpg
IP
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x853, components 3\012- data
Size 121 kB (120621 bytes)
Hash 051c0d48ee56cbaed48f07f36ee1fc64
a769268447927558ba3b85bef6a9d673f618e3f8
0db1d9b57f2cf37bf6a50591f51c68dd980543057105217343f646c411c0b836
GET /pics/building_b_east.jpg HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:49 GMT
Server: Apache
Content-Disposition: inline; filename=building_b_east.jpg
Cache-Control: no-cache
Vary: Cookie
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl8Q.Nll_K9uUu_A3fbmnH8U6PFtUlGg; Expires=Sat, 07 Jan 2023 23:36:49 GMT; HttpOnly; Path=/
Last-Modified: Thu, 05 Jan 2023 11:20:26 GMT
Content-Length: 120621
Status: 200 OK
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ef3a07b-bcd6-4039-8f1b-5315d2fe51c2.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ef3a07b-bcd6-4039-8f1b-5315d2fe51c2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9ea2a04001ae6e92e56682f186ffbc2
dea01d8485f04aba4dcae63eb073a76d242a0095
c71e983f9d53f96de3553eb78da4f6da141d3dd381b1a1d55061f9141d3a54b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ef3a07b-bcd6-4039-8f1b-5315d2fe51c2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5657
x-amzn-requestid: 4bb9764d-0119-4201-b4e1-f3193d436022
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVxL5G-VoAMFblQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8957f-65d303390f3426bc006f23f3;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 21:41:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: x2J2pA3SunX-oqNpW1qO9rRvN4oylDoaKvx1WaQx_-BgHEo2YvvkZg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:58:04 GMT
age: 85125
etag: "dea01d8485f04aba4dcae63eb073a76d242a0095"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e9dc28-a1b8-4185-9eb1-6856bb670646.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e9dc28-a1b8-4185-9eb1-6856bb670646.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c0fd17757d97ed3b4570387623f465f
889b2e3d0db6f9bc03393ff59a5eb7bee816cac3
1035a9d3c973762adfc08529b59642c3839ef95a7e8cfcced63e61ec154ad092
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e9dc28-a1b8-4185-9eb1-6856bb670646.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10695
x-amzn-requestid: ae69c1c3-22f6-49de-91ec-8e7a854e4b27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eGCNWFo5IAMFUKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b24a55-75032a3e7ab3eb897382cad4;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 03:07:01 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 5ZQenYpYQdMO-K0uy0zgWwUVEGUHGy1M_jgQI6VoMt1LEtaQBWGiRg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 12:14:12 GMT
age: 33757
etag: "889b2e3d0db6f9bc03393ff59a5eb7bee816cac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vIFVXgt2RmoplkAVOtUrOkXj3LmhRw-XEPe7fugZ2-mv_iDY07XzUg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 00:24:31 GMT
age: 76338
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d67a310-d244-479a-9ebb-bf5b5c75e519.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d67a310-d244-479a-9ebb-bf5b5c75e519.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 569ab3d1c95ef110fc80a984d71bffa6
15594d74ec26cc2407277f852a2b6722851967e0
b174c4e156716b22d36fe6205d5fa8d4fa56d8aa72fa0e18f1d939bfdc3bf6ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d67a310-d244-479a-9ebb-bf5b5c75e519.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10203
x-amzn-requestid: 7829bd25-6479-4294-9e72-b26e55ca30ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eNLJNHr-IAMFVEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5256d-3741d67261b41cde2aa36efb;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 07:06:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eKE0LNhazQOCxUaAsJA_3VO20Veg-zv9Qk3lgD3KY_DwFQe4YS0Rjg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 05:05:18 GMT
age: 59491
etag: "15594d74ec26cc2407277f852a2b6722851967e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
blueriversys.com/pics/blueriver_logo_big.jpg
200 OK 611 kB URL HTTP/1.1 blueriversys.com/pics/blueriver_logo_big.jpg
IP
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, baseline, precision 8, 507x134, components 4\012- data
Size 611 kB (611306 bytes)
Hash 3456389efda84e838e29d1aed96a9db8
3e7e7b8120921b6ee6fcf651acb49244bbe8925b
1c0f62761c8e1a18d8fe8bb07a04b5070909e6966a39ccf5e537373a8a96dec1
GET /pics/blueriver_logo_big.jpg HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:48 GMT
Server: Apache
Content-Disposition: inline; filename=blueriver_logo_big.jpg
Cache-Control: no-cache
Vary: Cookie
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl8A.VgXtAvXOgiR3GSWq_SpFP-SHTfg; Expires=Sat, 07 Jan 2023 23:36:48 GMT; HttpOnly; Path=/
Last-Modified: Thu, 05 Jan 2023 11:20:24 GMT
Content-Length: 611306
Status: 200 OK
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe337b2fa-7f8d-45d1-9c3b-36a6e16363af.webp
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe337b2fa-7f8d-45d1-9c3b-36a6e16363af.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3356bee662c2ea20cbebff5293e73340
625cfd3806740998c859fef8c1153efea72f5342
cd973426a15b28fa2c141e927ebf4e12faa05665780a3cd5010f874769b336e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe337b2fa-7f8d-45d1-9c3b-36a6e16363af.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13620
x-amzn-requestid: 0858cbd0-5965-477b-9d5f-015243f86e12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ePk56F4JoAMF5Uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b61b72-705a9ad403bb7795397926fd;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 00:36:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _BEaXb201gimcwDsb3uSk_O3LEH22mmdfCfCEnUSdWSAwprC8q4z7A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 15:02:30 GMT
age: 23659
etag: "625cfd3806740998c859fef8c1153efea72f5342"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
blueriversys.com/pics/building_a_east_lawn.jpg
200 OK 110 kB URL HTTP/1.1 blueriversys.com/pics/building_a_east_lawn.jpg
IP
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Size 110 kB (109917 bytes)
Hash 3c2218174cfce8aea44c45972e571794
5cb5901ceac52e2013bd5ebc62908b1204a7ce9a
e8c633c94d3e009a8996f0797919ff1728570e7427468262da19dabefc402648
GET /pics/building_a_east_lawn.jpg HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl7w.Rjf31uvx71Qw0z2DN0yMJowX1tM
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:48 GMT
Server: Apache
Content-Disposition: inline; filename=building_a_east_lawn.jpg
Cache-Control: no-cache
Vary: Cookie
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl8A.VgXtAvXOgiR3GSWq_SpFP-SHTfg; Expires=Sat, 07 Jan 2023 23:36:48 GMT; HttpOnly; Path=/
Last-Modified: Thu, 05 Jan 2023 11:20:26 GMT
Content-Length: 109917
Status: 200 OK
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
blueriversys.com/img/favicon.png
200 OK 2.7 kB URL HTTP/1.1 blueriversys.com/img/favicon.png
IP
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 1cff50a22a3ecd2f6518239df0e7e532
b442df9d6403f5ec805734e3707a4ebf88bd1085
f86cbc6e9a080881f10018d63f749cbad048b8212851d73767c7a835891e03bf
GET /img/favicon.png HTTP/1.1
Host: blueriversys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blueriversys.com/home
Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl8Q.Nll_K9uUu_A3fbmnH8U6PFtUlGg
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 21:36:49 GMT
Server: Apache
Content-Disposition: inline; filename=favicon.png
Cache-Control: no-cache
Vary: Cookie
X-Powered-By: Phusion Passenger 6.0.7
Set-Cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlfQ.Y7nl8Q.Nll_K9uUu_A3fbmnH8U6PFtUlGg; Expires=Sat, 07 Jan 2023 23:36:49 GMT; HttpOnly; Path=/
Last-Modified: Thu, 05 Jan 2023 11:20:32 GMT
Content-Length: 2746
Status: 200 OK
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
fonts.googleapis.com/css2?family=Federo&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Federo&display=swap
IP
GET /css2?family=Federo&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://blueriversys.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 07 Jan 2023 21:36:47 GMT
date: Sat, 07 Jan 2023 21:36:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/bootstrap.min.js
200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/bootstrap.min.js
IP
GET /bootstrap/4.2.1/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://blueriversys.com
Connection: keep-alive
Referer: http://blueriversys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 21:36:47 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"6895e8cd60b62646ce12426015888f58"
last-modified: Mon, 25 Jan 2021 22:04:07 GMT
cdn-cachedat: 11/18/2022 06:18:51
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 6df71261ee78d7991428cff88e400793
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 785fd4b79c8a0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Fondamento&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Fondamento&display=swap
IP
GET /css2?family=Fondamento&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://blueriversys.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 07 Jan 2023 21:36:47 GMT
date: Sat, 07 Jan 2023 21:36:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
208.109.42.241
104.17.25.14
93.184.220.29
23.36.77.32