| firefox.settings.services.mozilla.com/v1/ | 143.204.55.115 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.115:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash91dd975a7b17b2922dd23c0e49314e40 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 16 Sep 2022 03:10:43 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fejhxEI1VNP-nkSzlSrpA0ubYtNKEjmBLVrQUoh45vGe6ngC_Kl5QQ==
Age: 528
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash96daaf84cd2c07756756caf7a2724a29 d24d47c68eec98d44bf341dab9d893df97103e1a fef9ce9f75ec19e7ae2ccbffb6654db2473a2b4acc94c1b4303e5ec24149465f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FEF9CE9F75EC19E7AE2CCBFFB6654DB2473A2B4ACC94C1B4303E5EC24149465F"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19022
Expires: Fri, 16 Sep 2022 08:36:34 GMT
Date: Fri, 16 Sep 2022 03:19:32 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain | 143.204.55.49 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain IP143.204.55.49:0
File typePEM certificate\012- , ASCII text Hash742edb4038f38bc533514982f3d2e861 cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4C0jAeZ0_SLALEph53bTl5yVv-Bont7mDtfopPfjPwvVgmdKKgSrbQ==
age: 81857
X-Firefox-Spdy: h2
|
|
| westvalleypublisher.com/index.php/lists/ol957optsq744/confirm-unsubscribe/mq386yba9y84d/cs958nk4ele3a | 51.222.144.54 | 301 Moved Permanently | 17 B |
URL HTTP/1.1westvalleypublisher.com/index.php/lists/ol957optsq744/confirm-unsubscribe/mq386yba9y84d/cs958nk4ele3a IP51.222.144.54:0
File typeASCII text, with no line terminators Hash58ace0ea86287f4a3c3258b0af3e6993 e04c5335922c5e457f0a7cd62c93c4a7f699f829 d18ed36671b8618520016c81125aa889a5b800872038c5e009ef49cd305088cd
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /index.php/lists/ol957optsq744/confirm-unsubscribe/mq386yba9y84d/cs958nk4ele3a HTTP/1.1
Host: westvalleypublisher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://westvalleypublisher.com/index.php/lists/ol957optsq744/confirm-unsubscribe/mq386yba9y84d/cs958nk4ele3a
Date: Fri, 16 Sep 2022 03:19:32 GMT
Content-Length: 17
Content-Type: text/plain; charset=utf-8
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 03:19:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.115 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.115:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 16 Sep 2022 03:03:22 GMT
Cache-Control: max-age=3600
Expires: Fri, 16 Sep 2022 03:08:34 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zV88dVqUsMH-JqZHL6iesQb9mofHtCJyqtu0MhMLX4JGpryg6k-F2g==
Age: 970
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash99198197555ee66c804bb80638907706 f975af4cadf3ff016465d02912121b78a20b213c 828795a262ff50ace055c841742227d3ceea149fb92dfb17e64f4c1fc2451e0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "828795A262FF50ACE055C841742227D3CEEA149FB92DFB17E64F4C1FC2451E0D"
Last-Modified: Tue, 13 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21568
Expires: Fri, 16 Sep 2022 09:19:01 GMT
Date: Fri, 16 Sep 2022 03:19:33 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashd597af1ab2f21a983bf0f0d105b94209 9d5dd938777abde094c89066b539141a02106b88 a614eb7f969544c8040642be7c852625341e2441e757d063d2af1ff465c8c3f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4455
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 03:19:33 GMT
Last-Modified: Fri, 16 Sep 2022 02:05:18 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 54.149.28.179 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.149.28.179:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1TFiQVQm69MIZ8QNeYM2Rw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wpy1I5/npQLzRqq977/I91vqCQQ=
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css?av=9a3109e4 | 104.17.25.14 | 200 OK | 5.0 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css?av=9a3109e4 IP104.17.25.14:0
File typeASCII text, with very long lines (27303) Hashfb68fcb5e0519fb76559c9ab267f8f3f b96c07f9ef44dbecb4ec4d1cb4a0b30a210f9825 8d0f29c4b3a8b511e6a46bc29ab3d96566fb244fdca5003156c04ea6b65cdd71
GET /ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css?av=9a3109e4 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westvalleypublisher.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 03:19:33 GMT
content-type: text/css; charset=utf-8
content-length: 4972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-6b4a"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8583968
expires: Wed, 06 Sep 2023 03:19:33 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lH2LOl216GsM8wAhGmoYd0UGkylpBDL1aNcV9vuDY94J7LbnFIkk8TFtmpidF%2BLKIOyIrF4LyflsyheeePVnfurrajjtPoUuNBdNBwR9jClGNDkK3CnlS4lSLYADIbc6ECI9R%2B5C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74b676139defb4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css?av=9a3109e4 | 104.17.25.14 | 200 OK | 6.6 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css?av=9a3109e4 IP104.17.25.14:0
File typeUnicode text, UTF-8 text, with very long lines (50806) Hash0db2e85f504f65d4eba65a3a3176b99e 49445ca83b52538d5fb8f4ef3c5ed0bee904dc81 0153ed381a818cbc0ddab7d832c84bc3aae2aed1ccbe9821d625d6637046c953
GET /ajax/libs/ionicons/2.0.1/css/ionicons.min.css?av=9a3109e4 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westvalleypublisher.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 03:19:33 GMT
content-type: text/css; charset=utf-8
content-length: 6642
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ea8-c854"
last-modified: Mon, 04 May 2020 16:11:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3150787
expires: Wed, 06 Sep 2023 03:19:33 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tWIIAy3v%2FJmjygvZVYbCSVhBKzUCeYtspW%2BOrjjPvnNqMvJRx9vVWit%2FN%2B1nOdz%2FqebeLs1mvokoxecTCvKUewlkWJhqz3pDMOotixBYIXXnW20iYmH4alQxNA8D2CsQuAdMr1r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74b676139df0b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash7975b33417f675d21a178b997288d616 1d2e957c46d45d6cb2f44389f3dcc66c880b6065 daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 03:19:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash7975b33417f675d21a178b997288d616 1d2e957c46d45d6cb2f44389f3dcc66c880b6065 daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 03:19:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash7975b33417f675d21a178b997288d616 1d2e957c46d45d6cb2f44389f3dcc66c880b6065 daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 03:19:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash7975b33417f675d21a178b997288d616 1d2e957c46d45d6cb2f44389f3dcc66c880b6065 daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 03:19:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| westvalleypublisher.com/assets/css/bootstrap.min.css?av=9a3109e4 | 51.222.144.54 | 200 OK | 100 kB |
URL HTTP/2westvalleypublisher.com/assets/css/bootstrap.min.css?av=9a3109e4 IP51.222.144.54:0
File typeASCII text, with very long lines (65366) Hash8a7442ca6bedd62cec4881040b9a9e83 e2d2b846e9ea72a1985458a3748aab4e01a8fb3a e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /assets/css/bootstrap.min.css?av=9a3109e4 HTTP/1.1
Host: westvalleypublisher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westvalleypublisher.com/index.php/lists/ol957optsq744/confirm-unsubscribe/mq386yba9y84d/cs958nk4ele3a
Cookie: mwsid=l4affdqs42pchdvslgts85rqhn; csrf_token=dc554736b154d7bec5b920415673996fb22c7adbs%3A88%3A%22dUZEcmF5d2M4OGUyVzV1UVhxQlRxcnJmSFdFQW1pbE7Qj1RrvRz_X2fM2TkYXiSmgAABoeE4i10hyFE5ZHADvw%3D%3D%22%3B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/css
date: Fri, 16 Sep 2022 03:19:33 GMT
etag: "62da0d84-18679"
last-modified: Fri, 22 Jul 2022 02:37:56 GMT
server: nginx/1.23.1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 99961
X-Firefox-Spdy: h2
|
|
| westvalleypublisher.com/frontend/assets/css/style.css?av=9a3109e4 | 51.222.144.54 | 200 OK | 16 kB |
URL HTTP/2westvalleypublisher.com/frontend/assets/css/style.css?av=9a3109e4 IP51.222.144.54:0
Hash0704fe77a703921a5520c4ef079b3ac4 c8d27d838b3e0f80232e76ffc0ec2c8af08727ce 6a6249eb2886276d28435052d388fe35557ea936825d1e06629849ec700bfd95
GET /frontend/assets/css/style.css?av=9a3109e4 HTTP/1.1
Host: westvalleypublisher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westvalleypublisher.com/index.php/lists/ol957optsq744/confirm-unsubscribe/mq386yba9y84d/cs958nk4ele3a
Cookie: mwsid=l4affdqs42pchdvslgts85rqhn; csrf_token=dc554736b154d7bec5b920415673996fb22c7adbs%3A88%3A%22dUZEcmF5d2M4OGUyVzV1UVhxQlRxcnJmSFdFQW1pbE7Qj1RrvRz_X2fM2TkYXiSmgAABoeE4i10hyFE5ZHADvw%3D%3D%22%3B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/css
date: Fri, 16 Sep 2022 03:19:33 GMT
etag: "62da0d84-3fc6"
last-modified: Fri, 22 Jul 2022 02:37:56 GMT
server: nginx/1.23.1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 16326
X-Firefox-Spdy: h2
|
|
| westvalleypublisher.com/assets/css/skin-blue.css?av=9a3109e4 | 51.222.144.54 | 200 OK | 3.6 kB |
URL HTTP/2westvalleypublisher.com/assets/css/skin-blue.css?av=9a3109e4 IP51.222.144.54:0
Hash736dc5a80d350f34661eeb11ec02c7ee ad568e0fef2c72bdf111e8e1f55e9245fd45ad30 d028883419fbc261a8588de03fcba282debb5e92853974d69bca9f5df9f4904d
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /assets/css/skin-blue.css?av=9a3109e4 HTTP/1.1
Host: westvalleypublisher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westvalleypublisher.com/index.php/lists/ol957optsq744/confirm-unsubscribe/mq386yba9y84d/cs958nk4ele3a
Cookie: mwsid=l4affdqs42pchdvslgts85rqhn; csrf_token=dc554736b154d7bec5b920415673996fb22c7adbs%3A88%3A%22dUZEcmF5d2M4OGUyVzV1UVhxQlRxcnJmSFdFQW1pbE7Qj1RrvRz_X2fM2TkYXiSmgAABoeE4i10hyFE5ZHADvw%3D%3D%22%3B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/css
date: Fri, 16 Sep 2022 03:19:33 GMT
etag: "62da0d84-e04"
last-modified: Fri, 22 Jul 2022 02:37:56 GMT
server: nginx/1.23.1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 3588
X-Firefox-Spdy: h2
|
|
| westvalleypublisher.com/assets/js/bootstrap.min.js?av=9a3109e4 | 51.222.144.54 | 200 OK | 29 kB |
URL HTTP/2westvalleypublisher.com/assets/js/bootstrap.min.js?av=9a3109e4 IP51.222.144.54:0
File typeASCII text, with very long lines (28941) Hashba847811448ef90d98d272aeccef2a95 5814e91bb6276f4de8b7951c965f2f190a03978d 898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
GET /assets/js/bootstrap.min.js?av=9a3109e4 HTTP/1.1
Host: westvalleypublisher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westvalleypublisher.com/index.php/lists/ol957optsq744/confirm-unsubscribe/mq386yba9y84d/cs958nk4ele3a
Cookie: mwsid=l4affdqs42pchdvslgts85rqhn; csrf_token=dc554736b154d7bec5b920415673996fb22c7adbs%3A88%3A%22dUZEcmF5d2M4OGUyVzV1UVhxQlRxcnJmSFdFQW1pbE7Qj1RrvRz_X2fM2TkYXiSmgAABoeE4i10hyFE5ZHADvw%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
date: Fri, 16 Sep 2022 03:19:33 GMT
etag: "62da0d84-71b6"
last-modified: Fri, 22 Jul 2022 02:37:56 GMT
server: nginx/1.23.1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 29110
X-Firefox-Spdy: h2
|
|
| westvalleypublisher.com/assets/css/adminlte.css?av=9a3109e4 | 51.222.144.54 | 200 OK | 214 kB |
URL HTTP/2westvalleypublisher.com/assets/css/adminlte.css?av=9a3109e4 IP51.222.144.54:0
Size214 kB (214102 bytes) Hash8221363789359c60aa1d9aaab428b6d3 6fccb9fd50b24bf591d557c85087b20b4139fdfe 5d2f5cc8ef872b64723d2a4a32b77f957d87392dbfdd618d5d3c4d363602e3a1
GET /assets/css/adminlte.css?av=9a3109e4 HTTP/1.1
Host: westvalleypublisher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westvalleypublisher.com/index.php/lists/ol957optsq744/confirm-unsubscribe/mq386yba9y84d/cs958nk4ele3a
Cookie: mwsid=l4affdqs42pchdvslgts85rqhn; csrf_token=dc554736b154d7bec5b920415673996fb22c7adbs%3A88%3A%22dUZEcmF5d2M4OGUyVzV1UVhxQlRxcnJmSFdFQW1pbE7Qj1RrvRz_X2fM2TkYXiSmgAABoeE4i10hyFE5ZHADvw%3D%3D%22%3B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/css
date: Fri, 16 Sep 2022 03:19:33 GMT
etag: "62da0d84-34456"
last-modified: Fri, 22 Jul 2022 02:37:56 GMT
server: nginx/1.23.1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 214102
X-Firefox-Spdy: h2
|
|
| westvalleypublisher.com/assets/js/notify.js?av=9a3109e4 | 51.222.144.54 | 200 OK | 5.6 kB |
URL HTTP/2westvalleypublisher.com/assets/js/notify.js?av=9a3109e4 IP51.222.144.54:0
Hash7ea0d3c764c478bbc3c9ae6d0b001cad 19ba17b7fd02563b89f03ff6f1d8576539ff1392 eb611854a404011a74a21d0d982954c5a220c582b894b25c3c04b9474ba24de4
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /assets/js/notify.js?av=9a3109e4 HTTP/1.1
Host: westvalleypublisher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westvalleypublisher.com/index.php/lists/ol957optsq744/confirm-unsubscribe/mq386yba9y84d/cs958nk4ele3a
Cookie: mwsid=l4affdqs42pchdvslgts85rqhn; csrf_token=dc554736b154d7bec5b920415673996fb22c7adbs%3A88%3A%22dUZEcmF5d2M4OGUyVzV1UVhxQlRxcnJmSFdFQW1pbE7Qj1RrvRz_X2fM2TkYXiSmgAABoeE4i10hyFE5ZHADvw%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
date: Fri, 16 Sep 2022 03:19:33 GMT
etag: "62da0d84-15de"
last-modified: Fri, 22 Jul 2022 02:37:56 GMT
server: nginx/1.23.1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 5598
X-Firefox-Spdy: h2
|
|
| westvalleypublisher.com/frontend/assets/cache/7414c38f/jquery.min.js | 51.222.144.54 | 200 OK | 96 kB |
URL HTTP/2westvalleypublisher.com/frontend/assets/cache/7414c38f/jquery.min.js IP51.222.144.54:0
File typeASCII text, with very long lines (32086) Hash8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /frontend/assets/cache/7414c38f/jquery.min.js HTTP/1.1
Host: westvalleypublisher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westvalleypublisher.com/index.php/lists/ol957optsq744/confirm-unsubscribe/mq386yba9y84d/cs958nk4ele3a
Cookie: mwsid=l4affdqs42pchdvslgts85rqhn; csrf_token=dc554736b154d7bec5b920415673996fb22c7adbs%3A88%3A%22dUZEcmF5d2M4OGUyVzV1UVhxQlRxcnJmSFdFQW1pbE7Qj1RrvRz_X2fM2TkYXiSmgAABoeE4i10hyFE5ZHADvw%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
date: Fri, 16 Sep 2022 03:19:33 GMT
etag: "62e19358-1762a"
last-modified: Wed, 27 Jul 2022 19:34:48 GMT
server: nginx/1.23.1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 95786
X-Firefox-Spdy: h2
|
|
| westvalleypublisher.com/assets/js/knockout.min.js?av=9a3109e4 | 51.222.144.54 | 200 OK | 60 kB |
URL HTTP/2westvalleypublisher.com/assets/js/knockout.min.js?av=9a3109e4 IP51.222.144.54:0
File typeASCII text, with very long lines (564) Hashfa8662c7a8415d0355f444eaff534845 b60c2c301c280378b4d51769cb20a46e65989c73 972f13893b7056c0567637a44ea4c994b1b3dd1b20e185ebf3478ae9086d74cb
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /assets/js/knockout.min.js?av=9a3109e4 HTTP/1.1
Host: westvalleypublisher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westvalleypublisher.com/index.php/lists/ol957optsq744/confirm-unsubscribe/mq386yba9y84d/cs958nk4ele3a
Cookie: mwsid=l4affdqs42pchdvslgts85rqhn; csrf_token=dc554736b154d7bec5b920415673996fb22c7adbs%3A88%3A%22dUZEcmF5d2M4OGUyVzV1UVhxQlRxcnJmSFdFQW1pbE7Qj1RrvRz_X2fM2TkYXiSmgAABoeE4i10hyFE5ZHADvw%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
date: Fri, 16 Sep 2022 03:19:33 GMT
etag: "62da0d84-e9ae"
last-modified: Fri, 22 Jul 2022 02:37:56 GMT
server: nginx/1.23.1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 59822
X-Firefox-Spdy: h2
|
|
| westvalleypublisher.com/assets/js/adminlte.js?av=9a3109e4 | 51.222.144.54 | 200 OK | 9.8 kB |
URL HTTP/2westvalleypublisher.com/assets/js/adminlte.js?av=9a3109e4 IP51.222.144.54:0
File typeASCII text, with very long lines (9373) Hashadd5b3f0900365f3b4240664da17760e 7cbd53bfcf830e7c150d6bb55efcc2832e7543e7 42338bc162a705b04953fc72340216dbefb55cf12ec1a6e7cad04e5e680e26bc
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /assets/js/adminlte.js?av=9a3109e4 HTTP/1.1
Host: westvalleypublisher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westvalleypublisher.com/index.php/lists/ol957optsq744/confirm-unsubscribe/mq386yba9y84d/cs958nk4ele3a
Cookie: mwsid=l4affdqs42pchdvslgts85rqhn; csrf_token=dc554736b154d7bec5b920415673996fb22c7adbs%3A88%3A%22dUZEcmF5d2M4OGUyVzV1UVhxQlRxcnJmSFdFQW1pbE7Qj1RrvRz_X2fM2TkYXiSmgAABoeE4i10hyFE5ZHADvw%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
date: Fri, 16 Sep 2022 03:19:33 GMT
etag: "62da0d84-262e"
last-modified: Fri, 22 Jul 2022 02:37:56 GMT
server: nginx/1.23.1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 9774
X-Firefox-Spdy: h2
|
|
| westvalleypublisher.com/assets/js/cookie.js?av=9a3109e4 | 51.222.144.54 | 200 OK | 4.9 kB |
URL HTTP/2westvalleypublisher.com/assets/js/cookie.js?av=9a3109e4 IP51.222.144.54:0
Hash449dd3907404cead5d8ba6203b3550dc c9bb690411c3f46145f8ea137e6783929d8c27aa 3585a42757908ba2ace27f41b01256f6cf4ffb9679f7ac0ff8957817d5ccfde1
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /assets/js/cookie.js?av=9a3109e4 HTTP/1.1
Host: westvalleypublisher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westvalleypublisher.com/index.php/lists/ol957optsq744/confirm-unsubscribe/mq386yba9y84d/cs958nk4ele3a
Cookie: mwsid=l4affdqs42pchdvslgts85rqhn; csrf_token=dc554736b154d7bec5b920415673996fb22c7adbs%3A88%3A%22dUZEcmF5d2M4OGUyVzV1UVhxQlRxcnJmSFdFQW1pbE7Qj1RrvRz_X2fM2TkYXiSmgAABoeE4i10hyFE5ZHADvw%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
date: Fri, 16 Sep 2022 03:19:33 GMT
etag: "62da0d84-134a"
last-modified: Fri, 22 Jul 2022 02:37:56 GMT
server: nginx/1.23.1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 4938
X-Firefox-Spdy: h2
|
|
| westvalleypublisher.com/assets/js/app.js?av=9a3109e4 | 51.222.144.54 | 200 OK | 2.3 kB |
URL HTTP/2westvalleypublisher.com/assets/js/app.js?av=9a3109e4 IP51.222.144.54:0
Hashfce662fe3dd4bd3be35b6c3abec80ff9 f76e098ad417541ef91067c3de79a52a9b19f9c3 81b55a53574a03bf7aa7847d9c12da1a44f2ef01f6ecef5bf5f818426150cd78
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /assets/js/app.js?av=9a3109e4 HTTP/1.1
Host: westvalleypublisher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westvalleypublisher.com/index.php/lists/ol957optsq744/confirm-unsubscribe/mq386yba9y84d/cs958nk4ele3a
Cookie: mwsid=l4affdqs42pchdvslgts85rqhn; csrf_token=dc554736b154d7bec5b920415673996fb22c7adbs%3A88%3A%22dUZEcmF5d2M4OGUyVzV1UVhxQlRxcnJmSFdFQW1pbE7Qj1RrvRz_X2fM2TkYXiSmgAABoeE4i10hyFE5ZHADvw%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
date: Fri, 16 Sep 2022 03:19:33 GMT
etag: "62da0d84-8f6"
last-modified: Fri, 22 Jul 2022 02:37:56 GMT
server: nginx/1.23.1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 2294
X-Firefox-Spdy: h2
|
|
| westvalleypublisher.com/frontend/assets/js/app.js?av=9a3109e4 | 51.222.144.54 | 200 OK | 469 B |
URL HTTP/2westvalleypublisher.com/frontend/assets/js/app.js?av=9a3109e4 IP51.222.144.54:0
Hash5154609f598be8d873ff615d521b6d60 55165af84a2129e8432f1e96326ee686a07392bd 0ad96c8bca01a84d8b932da6e7cb095707bce86f4844acd88925b295a7422f2f
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /frontend/assets/js/app.js?av=9a3109e4 HTTP/1.1
Host: westvalleypublisher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westvalleypublisher.com/index.php/lists/ol957optsq744/confirm-unsubscribe/mq386yba9y84d/cs958nk4ele3a
Cookie: mwsid=l4affdqs42pchdvslgts85rqhn; csrf_token=dc554736b154d7bec5b920415673996fb22c7adbs%3A88%3A%22dUZEcmF5d2M4OGUyVzV1UVhxQlRxcnJmSFdFQW1pbE7Qj1RrvRz_X2fM2TkYXiSmgAABoeE4i10hyFE5ZHADvw%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
date: Fri, 16 Sep 2022 03:19:33 GMT
etag: "62da0d85-1d5"
last-modified: Fri, 22 Jul 2022 02:37:57 GMT
server: nginx/1.23.1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 469
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash7df27d4646e6e1cd358f0997ad604ea9 bf0c3feb55312e00ed8aa718458cc1e932903ac2 ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 03:19:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash7df27d4646e6e1cd358f0997ad604ea9 bf0c3feb55312e00ed8aa718458cc1e932903ac2 ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 03:19:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash7df27d4646e6e1cd358f0997ad604ea9 bf0c3feb55312e00ed8aa718458cc1e932903ac2 ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 03:19:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 45 kB |
URL HTTP/2fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:0
File typegzip compressed data, max compression\012- data Hashedddc2edbec2722f991a9890d8ed0448 8dacc618405ada84ea8406ef3f5cba9f0f02387e 34336559832d0097d486bf76caf1ccd432552ab90262a36e8a39e79b2159226b
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://westvalleypublisher.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 08:31:01 GMT
expires: Wed, 13 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 240513
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 142.250.74.163 | 200 OK | 31 kB |
URL HTTP/2fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data Hashac0d2859ea5f8fd6bcb3c305c08ec184 7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7 ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://westvalleypublisher.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 16:40:18 GMT
expires: Fri, 15 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 38356
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash7df27d4646e6e1cd358f0997ad604ea9 bf0c3feb55312e00ed8aa718458cc1e932903ac2 ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 03:19:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| westvalleypublisher.com/favicon.ico | 51.222.144.54 | 200 OK | 15 kB |
URL HTTP/2westvalleypublisher.com/favicon.ico IP51.222.144.54:0
File typeMS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data Hash2bb86c9a26f373d005ab4add4f7142a9 3cdc8a20b957071918864a0385faebeaa15f53f2 e7595933efe17cbb339cc124de6fcf5ce1b6c16e7077e45c498b77561d25ded3
GET /favicon.ico HTTP/1.1
Host: westvalleypublisher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westvalleypublisher.com/index.php/lists/ol957optsq744/confirm-unsubscribe/mq386yba9y84d/cs958nk4ele3a
Cookie: mwsid=l4affdqs42pchdvslgts85rqhn; csrf_token=dc554736b154d7bec5b920415673996fb22c7adbs%3A88%3A%22dUZEcmF5d2M4OGUyVzV1UVhxQlRxcnJmSFdFQW1pbE7Qj1RrvRz_X2fM2TkYXiSmgAABoeE4i10hyFE5ZHADvw%3D%3D%22%3B
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/x-icon
date: Fri, 16 Sep 2022 03:19:34 GMT
etag: "62da0d8b-3aee"
last-modified: Fri, 22 Jul 2022 02:38:03 GMT
server: nginx/1.23.1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 15086
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4abe181b1d086cd7e122d7de32f63fb6 e3482d4df0d59c247109ff7fb97f20ec6f142c4d 63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2997
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Fri, 16 Sep 2022 03:19:34 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4abe181b1d086cd7e122d7de32f63fb6 e3482d4df0d59c247109ff7fb97f20ec6f142c4d 63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2997
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Fri, 16 Sep 2022 03:19:34 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4abe181b1d086cd7e122d7de32f63fb6 e3482d4df0d59c247109ff7fb97f20ec6f142c4d 63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2997
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Fri, 16 Sep 2022 03:19:34 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4abe181b1d086cd7e122d7de32f63fb6 e3482d4df0d59c247109ff7fb97f20ec6f142c4d 63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2997
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Fri, 16 Sep 2022 03:19:34 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4abe181b1d086cd7e122d7de32f63fb6 e3482d4df0d59c247109ff7fb97f20ec6f142c4d 63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2997
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Fri, 16 Sep 2022 03:19:34 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png | 34.120.237.76 | 200 OK | 14 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash512280055633fcce9abc7d11a9816a24 de5c3e010fca76659455a144875a52c25fa72bdd 435eadb36830928b20d4cf8ead62134b75bd0ed3228489d9fdee66450bcbeaed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13536
x-amzn-requestid: 5533b257-1558-472b-aeb9-8207a78e1110
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDzFa4IAMF9Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb1-05d0dfde7a488ed97d2a40d5;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aCCBUNe1NErAN4RiVGCdh-sBxSnMm-XfcFzE-h8IcCq6W1Om-UX45g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:45:46 GMT
age: 20028
etag: "de5c3e010fca76659455a144875a52c25fa72bdd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28c7624e-e145-4bec-804e-f614677317dc.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28c7624e-e145-4bec-804e-f614677317dc.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc9fef3c1097b92969fcc294811a33f46 c16977ad5fb61e8c52aa37d533838c94ce596981 58396de6acba67a8fabb6daa1d7b7d4805533bead82817a7e508e5aed6ad8c0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28c7624e-e145-4bec-804e-f614677317dc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11592
x-amzn-requestid: 1cf5f5b3-66f5-41eb-8102-b72d493a4ea2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhU_-GX5IAMFa3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b99-65f2aeda73539e0d624528a1;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7Jt66U9yEt3ZDrVqJqsA6Id3-1VddMhcu-c3tf9koo7q8FHH-_AtQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:49:19 GMT
age: 19815
etag: "c16977ad5fb61e8c52aa37d533838c94ce596981"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cc7f760-37bd-48b3-a202-6f1423e82c4d.jpeg | 34.120.237.76 | 200 OK | 8.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cc7f760-37bd-48b3-a202-6f1423e82c4d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc6df210d4ad73c1cb4bf14a8b68aaaf6 50cb093cd31e53a67e0a27d9ce9439fbb8a03df8 832d746a04665e8fd808e02a3d4c4d2525fb55e8685f2c654836ebea37c4ca92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cc7f760-37bd-48b3-a202-6f1423e82c4d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8551
x-amzn-requestid: fcb8406f-a0a4-463a-8d6c-86a465867db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhUkiG2FIAMFQsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239ae9-4e2927b52b5ac3f907f52027;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:36:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: f7ER8lbphHucpnBSlWF1oGktAVq-lmLrZQUtLCSXrkEYdhYYaX6W3g==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:44:19 GMT
age: 20115
etag: "50cb093cd31e53a67e0a27d9ce9439fbb8a03df8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf876cdc19dca10c62d83d19303512c7f 9f812c7bc1b42b0cea3e42694e7d1f6738789770 c647aac44ba9eb501eb7def781ca0168b4eb71a716283cc6f4e6782939a396cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12123
x-amzn-requestid: b04ac3c4-b4d8-4094-8b7d-bd229bb7d577
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yb2GvFnEoAMF-Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63216a2a-4e5927ac3f1d0b215ce5a8dc;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 05:44:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1W0Ito5yNmHNxtYBj5jOJQ3Z2OP_Shvhpj94YUDwLHQKzt-zgqjI8A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 03:12:38 GMT
age: 416
etag: "9f812c7bc1b42b0cea3e42694e7d1f6738789770"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9f324c1-b260-459e-99b9-15f07eb8a371.jpeg | 34.120.237.76 | 200 OK | 9.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9f324c1-b260-459e-99b9-15f07eb8a371.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6df61daeab506e87fcf2705cd27551c1 e7a56868fe8a8d8bf2dc370c25da434a94d5382e 747c2d9c7e12ffd3e47e32860614cb678d1595971caca1caecb8b17b7156d545
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9f324c1-b260-459e-99b9-15f07eb8a371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9101
x-amzn-requestid: d4785813-3308-423a-bfab-26f810acc8ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhU0qE_yIAMFhGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b50-1fb25e9171579b5e070d1009;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:38:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9tC4aCtT7zf7m43vuri_sYlilA1jVuzG9WPE1t0grOeiwFMAnkg7IQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:18:38 GMT
etag: "e7a56868fe8a8d8bf2dc370c25da434a94d5382e"
content-type: image/jpeg
age: 18056
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd0c996-9a44-4dd0-b1b3-c5e213f14167.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd0c996-9a44-4dd0-b1b3-c5e213f14167.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash252e27665094eccd2f18dfed46d4e871 2656d1e3e105c1929b18ebf9b00bd603f2f410a6 ccd05f3e869946687ec611ee0d6c5a118a99f73abb1957c556e346ed522d3088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd0c996-9a44-4dd0-b1b3-c5e213f14167.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10296
x-amzn-requestid: f3bb82cc-9d5d-4dea-8a22-26b35fe603e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbIRLHBUIAMF7hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632120d4-64832ad820f6aeaf7868495d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 00:31:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nZIGf23GLhOvGdsNG2xCOca_Eo8QPU3D1EtJlGiRg3iaxCFlQMG1Qw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 03:08:13 GMT
age: 681
etag: "2656d1e3e105c1929b18ebf9b00bd603f2f410a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| westvalleypublisher.com/index.php/lists/ol957optsq744/confirm-unsubscribe/mq386yba9y84d/cs958nk4ele3a | 51.222.144.54 | 200 OK | 0 B |
URL HTTP/2westvalleypublisher.com/index.php/lists/ol957optsq744/confirm-unsubscribe/mq386yba9y84d/cs958nk4ele3a IP51.222.144.54:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /index.php/lists/ol957optsq744/confirm-unsubscribe/mq386yba9y84d/cs958nk4ele3a HTTP/1.1
Host: westvalleypublisher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Fri, 16 Sep 2022 03:19:33 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.23.1
set-cookie: mwsid=l4affdqs42pchdvslgts85rqhn; path=/; HttpOnly
csrf_token=dc554736b154d7bec5b920415673996fb22c7adbs%3A88%3A%22dUZEcmF5d2M4OGUyVzV1UVhxQlRxcnJmSFdFQW1pbE7Qj1RrvRz_X2fM2TkYXiSmgAABoeE4i10hyFE5ZHADvw%3D%3D%22%3B; path=/; HttpOnly
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.2.34
x-xss-protection: 1; mode=block, 1; mode=block
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&av=9a3109e4 | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&av=9a3109e4 IP142.250.74.10:0
GET /css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&av=9a3109e4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westvalleypublisher.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 03:19:33 GMT
date: Fri, 16 Sep 2022 03:19:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:300,400,700&av=9a3109e4 | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Open+Sans:300,400,700&av=9a3109e4 IP142.250.74.10:0
GET /css?family=Open+Sans:300,400,700&av=9a3109e4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westvalleypublisher.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 03:19:33 GMT
date: Fri, 16 Sep 2022 03:19:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700,900&av=9a3109e4 | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700,900&av=9a3109e4 IP142.250.74.10:0
GET /css?family=Roboto:300,400,700,900&av=9a3109e4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westvalleypublisher.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 03:19:33 GMT
date: Fri, 16 Sep 2022 03:19:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|