Overview

URLlegalightbulbs.com.au/
IP 43.250.142.34 (Australia)
ASN#45638 SYNERGY WHOLESALE PTY LTD
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-24 23:00:27 UTC
StatusLoading report..
IDS alerts0
Blocklist alert31
urlquery alerts No alerts detected
Tags None

Domain Summary (13)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-24 05:30:55 UTC 34.117.237.239
legalightbulbs.com.au (63) 0 2019-03-19 01:00:22 UTC 2022-11-23 15:05:17 UTC 43.250.142.34 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.36.24.174
ocsp.pki.goog (6) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-24 08:13:00 UTC 142.250.74.164
fonts.googleapis.com (2) 8877 2013-06-10 20:14:26 UTC 2022-11-24 11:11:51 UTC 142.250.74.10
fonts.gstatic.com (6) 0 2014-09-09 00:40:21 UTC 2022-11-24 11:09:52 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
r3.o.lencr.org (7) 344 No data No data 23.36.76.226
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-24 05:36:55 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-11-24 11:10:32 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-24 2 legalightbulbs.com.au/ Phishing
2022-11-24 2 legalightbulbs.com.au/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 Phishing
2022-11-24 2 legalightbulbs.com.au/wp-includes/css/classic-themes.min.css?ver=1 Phishing
2022-11-24 2 legalightbulbs.com.au/ Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/plugins/essential-grid/public/assets/font/ (...) Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/plugins/revslider/public/assets/css/rs6.cs (...) Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/plugins/wp-post-modal/public/css/wp-post-m (...) Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/themes/betheme/css/be.css?ver=24.0.2 Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/themes/betheme/assets/animations/animation (...) Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/themes/betheme/fonts/fontawesome/fontaweso (...) Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/themes/betheme/css/responsive.css?ver=24.0.2 Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/plugins/cleantalk-spam-protect/js/apbct-pu (...) Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/plugins/wp-post-modal/public/js/wp-post-mo (...) Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/plugins/js_composer/assets/lib/bower/font- (...) Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/plugins/js_composer/assets/lib/vc_carousel (...) Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/plugins/contact-form-7/includes/js/index.j (...) Phishing
2022-11-24 2 legalightbulbs.com.au/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 Phishing
2022-11-24 2 legalightbulbs.com.au/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2 Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/themes/betheme/js/menu.js?ver=24.0.2 Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/themes/betheme/js/scripts.js?ver=24.0.2 Phishing
2022-11-24 2 legalightbulbs.com.au/wp-includes/js/dist/vendor/regenerator-runtime.min.js (...) Phishing
2022-11-24 2 legalightbulbs.com.au/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/plugins/contact-form-7/modules/recaptcha/i (...) Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/plugins/js_composer/assets/lib/vc_carousel (...) Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/plugins/js_composer/assets/lib/vc_carousel (...) Phishing
2022-11-24 2 legalightbulbs.com.au/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/themes/betheme/assets/jplayer/css/jplayer. (...) Phishing
2022-11-24 2 legalightbulbs.com.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/plugins/revslider/public/assets/js/rbtools (...) Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/themes/betheme/js/plugins.js?ver=24.0.2 Phishing
2022-11-24 2 legalightbulbs.com.au/wp-content/plugins/revslider/public/assets/js/rs6.min (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 43.250.142.34
Date UQ / IDS / BL URL IP
2022-11-24 23:00:27 +0000 0 - 0 - 31 legalightbulbs.com.au/ 43.250.142.34
2022-11-07 18:41:03 +0000 0 - 0 - 1 lukehadaj.com.au/20200109_lukehadajgraphicweb (...) 43.250.142.34


Last 5 reports on ASN: SYNERGY WHOLESALE PTY LTD
Date UQ / IDS / BL URL IP
2023-02-05 04:25:14 +0000 0 - 3 - 1 vaughancivil.com.au/wp-content/uploads/syn06c (...) 43.250.142.50
2023-02-05 02:56:54 +0000 0 - 3 - 1 evolveretail.com.au/wp-content/uploads/typehu (...) 103.42.110.3
2023-02-05 00:38:06 +0000 0 - 2 - 1 evolveretail.com.au/wp-content/uploads/typehu (...) 103.42.110.3
2023-02-04 15:03:11 +0000 0 - 0 - 52 sportsstart.com.au/ 43.250.142.138
2023-02-04 12:51:32 +0000 0 - 2 - 1 evolveretail.com.au/wp-content/uploads/typehu (...) 103.42.110.3


Last 1 reports on domain: legalightbulbs.com.au
Date UQ / IDS / BL URL IP
2022-11-24 23:00:27 +0000 0 - 0 - 31 legalightbulbs.com.au/ 43.250.142.34


No other reports with similar screenshot

JavaScript

Executed Scripts (36)

Executed Evals (5)
#1 JavaScript::Eval (size: 22) - SHA256: c4e7ca158015332be1df536c970a209b44cb4744fae720ed1caaefdc87f37f93
0,
function(R) {
    HW(R, 1)
}
#2 JavaScript::Eval (size: 64) - SHA256: 14ed98b8b82987bce49c9e6a0f9b620434ec92ad83e9815037257823fe34071e
0,
function(R, w, q) {
    k((q = (w = (q = P(R), P(R)), R).K[q] && Z(q, R), w), R, q)
}
#3 JavaScript::Eval (size: 22) - SHA256: d8fc182869d21957579c2a09eae263e41ab53e4c30c4ffa96d93584a64eb6f77
0,
function(R) {
    HW(R, 2)
}
#4 JavaScript::Eval (size: 15568) - SHA256: ac67106da7775f013b7cb9730c8cde5cfa186d74c2bff74fe27579bb046366be
/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var q = function(b, R) {
            if ((R = (b = K.trustedTypes, null), !b) || !b.createPolicy) return R;
            try {
                R = b.createPolicy("bg", {
                    createHTML: O,
                    createScript: O,
                    createScriptURL: O
                })
            } catch (I) {
                K.console && K.console.error(I.message)
            }
            return R
        },
        K = this || self,
        O = function(b) {
            return b
        };
    (0, eval)(function(b, R) {
        return (R = q()) && 1 === b.eval(R.createScript("1")) ? function(I) {
            return R.createScript(I)
        } : function(I) {
            return "" + I
        }
    }(K)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var z=this||self,bo=function(b,I,K,O){(K=P((O=P(b),b)),x)(K,b,v(I,Z(O,b)))},R8=function(b,I,K){if("object"==(I=typeof b,I))if(b){if(b instanceof Array)return"array";if(b instanceof Object)return I;if("[object Window]"==(K=Object.prototype.toString.call(b),K))return"object";if("[object Array]"==K||"number"==typeof b.length&&"undefined"!=typeof b.splice&&"undefined"!=typeof b.propertyIsEnumerable&&!b.propertyIsEnumerable("splice"))return"array";if("[object Function]"==K||"undefined"!=typeof b.call&&"undefined"!=typeof b.propertyIsEnumerable&&!b.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==I&&"undefined"==typeof b.call)return"object";return I},Z=function(b,I){if(void 0===(I=I.K[b],I))throw[D,30,b];if(I.value)return I.create();return I.create(1*b*b+-48*b+-64),I.prototype},f=function(b,I){I.s=((I.s?I.s+"~":"E:")+b.message+":"+b.stack).slice(0,2048)},I8=function(b,I){(I.push(b[0]<<24|b[1]<<16|b[2]<<8|b[3]),I.push(b[4]<<24|b[5]<<16|b[6]<<8|b[7]),I).push(b[8]<<24|b[9]<<16|b[10]<<8|b[11])},O1=function(b,I,K,O){function y(){}return{invoke:(O=K2(b,(K=void 0,function(R){y&&(I&&J(I),K=R,y(),y=void 0)}),!!I)[0],function(R,w,q,N){function u(){K(function(M){J(function(){R(M)})},q)}if(!w)return w=O(q),R&&R(w),w;K?u():(N=y,y=function(){(N(),J)(u)})})}},yj=function(b,I,K,O){return Z(356,(k(319,(wl(b,(O=Z(319,b),b.H&&O<b.j?(k(319,b,b.j),qO(b,K)):k(319,b,K),I)),b),O),b))},A=function(b,I,K,O,y,R,w,q,N){if(O.L+=((w=(y=(N=(R=(q=(K||O.i++,0<O.P&&O.I)&&O.KI&&1>=O.v&&!O.C&&!O.g&&(!K||1<O.Z-b)&&0==document.hidden,4==O.i))||q?O.D():O.F,N-O.F),y>>14),O.V)&&(O.V^=w*(y<<2)),O.A=w||O.A,w),R||q)O.F=N,O.i=0;if(!q||N-O.X<O.P-(I?255:K?5:2))return false;return(k((I=Z((O.Z=b,K?351:319),O),319),O,O.j),O.R).push([zJ,I,K?b+1:b]),O.g=J,true},io=function(b,I){return I[b]<<24|I[(b|0)+1]<<16|I[(b|0)+2]<<8|I[(b|0)+3]},qO=function(b,I){k(319,((b.rt.push(b.K.slice()),b).K[319]=void 0,b),I)},V=function(b,I,K){I[k(K,b,I),uo]=2796},JW=function(b,I,K,O,y){for((b.pI=MO(b.h,((b.kG=(b.fI=b[E],o8),b).Q2=PW,{get:function(){return this.concat()}})),b).ju=p[b.h](b.pI,{value:{value:{}}}),y=[],O=0;128>O;O++)y[O]=String.fromCharCode(O);C(true,true,(l(((l([(V(b,(V(b,function(R,w){(w=Z(P(R),R),qO)(R.A,w)},(V(b,function(R,w,q,N){k((w=g((N=P(R),R)),q=P(R),q),R,Z(N,R)>>>w)},(k(97,(V((V(b,(k(230,b,(V(b,(b.uf=(k((k(162,b,(V(b,function(R,w,q,N){(N=Z((w=(q=(w=P(R),N=P(R),P(R)),Z)(w,R),N),R),k)(q,R,+(w==N))},(V(b,(V((V(b,(V(b,(V(b,(V(b,function(R){bo(R,1)},(k(17,((V(b,(b.HZ=(V(b,function(R,w){R=(w=P(R),Z(w,R.A)),R[0].removeEventListener(R[1],R[2],c)},(k(507,b,(V(b,function(R,w,q,N,u,M,H){for(u=(q=Z(92,(w=(H=mj((N=P(R),R)),""),R)),q.length),M=0;H--;)M=((M|0)+(mj(R)|0))%u,w+=y[q[M]];k(N,R,w)},((V(b,((V((k((k(366,(k(356,b,(V(b,(V(b,(V(b,(V((k(182,(k(305,(k((b.Su=(V(b,(V(b,function(R,w,q){A(w,false,true,R)||(w=P(R),q=P(R),k(q,R,function(N){return eval(N)}(xP(Z(w,R.A)))))},(V(b,function(R){HW(R,4)},(k((b.s=(b.DP=(b.L=1,b.G=void 0,b.rt=[],b.KI=false,(b.W=void 0,b.Y=0,b.X=(b.o=(b.A=b,[]),b.l=(b.v=0,O=(b.g=null,b.j=0,(b.S=(b.N=false,void 0),b.wt=0,window).performance)||{},(b.P=0,b).I=!(b.Z=8001,1),b.H=[],[]),(b.i=void 0,b.U=25,b.C=void 0,b.R=[],(b.V=void 0,b).RQ=function(R){this.A=R},b).K=[],0),(b.F=0,O).timeOrigin||(O.timing||{}).navigationStart)||0),void 0),319),b,0),k(351,b,0),475)),168)),function(R,w,q){0!=(q=Z((w=P(R),q=P(R),q),R),Z(w,R))&&k(319,R,q)}),342),0),253),b,[]),b),b),b),0),b),function(R){bo(R,4)},267),function(R,w,q,N,u){(q=(u=Z((w=Z((u=P((q=(N=(w=P(R),P)(R),P)(R),R)),w),R.A),u),R),N=Z(N,R),Z)(q,R),0)!==w&&(q=vW(1,R,u,q,w,N),w.addEventListener(N,q,c),k(182,R,[w,N,q]))}),261),function(R,w,q,N,u){(w=(q=P((N=(u=P(R),P)(R),R)),P(R)),q=Z(q,R),w=Z(w,R),N=Z(N,R),k)(u,R,vW(w,R,q,N))}),222),function(R,w,q,N){(w=P((N=(q=P(R),P)(R),R)),k)(w,R,Z(q,R)||Z(N,R))}),381),{})),b),0),270),b,z),b),function(R){Zb(R,3)},395),V)(b,function(R,w,q){k((q=Z((w=P((q=P(R),R)),q),R),q=R8(q),w),R,q)},405),function(R,w,q,N){!A(w,false,true,R)&&(w=rl(R),q=w.J,N=w.AN,R.A==R||q==R.RQ&&N==R)&&(k(w.aQ,R,q.apply(N,w.O)),R.F=R.D())}),234),V)(b,function(R){Zb(R,4)},203),335)),[160,0,0])),206)),0),function(){}),503),V)(b,function(R,w,q,N,u,M,H,r,m,L,X,G){function Q(n,h){for(;q<n;)G|=g(R)<<q,q+=8;return h=G&(1<<n)-1,q-=n,G>>=n,h}for(X=(L=(q=G=(M=P(R),0),(Q(3)|0)+1),u=Q(5),N=0),m=[];N<u;N++)H=Q(1),m.push(H),X+=H?0:1;for(X=(w=(N=((X|0)-1).toString(2).length,[]),0);X<u;X++)m[X]||(w[X]=Q(N));for(N=0;N<u;N++)m[N]&&(w[N]=P(R));for(r=[];L--;)r.push(Z(P(R),R));V(R,function(n,h,Y,NO,t){for(h=(NO=[],0),Y=[];h<u;h++){if(t=w[h],!m[h]){for(;t>=Y.length;)Y.push(P(n));t=Y[t]}NO.push(t)}n.S=Db(n,(n.C=Db(n,r.slice()),NO))},M)},94),b),[]),367)),function(R,w,q,N){(N=Z((q=Z((w=(q=P(R),P)(R),q),R),w),R),k)(w,R,N+q)}),58),function(R,w,q,N,u,M){if(!A(w,true,true,R)){if("object"==R8((R=Z((M=(w=(M=(q=(w=(N=P(R),P)(R),P(R)),P(R)),Z)(w,R),Z)(M,R),q=Z(q,R),N),R),R))){for(u in N=[],R)N.push(u);R=N}for(N=(u=(q=0<q?q:1,0),R).length;u<N;u+=q)w(R.slice(u,(u|0)+(q|0)),M)}}),341),function(R,w,q,N){if(w=R.rt.pop()){for(q=g(R);0<q;q--)N=P(R),w[N]=R.K[N];R.K=(w[253]=R.K[253],w[97]=R.K[97],w)}else k(319,R,R.j)}),327),b),function(R,w,q){w=P(R),q=P(R),k(q,R,""+Z(w,R))},455),function(R,w,q,N,u){for(q=(u=P(R),w=mj(R),N=[],0);q<w;q++)N.push(g(R));k(u,R,N)}),34),117)),T)(4)),205),b,524),0),function(R,w,q,N){N=(w=P((q=(N=P(R),P(R)),R)),Z(N,R)),q=Z(q,R),k(w,R,N in q|0)}),79),[0,0,0])),function(R,w,q,N,u){(q=(u=(N=P(R),P(R)),P)(R),R).A==R&&(q=Z(q,R),w=Z(N,R),u=Z(u,R),w[u]=q,377==N&&(R.G=void 0,2==u&&(R.V=B(32,R,false),R.G=void 0)))}),474),b),function(R,w,q,N,u,M){A(w,false,true,R)||(N=rl(R.A),w=N.AN,M=N.O,q=N.J,u=M.length,N=N.aQ,w=0==u?new w[q]:1==u?new w[q](M[0]):2==u?new w[q](M[0],M[1]):3==u?new w[q](M[0],M[1],M[2]):4==u?new w[q](M[0],M[1],M[2],M[3]):2(),k(N,R,w))},317),b),2048),89)),473)),function(R,w,q,N){k((N=(q=Z((w=P((N=(q=P(R),P(R)),R)),q),R),Z(N,R)),w),R,q[N])}),380),uo)],b),l)([S,I],b),[f2,K]),b),b))},l=function(b,I){I.R.splice(0,0,b)},XO=function(b,I,K,O){try{O=b[((I|0)+2)%3],b[I]=(b[I]|0)-(b[((I|0)+1)%3]|0)-(O|0)^(1==I?O<<K:O>>>K)}catch(y){throw y;}},n2=function(b,I,K){if(3==b.length){for(K=0;3>K;K++)I[K]+=b[K];for(b=[13,8,13,12,16,5,3,10,15],K=0;9>K;K++)I[3](I,K%3,b[K])}},GJ=function(b,I,K,O,y){for(y=(K=K[3]|(O=K[2]|0,0),0);14>y;y++)I=I>>>8|I<<24,I+=b|0,K=K>>>8|K<<24,b=b<<3|b>>>29,I^=O+2298,K+=O|0,K^=y+2298,b^=I,O=O<<3|O>>>29,O^=K;return[b>>>24&255,b>>>16&255,b>>>8&255,b>>>0&255,I>>>24&255,I>>>16&255,I>>>8&255,I>>>0&255]},v=function(b,I,K,O){for(K=(b|0)-1,O=[];0<=K;K--)O[(b|0)-1-(K|0)]=I>>8*K&255;return O},wl=function(b,I,K,O,y,R){if(!b.s){b.v++;try{for(R=(y=(K=b.j,void 0),0);--I;)try{if((O=void 0,b).C)y=hW(b,b.C);else{if(R=Z(319,b),R>=K)break;O=P((k(351,b,R),b)),y=Z(O,b)}A((y&&y[$P]&2048?y(b,I):e([D,21,O],b,0),I),false,false,b)}catch(w){Z(205,b)?e(w,b,22):k(205,b,w)}if(!I){if(b.CI){b.v--,wl(b,216630971487);return}e([D,33],b,0)}}catch(w){try{e(w,b,22)}catch(q){f(q,b)}}b.v--}},rl=function(b,I,K,O,y,R){for(R=(K=((O=(I=b[kP]||{},P(b)),I.aQ=P(b),I).O=[],b.A==b?(g(b)|0)-1:1),P(b)),y=0;y<K;y++)I.O.push(P(b));for(;K--;)I.O[K]=Z(I.O[K],b);return(I.J=Z(O,b),I).AN=Z(R,b),I},vW=function(b,I,K,O,y,R){function w(){if(I.A==I){if(I.K){var q=[F,O,K,void 0,y,R,arguments];if(2==b)var N=C(false,false,(l(q,I),I));else if(1==b){var u=!I.R.length;(l(q,I),u)&&C(false,false,I)}else N=AW(I,q);return N}y&&R&&y.removeEventListener(R,w,c)}}return w},E1=function(b,I,K,O,y,R,w,q){return O=[-9,-48,48,29,-71,-79,O,-95,27,81],R=Vj,q=b&7,y=p[K.h](K.pI),y[K.h]=function(N){q+=(w=N,6+7*b),q&=7},y.concat=function(N){return(w=(N=(N=-46*I*I*w- -2208*I*w+(N=I%16+1,1*I*I*N)+q+46*w*w+O[q+27&7]*I*N- -2944*w+(R()|0)*N-N*w,O)[N],void 0),O[(q+21&7)+(b&2)]=N,O)[q+(b&2)]=-48,N},y},C=function(b,I,K,O,y,R){if(K.R.length){K.I=(K.KI=(K.I&&0(),b),true);try{y=K.D(),K.F=y,K.X=y,K.i=0,O=p2(b,K),R=K.D()-K.X,K.Y+=R,R<(I?0:10)||0>=K.U--||(R=Math.floor(R),K.o.push(254>=R?R:254))}finally{K.I=false}return O}},J=z.requestIdleCallback?function(b){requestIdleCallback(function(){b()},{timeout:4})}:z.setImmediate?function(b){setImmediate(b)}:function(b){setTimeout(b,0)},e=function(b,I,K,O,y,R){if(!I.N){if((b=(K=(0==(R=Z(253,((O=void 0,b)&&b[0]===D&&(O=b[2],K=b[1],b=void 0),I)),R).length&&(y=Z(351,I)>>3,R.push(K,y>>8&255,y&255),void 0!=O&&R.push(O&255)),""),b&&(b.message&&(K+=b.message),b.stack&&(K+=":"+b.stack)),Z)(97,I),3)<b){I.A=(K=(b-=(K=K.slice(0,(b|0)-3),(K.length|0)+3),Qj)(K),O=I.A,I);try{x(162,I,v(2,K.length).concat(K),9)}finally{I.A=O}}k(97,I,b)}},HW=function(b,I,K,O){for(K=(O=P(b),0);0<I;I--)K=K<<8|g(b);k(O,b,K)},FO=function(b,I){return I(function(K){K(b)}),[function(){return b}]},cW=function(b,I,K){return I.B(function(O){K=O},false,b),K},x=function(b,I,K,O,y,R){if(I.A==I)for(R=Z(b,I),162==b?(b=function(w,q,N,u){if((u=(q=R.length,(q|0)-4>>3),R.hN)!=u){u=(u<<(N=[0,0,y[R.hN=u,1],y[2]],3))-4;try{R.bf=GJ(io(u,R),io((u|0)+4,R),N)}catch(M){throw M;}}R.push(R.bf[q&7]^w)},y=Z(230,I)):b=function(w){R.push(w)},O&&b(O&255),I=K.length,O=0;O<I;O++)b(K[O])},TJ=function(b,I){if((I=(b=null,z).trustedTypes,!I)||!I.createPolicy)return b;try{b=I.createPolicy("bg",{createHTML:gl,createScript:gl,createScriptURL:gl})}catch(K){z.console&&z.console.error(K.message)}return b},p2=function(b,I,K,O){for(;I.R.length;){K=(I.g=null,I).R.pop();try{O=AW(I,K)}catch(y){f(y,I)}if(b&&I.g){b=I.g,b(function(){C(true,true,I)});break}}return O},AW=function(b,I,K,O,y){if(O=I[0],O==W)b.U=25,b.u(I);else if(O==E){K=I[1];try{y=b.s||b.u(I)}catch(R){f(R,b),y=b.s}K(y)}else if(O==zJ)b.u(I);else if(O==S)b.u(I);else if(O==f2){try{for(y=0;y<b.l.length;y++)try{K=b.l[y],K[0][K[1]](K[2])}catch(R){}}catch(R){}(0,I[b.l=[],1])(function(R,w){b.B(R,true,w)},function(R){l([$P],(R=!b.R.length,b)),R&&C(true,false,b)})}else{if(O==F)return y=I[2],k(332,b,I[6]),k(356,b,y),b.u(I);O==$P?(b.H=[],b.K=null,b.o=[]):O==uo&&"loading"===z.document.readyState&&(b.g=function(R,w){function q(){w||(w=true,R())}z.document.addEventListener("DOMContentLoaded",q,(w=false,c)),z.addEventListener("load",q,c)})}},MO=function(b,I){return p[b](p.prototype,{pop:I,call:I,splice:I,document:I,replace:I,prototype:I,length:I,propertyIsEnumerable:I,floor:I,console:I,parent:I,stack:I})},Db=function(b,I,K){return K=p[b.h](b.ju),K[b.h]=function(){return I},K.concat=function(O){I=O},K},a,Zb=function(b,I,K,O,y){(((y=(K=P((I&=(O=I&3,4),y=P(b),b)),Z)(y,b),I)&&(y=Qj(""+y)),O)&&x(K,b,v(2,y.length)),x)(K,b,y)},B=function(b,I,K,O,y,R,w,q,N,u,M,H,r,m){if((r=Z(319,I),r)>=I.j)throw[D,31];for(w=r,u=(H=I.fI.length,b),q=0;0<u;)M=w%8,R=8-(M|0),N=w>>3,R=R<u?R:u,O=I.H[N],K&&(y=I,y.G!=w>>6&&(y.G=w>>6,m=Z(377,y),y.W=GJ(y.V,y.G,[0,0,m[1],m[2]])),O^=I.W[N&H]),q|=(O>>8-(M|0)-(R|0)&(1<<R)-1)<<(u|0)-(R|0),w+=R,u-=R;return k(319,I,(K=q,(r|0)+(b|0))),K},P=function(b,I){if(b.C)return hW(b,b.S);return(I=B(8,b,true),I)&128&&(I^=128,b=B(2,b,true),I=(I<<2)+(b|0)),I},d,k=function(b,I,K){if(319==b||351==b)I.K[b]?I.K[b].concat(K):I.K[b]=Db(I,K);else{if(I.N&&377!=b)return;507==b||162==b||17==b||253==b||230==b?I.K[b]||(I.K[b]=E1(54,b,I,K)):I.K[b]=E1(137,b,I,K)}377==b&&(I.V=B(32,I,false),I.G=void 0)},Qj=function(b,I,K,O,y){for(y=(I=K=(b=b.replace(/\\r\\n/g,"\\n"),0),[]);I<b.length;I++)O=b.charCodeAt(I),128>O?y[K++]=O:(2048>O?y[K++]=O>>6|192:(55296==(O&64512)&&I+1<b.length&&56320==(b.charCodeAt(I+1)&64512)?(O=65536+((O&1023)<<10)+(b.charCodeAt(++I)&1023),y[K++]=O>>18|240,y[K++]=O>>12&63|128):y[K++]=O>>12|224,y[K++]=O>>6&63|128),y[K++]=O&63|128);return y},g=function(b){return b.C?hW(b,b.S):B(8,b,true)},T=function(b,I){for(I=[];b--;)I.push(255*Math.random()|0);return I},mj=function(b,I){return(I=g(b),I)&128&&(I=I&127|g(b)<<7),I},K2=function(b,I,K,O){return(O=d[b.substring(0,3)+"_"])?O(b.substring(3),I,K):FO(b,I)},c={passive:true,capture:true},gl=function(b){return b},U=function(b,I,K){K=this;try{JW(this,b,I)}catch(O){f(O,this),I(function(y){y(K.s)})}},hW=function(b,I){return(I=I.create().shift(),b.C.create().length||b.S.create().length)||(b.C=void 0,b.S=void 0),I},kP=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),zJ=[],f2=[],$P=((U.prototype.FY=void 0,U).prototype.T="toString",U.prototype.CI=false,[]),W=(U.prototype.eu=void 0,[]),E=[],S=[],uo=[],D={},F=[],p=(((I8,T,XO,function(){})(n2),U.prototype).h="create",D.constructor),Vj=((a=U.prototype,a.nI=function(b,I,K,O,y,R){for(R=[],K=O=0;K<b.length;K++)for(O+=I,y=y<<I|b[K];7<O;)O-=8,R.push(y>>O&255);return R},a).GP=function(b,I,K){return b^((I=(I^=I<<13,I^=I>>17,(I^I<<5)&K))||(I=1),I)},void 0),PW=(((a.D=(a.B=(a.Mm=function(){return Math.floor(this.Y+(this.D()-this.X))},a.dt=function(){return Math.floor(this.D())},a.Oj=function(b,I,K,O,y){for(y=O=0;y<b.length;y++)O+=b.charCodeAt(y),O+=O<<10,O^=O>>6;return O=(b=(O+=O<<3,O^=O>>11,O)+(O<<15)>>>0,new Number(b&(1<<I)-1)),O[0]=(b>>>I)%K,O},function(b,I,K,O,y){if(K="array"===R8(K)?K:[K],this.s)b(this.s);else try{y=[],O=!this.R.length,l([W,y,K],this),l([E,b,y],this),I&&!O||C(I,true,this)}catch(R){f(R,this),b(this.s)}}),(window.performance||{}).now?function(){return this.DP+window.performance.now()}:function(){return+new Date}),U.prototype.u=function(b,I){return Vj=(I=(b={},{}),function(){return I==b?-64:-17}),function(K,O,y,R,w,q,N,u,M,H,r,m,L,X,G){I=(u=I,b);try{if(y=K[0],y==S){L=K[1];try{for(M=H=(R=(q=atob(L),[]),0);H<q.length;H++)O=q.charCodeAt(H),255<O&&(R[M++]=O&255,O>>=8),R[M++]=O;this.H=R,this.j=this.H.length<<3,k(377,this,[0,0,0])}catch(Q){e(Q,this,17);return}wl(this,8001)}else if(y==W)K[1].push(Z(97,this),Z(162,this).length,Z(17,this).length,Z(507,this).length),k(356,this,K[2]),this.K[376]&&yj(this,8001,Z(376,this));else{if(y==E){(X=(G=v(2,((H=K[2],Z(507,this)).length|0)+2),this).A,this).A=this;try{w=Z(253,this),0<w.length&&x(507,this,v(2,w.length).concat(w),10),x(507,this,v(1,this.L),109),x(507,this,v(1,this[E].length)),q=0,N=Z(162,this),q+=Z(366,this)&2047,q-=(Z(507,this).length|0)+5,4<N.length&&(q-=(N.length|0)+3),0<q&&x(507,this,v(2,q).concat(T(q)),15),4<N.length&&x(507,this,v(2,N.length).concat(N),156)}finally{this.A=X}if(r=((M=T(2).concat(Z(507,this)),M)[1]=M[0]^6,M[3]=M[1]^G[0],M[4]=M[1]^G[1],this).sj(M))r="!"+r;else for(q=0,r="";q<M.length;q++)m=M[q][this.T](16),1==m.length&&(m="0"+m),r+=m;return Z(507,(Z(((k(97,(R=r,this),H.shift()),Z)(162,this).length=H.shift(),17),this).length=H.shift(),this)).length=H.shift(),R}if(y==zJ)yj(this,K[2],K[1]);else if(y==F)return yj(this,8001,K[1])}}finally{I=u}}}(),U.prototype).V2=0,U.prototype).sj=function(b,I,K,O){if(I=window.btoa){for(O=(K=0,"");K<b.length;K+=8192)O+=String.fromCharCode.apply(null,b.slice(K,K+8192));b=I(O).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else b=void 0;return b},U.prototype.XY=0,/./),o8,BW=S.pop.bind((U.prototype[f2]=[0,0,1,1,0,1,1],U.prototype[W])),xP=(o8=MO(U.prototype.h,(PW[U.prototype.T]=BW,{get:BW})),U.prototype.gt=void 0,function(b,I){return(I=TJ())&&1===b.eval(I.createScript("1"))?function(K){return I.createScript(K)}:function(K){return""+K}}(z));(40<(d=z.botguard||(z.botguard={}),d.m)||(d.m=41,d.bg=O1,d.a=K2),d).LDL_=function(b,I,K){return[(K=new U(b,I),function(O){return cW(O,K)})]};}).call(this);'));
}).call(this);
#5 JavaScript::Eval (size: 21760) - SHA256: 5787bdd8f379d599fd951de9ad6dafc65c88e41b57abb76357afd404ceb4b329
(function() {
    var z = this || self,
        bo = function(b, I, K, O) {
            (K = P((O = P(b), b)), x)(K, b, v(I, Z(O, b)))
        },
        R8 = function(b, I, K) {
            if ("object" == (I = typeof b, I))
                if (b) {
                    if (b instanceof Array) return "array";
                    if (b instanceof Object) return I;
                    if ("[object Window]" == (K = Object.prototype.toString.call(b), K)) return "object";
                    if ("[object Array]" == K || "number" == typeof b.length && "undefined" != typeof b.splice && "undefined" != typeof b.propertyIsEnumerable && !b.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == K || "undefined" != typeof b.call && "undefined" != typeof b.propertyIsEnumerable && !b.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == I && "undefined" == typeof b.call) return "object";
            return I
        },
        Z = function(b, I) {
            if (void 0 === (I = I.K[b], I)) throw [D, 30, b];
            if (I.value) return I.create();
            return I.create(1 * b * b + -48 * b + -64), I.prototype
        },
        f = function(b, I) {
            I.s = ((I.s ? I.s + "~" : "E:") + b.message + ":" + b.stack).slice(0, 2048)
        },
        I8 = function(b, I) {
            (I.push(b[0] << 24 | b[1] << 16 | b[2] << 8 | b[3]), I.push(b[4] << 24 | b[5] << 16 | b[6] << 8 | b[7]), I).push(b[8] << 24 | b[9] << 16 | b[10] << 8 | b[11])
        },
        O1 = function(b, I, K, O) {
            function y() {}
            return {
                invoke: (O = K2(b, (K = void 0, function(R) {
                    y && (I && J(I), K = R, y(), y = void 0)
                }), !!I)[0], function(R, w, q, N) {
                    function u() {
                        K(function(M) {
                            J(function() {
                                R(M)
                            })
                        }, q)
                    }
                    if (!w) return w = O(q), R && R(w), w;
                    K ? u() : (N = y, y = function() {
                        (N(), J)(u)
                    })
                })
            }
        },
        yj = function(b, I, K, O) {
            return Z(356, (k(319, (wl(b, (O = Z(319, b), b.H && O < b.j ? (k(319, b, b.j), qO(b, K)) : k(319, b, K), I)), b), O), b))
        },
        A = function(b, I, K, O, y, R, w, q, N) {
            if (O.L += ((w = (y = (N = (R = (q = (K || O.i++, 0 < O.P && O.I) && O.KI && 1 >= O.v && !O.C && !O.g && (!K || 1 < O.Z - b) && 0 == document.hidden, 4 == O.i)) || q ? O.D() : O.F, N - O.F), y >> 14), O.V) && (O.V ^= w * (y << 2)), O.A = w || O.A, w), R || q) O.F = N, O.i = 0;
            if (!q || N - O.X < O.P - (I ? 255 : K ? 5 : 2)) return false;
            return (k((I = Z((O.Z = b, K ? 351 : 319), O), 319), O, O.j), O.R).push([zJ, I, K ? b + 1 : b]), O.g = J, true
        },
        io = function(b, I) {
            return I[b] << 24 | I[(b | 0) + 1] << 16 | I[(b | 0) + 2] << 8 | I[(b | 0) + 3]
        },
        qO = function(b, I) {
            k(319, ((b.rt.push(b.K.slice()), b).K[319] = void 0, b), I)
        },
        V = function(b, I, K) {
            I[k(K, b, I), uo] = 2796
        },
        JW = function(b, I, K, O, y) {
            for ((b.pI = MO(b.h, ((b.kG = (b.fI = b[E], o8), b).Q2 = PW, {get: function() {
                        return this.concat()
                    }
                })), b).ju = p[b.h](b.pI, {
                    value: {
                        value: {}
                    }
                }), y = [], O = 0; 128 > O; O++) y[O] = String.fromCharCode(O);
            C(true, true, (l(((l([(V(b, (V(b, function(R, w) {
                (w = Z(P(R), R), qO)(R.A, w)
            }, (V(b, function(R, w, q, N) {
                k((w = g((N = P(R), R)), q = P(R), q), R, Z(N, R) >>> w)
            }, (k(97, (V((V(b, (k(230, b, (V(b, (b.uf = (k((k(162, b, (V(b, function(R, w, q, N) {
                (N = Z((w = (q = (w = P(R), N = P(R), P(R)), Z)(w, R), N), R), k)(q, R, +(w == N))
            }, (V(b, (V((V(b, (V(b, (V(b, (V(b, function(R) {
                bo(R, 1)
            }, (k(17, ((V(b, (b.HZ = (V(b, function(R, w) {
                R = (w = P(R), Z(w, R.A)), R[0].removeEventListener(R[1], R[2], c)
            }, (k(507, b, (V(b, function(R, w, q, N, u, M, H) {
                for (u = (q = Z(92, (w = (H = mj((N = P(R), R)), ""), R)), q.length), M = 0; H--;) M = ((M | 0) + (mj(R) | 0)) % u, w += y[q[M]];
                k(N, R, w)
            }, ((V(b, ((V((k((k(366, (k(356, b, (V(b, (V(b, (V(b, (V((k(182, (k(305, (k((b.Su = (V(b, (V(b, function(R, w, q) {
                A(w, false, true, R) || (w = P(R), q = P(R), k(q, R, function(N) {
                    return eval(N)
                }(xP(Z(w, R.A)))))
            }, (V(b, function(R) {
                HW(R, 4)
            }, (k((b.s = (b.DP = (b.L = 1, b.G = void 0, b.rt = [], b.KI = false, (b.W = void 0, b.Y = 0, b.X = (b.o = (b.A = b, []), b.l = (b.v = 0, O = (b.g = null, b.j = 0, (b.S = (b.N = false, void 0), b.wt = 0, window).performance) || {}, (b.P = 0, b).I = !(b.Z = 8001, 1), b.H = [], []), (b.i = void 0, b.U = 25, b.C = void 0, b.R = [], (b.V = void 0, b).RQ = function(R) {
                this.A = R
            }, b).K = [], 0), (b.F = 0, O).timeOrigin || (O.timing || {}).navigationStart) || 0), void 0), 319), b, 0), k(351, b, 0), 475)), 168)), function(R, w, q) {
                0 != (q = Z((w = P(R), q = P(R), q), R), Z(w, R)) && k(319, R, q)
            }), 342), 0), 253), b, []), b), b), b), 0), b), function(R) {
                bo(R, 4)
            }, 267), function(R, w, q, N, u) {
                (q = (u = Z((w = Z((u = P((q = (N = (w = P(R), P)(R), P)(R), R)), w), R.A), u), R), N = Z(N, R), Z)(q, R), 0) !== w && (q = vW(1, R, u, q, w, N), w.addEventListener(N, q, c), k(182, R, [w, N, q]))
            }), 261), function(R, w, q, N, u) {
                (w = (q = P((N = (u = P(R), P)(R), R)), P(R)), q = Z(q, R), w = Z(w, R), N = Z(N, R), k)(u, R, vW(w, R, q, N))
            }), 222), function(R, w, q, N) {
                (w = P((N = (q = P(R), P)(R), R)), k)(w, R, Z(q, R) || Z(N, R))
            }), 381), {})), b), 0), 270), b, z), b), function(R) {
                Zb(R, 3)
            }, 395), V)(b, function(R, w, q) {
                k((q = Z((w = P((q = P(R), R)), q), R), q = R8(q), w), R, q)
            }, 405), function(R, w, q, N) {
                !A(w, false, true, R) && (w = rl(R), q = w.J, N = w.AN, R.A == R || q == R.RQ && N == R) && (k(w.aQ, R, q.apply(N, w.O)), R.F = R.D())
            }), 234), V)(b, function(R) {
                Zb(R, 4)
            }, 203), 335)), [160, 0, 0])), 206)), 0), function() {}), 503), V)(b, function(R, w, q, N, u, M, H, r, m, L, X, G) {
                function Q(n, h) {
                    for (; q < n;) G |= g(R) << q, q += 8;
                    return h = G & (1 << n) - 1, q -= n, G >>= n, h
                }
                for (X = (L = (q = G = (M = P(R), 0), (Q(3) | 0) + 1), u = Q(5), N = 0), m = []; N < u; N++) H = Q(1), m.push(H), X += H ? 0 : 1;
                for (X = (w = (N = ((X | 0) - 1).toString(2).length, []), 0); X < u; X++) m[X] || (w[X] = Q(N));
                for (N = 0; N < u; N++) m[N] && (w[N] = P(R));
                for (r = []; L--;) r.push(Z(P(R), R));
                V(R, function(n, h, Y, NO, t) {
                    for (h = (NO = [], 0), Y = []; h < u; h++) {
                        if (t = w[h], !m[h]) {
                            for (; t >= Y.length;) Y.push(P(n));
                            t = Y[t]
                        }
                        NO.push(t)
                    }
                    n.S = Db(n, (n.C = Db(n, r.slice()), NO))
                }, M)
            }, 94), b), []), 367)), function(R, w, q, N) {
                (N = Z((q = Z((w = (q = P(R), P)(R), q), R), w), R), k)(w, R, N + q)
            }), 58), function(R, w, q, N, u, M) {
                if (!A(w, true, true, R)) {
                    if ("object" == R8((R = Z((M = (w = (M = (q = (w = (N = P(R), P)(R), P(R)), P(R)), Z)(w, R), Z)(M, R), q = Z(q, R), N), R), R))) {
                        for (u in N = [], R) N.push(u);
                        R = N
                    }
                    for (N = (u = (q = 0 < q ? q : 1, 0), R).length; u < N; u += q) w(R.slice(u, (u | 0) + (q | 0)), M)
                }
            }), 341), function(R, w, q, N) {
                if (w = R.rt.pop()) {
                    for (q = g(R); 0 < q; q--) N = P(R), w[N] = R.K[N];
                    R.K = (w[253] = R.K[253], w[97] = R.K[97], w)
                } else k(319, R, R.j)
            }), 327), b), function(R, w, q) {
                w = P(R), q = P(R), k(q, R, "" + Z(w, R))
            }, 455), function(R, w, q, N, u) {
                for (q = (u = P(R), w = mj(R), N = [], 0); q < w; q++) N.push(g(R));
                k(u, R, N)
            }), 34), 117)), T)(4)), 205), b, 524), 0), function(R, w, q, N) {
                N = (w = P((q = (N = P(R), P(R)), R)), Z(N, R)), q = Z(q, R), k(w, R, N in q | 0)
            }), 79), [0, 0, 0])), function(R, w, q, N, u) {
                (q = (u = (N = P(R), P(R)), P)(R), R).A == R && (q = Z(q, R), w = Z(N, R), u = Z(u, R), w[u] = q, 377 == N && (R.G = void 0, 2 == u && (R.V = B(32, R, false), R.G = void 0)))
            }), 474), b), function(R, w, q, N, u, M) {
                A(w, false, true, R) || (N = rl(R.A), w = N.AN, M = N.O, q = N.J, u = M.length, N = N.aQ, w = 0 == u ? new w[q] : 1 == u ? new w[q](M[0]) : 2 == u ? new w[q](M[0], M[1]) : 3 == u ? new w[q](M[0], M[1], M[2]) : 4 == u ? new w[q](M[0], M[1], M[2], M[3]) : 2(), k(N, R, w))
            }, 317), b), 2048), 89)), 473)), function(R, w, q, N) {
                k((N = (q = Z((w = P((N = (q = P(R), P(R)), R)), q), R), Z(N, R)), w), R, q[N])
            }), 380), uo)], b), l)([S, I], b), [f2, K]), b), b))
        },
        l = function(b, I) {
            I.R.splice(0, 0, b)
        },
        XO = function(b, I, K, O) {
            try {
                O = b[((I | 0) + 2) % 3], b[I] = (b[I] | 0) - (b[((I | 0) + 1) % 3] | 0) - (O | 0) ^ (1 == I ? O << K : O >>> K)
            } catch (y) {
                throw y;
            }
        },
        n2 = function(b, I, K) {
            if (3 == b.length) {
                for (K = 0; 3 > K; K++) I[K] += b[K];
                for (b = [13, 8, 13, 12, 16, 5, 3, 10, 15], K = 0; 9 > K; K++) I[3](I, K % 3, b[K])
            }
        },
        GJ = function(b, I, K, O, y) {
            for (y = (K = K[3] | (O = K[2] | 0, 0), 0); 14 > y; y++) I = I >>> 8 | I << 24, I += b | 0, K = K >>> 8 | K << 24, b = b << 3 | b >>> 29, I ^= O + 2298, K += O | 0, K ^= y + 2298, b ^= I, O = O << 3 | O >>> 29, O ^= K;
            return [b >>> 24 & 255, b >>> 16 & 255, b >>> 8 & 255, b >>> 0 & 255, I >>> 24 & 255, I >>> 16 & 255, I >>> 8 & 255, I >>> 0 & 255]
        },
        v = function(b, I, K, O) {
            for (K = (b | 0) - 1, O = []; 0 <= K; K--) O[(b | 0) - 1 - (K | 0)] = I >> 8 * K & 255;
            return O
        },
        wl = function(b, I, K, O, y, R) {
            if (!b.s) {
                b.v++;
                try {
                    for (R = (y = (K = b.j, void 0), 0); --I;) try {
                        if ((O = void 0, b).C) y = hW(b, b.C);
                        else {
                            if (R = Z(319, b), R >= K) break;
                            O = P((k(351, b, R), b)), y = Z(O, b)
                        }
                        A((y && y[$P] & 2048 ? y(b, I) : e([D, 21, O], b, 0), I), false, false, b)
                    } catch (w) {
                        Z(205, b) ? e(w, b, 22) : k(205, b, w)
                    }
                    if (!I) {
                        if (b.CI) {
                            b.v--, wl(b, 216630971487);
                            return
                        }
                        e([D, 33], b, 0)
                    }
                } catch (w) {
                    try {
                        e(w, b, 22)
                    } catch (q) {
                        f(q, b)
                    }
                }
                b.v--
            }
        },
        rl = function(b, I, K, O, y, R) {
            for (R = (K = ((O = (I = b[kP] || {}, P(b)), I.aQ = P(b), I).O = [], b.A == b ? (g(b) | 0) - 1 : 1), P(b)), y = 0; y < K; y++) I.O.push(P(b));
            for (; K--;) I.O[K] = Z(I.O[K], b);
            return (I.J = Z(O, b), I).AN = Z(R, b), I
        },
        vW = function(b, I, K, O, y, R) {
            function w() {
                if (I.A == I) {
                    if (I.K) {
                        var q = [F, O, K, void 0, y, R, arguments];
                        if (2 == b) var N = C(false, false, (l(q, I), I));
                        else if (1 == b) {
                            var u = !I.R.length;
                            (l(q, I), u) && C(false, false, I)
                        } else N = AW(I, q);
                        return N
                    }
                    y && R && y.removeEventListener(R, w, c)
                }
            }
            return w
        },
        E1 = function(b, I, K, O, y, R, w, q) {
            return O = [-9, -48, 48, 29, -71, -79, O, -95, 27, 81], R = Vj, q = b & 7, y = p[K.h](K.pI), y[K.h] = function(N) {
                q += (w = N, 6 + 7 * b), q &= 7
            }, y.concat = function(N) {
                return (w = (N = (N = -46 * I * I * w - -2208 * I * w + (N = I % 16 + 1, 1 * I * I * N) + q + 46 * w * w + O[q + 27 & 7] * I * N - -2944 * w + (R() | 0) * N - N * w, O)[N], void 0), O[(q + 21 & 7) + (b & 2)] = N, O)[q + (b & 2)] = -48, N
            }, y
        },
        C = function(b, I, K, O, y, R) {
            if (K.R.length) {
                K.I = (K.KI = (K.I && 0(), b), true);
                try {
                    y = K.D(), K.F = y, K.X = y, K.i = 0, O = p2(b, K), R = K.D() - K.X, K.Y += R, R < (I ? 0 : 10) || 0 >= K.U-- || (R = Math.floor(R), K.o.push(254 >= R ? R : 254))
                } finally {
                    K.I = false
                }
                return O
            }
        },
        J = z.requestIdleCallback ? function(b) {
            requestIdleCallback(function() {
                b()
            }, {
                timeout: 4
            })
        } : z.setImmediate ? function(b) {
            setImmediate(b)
        } : function(b) {
            setTimeout(b, 0)
        },
        e = function(b, I, K, O, y, R) {
            if (!I.N) {
                if ((b = (K = (0 == (R = Z(253, ((O = void 0, b) && b[0] === D && (O = b[2], K = b[1], b = void 0), I)), R).length && (y = Z(351, I) >> 3, R.push(K, y >> 8 & 255, y & 255), void 0 != O && R.push(O & 255)), ""), b && (b.message && (K += b.message), b.stack && (K += ":" + b.stack)), Z)(97, I), 3) < b) {
                    I.A = (K = (b -= (K = K.slice(0, (b | 0) - 3), (K.length | 0) + 3), Qj)(K), O = I.A, I);
                    try {
                        x(162, I, v(2, K.length).concat(K), 9)
                    } finally {
                        I.A = O
                    }
                }
                k(97, I, b)
            }
        },
        HW = function(b, I, K, O) {
            for (K = (O = P(b), 0); 0 < I; I--) K = K << 8 | g(b);
            k(O, b, K)
        },
        FO = function(b, I) {
            return I(function(K) {
                K(b)
            }), [function() {
                return b
            }]
        },
        cW = function(b, I, K) {
            return I.B(function(O) {
                K = O
            }, false, b), K
        },
        x = function(b, I, K, O, y, R) {
            if (I.A == I)
                for (R = Z(b, I), 162 == b ? (b = function(w, q, N, u) {
                        if ((u = (q = R.length, (q | 0) - 4 >> 3), R.hN) != u) {
                            u = (u << (N = [0, 0, y[R.hN = u, 1], y[2]], 3)) - 4;
                            try {
                                R.bf = GJ(io(u, R), io((u | 0) + 4, R), N)
                            } catch (M) {
                                throw M;
                            }
                        }
                        R.push(R.bf[q & 7] ^ w)
                    }, y = Z(230, I)) : b = function(w) {
                        R.push(w)
                    }, O && b(O & 255), I = K.length, O = 0; O < I; O++) b(K[O])
        },
        TJ = function(b, I) {
            if ((I = (b = null, z).trustedTypes, !I) || !I.createPolicy) return b;
            try {
                b = I.createPolicy("bg", {
                    createHTML: gl,
                    createScript: gl,
                    createScriptURL: gl
                })
            } catch (K) {
                z.console && z.console.error(K.message)
            }
            return b
        },
        p2 = function(b, I, K, O) {
            for (; I.R.length;) {
                K = (I.g = null, I).R.pop();
                try {
                    O = AW(I, K)
                } catch (y) {
                    f(y, I)
                }
                if (b && I.g) {
                    b = I.g, b(function() {
                        C(true, true, I)
                    });
                    break
                }
            }
            return O
        },
        AW = function(b, I, K, O, y) {
            if (O = I[0], O == W) b.U = 25, b.u(I);
            else if (O == E) {
                K = I[1];
                try {
                    y = b.s || b.u(I)
                } catch (R) {
                    f(R, b), y = b.s
                }
                K(y)
            } else if (O == zJ) b.u(I);
            else if (O == S) b.u(I);
            else if (O == f2) {
                try {
                    for (y = 0; y < b.l.length; y++) try {
                        K = b.l[y], K[0][K[1]](K[2])
                    } catch (R) {}
                } catch (R) {}(0, I[b.l = [], 1])(function(R, w) {
                    b.B(R, true, w)
                }, function(R) {
                    l([$P], (R = !b.R.length, b)), R && C(true, false, b)
                })
            } else {
                if (O == F) return y = I[2], k(332, b, I[6]), k(356, b, y), b.u(I);
                O == $P ? (b.H = [], b.K = null, b.o = []) : O == uo && "loading" === z.document.readyState && (b.g = function(R, w) {
                    function q() {
                        w || (w = true, R())
                    }
                    z.document.addEventListener("DOMContentLoaded", q, (w = false, c)), z.addEventListener("load", q, c)
                })
            }
        },
        MO = function(b, I) {
            return p[b](p.prototype, {
                pop: I,
                call: I,
                splice: I,
                document: I,
                replace: I,
                prototype: I,
                length: I,
                propertyIsEnumerable: I,
                floor: I,
                console: I,
                parent: I,
                stack: I
            })
        },
        Db = function(b, I, K) {
            return K = p[b.h](b.ju), K[b.h] = function() {
                return I
            }, K.concat = function(O) {
                I = O
            }, K
        },
        a, Zb = function(b, I, K, O, y) {
            (((y = (K = P((I &= (O = I & 3, 4), y = P(b), b)), Z)(y, b), I) && (y = Qj("" + y)), O) && x(K, b, v(2, y.length)), x)(K, b, y)
        },
        B = function(b, I, K, O, y, R, w, q, N, u, M, H, r, m) {
            if ((r = Z(319, I), r) >= I.j) throw [D, 31];
            for (w = r, u = (H = I.fI.length, b), q = 0; 0 < u;) M = w % 8, R = 8 - (M | 0), N = w >> 3, R = R < u ? R : u, O = I.H[N], K && (y = I, y.G != w >> 6 && (y.G = w >> 6, m = Z(377, y), y.W = GJ(y.V, y.G, [0, 0, m[1], m[2]])), O ^= I.W[N & H]), q |= (O >> 8 - (M | 0) - (R | 0) & (1 << R) - 1) << (u | 0) - (R | 0), w += R, u -= R;
            return k(319, I, (K = q, (r | 0) + (b | 0))), K
        },
        P = function(b, I) {
            if (b.C) return hW(b, b.S);
            return (I = B(8, b, true), I) & 128 && (I ^= 128, b = B(2, b, true), I = (I << 2) + (b | 0)), I
        },
        d, k = function(b, I, K) {
            if (319 == b || 351 == b) I.K[b] ? I.K[b].concat(K) : I.K[b] = Db(I, K);
            else {
                if (I.N && 377 != b) return;
                507 == b || 162 == b || 17 == b || 253 == b || 230 == b ? I.K[b] || (I.K[b] = E1(54, b, I, K)) : I.K[b] = E1(137, b, I, K)
            }
            377 == b && (I.V = B(32, I, false), I.G = void 0)
        },
        Qj = function(b, I, K, O, y) {
            for (y = (I = K = (b = b.replace(/\r\n/g, "\n"), 0), []); I < b.length; I++) O = b.charCodeAt(I), 128 > O ? y[K++] = O : (2048 > O ? y[K++] = O >> 6 | 192 : (55296 == (O & 64512) && I + 1 < b.length && 56320 == (b.charCodeAt(I + 1) & 64512) ? (O = 65536 + ((O & 1023) << 10) + (b.charCodeAt(++I) & 1023), y[K++] = O >> 18 | 240, y[K++] = O >> 12 & 63 | 128) : y[K++] = O >> 12 | 224, y[K++] = O >> 6 & 63 | 128), y[K++] = O & 63 | 128);
            return y
        },
        g = function(b) {
            return b.C ? hW(b, b.S) : B(8, b, true)
        },
        T = function(b, I) {
            for (I = []; b--;) I.push(255 * Math.random() | 0);
            return I
        },
        mj = function(b, I) {
            return (I = g(b), I) & 128 && (I = I & 127 | g(b) << 7), I
        },
        K2 = function(b, I, K, O) {
            return (O = d[b.substring(0, 3) + "_"]) ? O(b.substring(3), I, K) : FO(b, I)
        },
        c = {
            passive: true,
            capture: true
        },
        gl = function(b) {
            return b
        },
        U = function(b, I, K) {
            K = this;
            try {
                JW(this, b, I)
            } catch (O) {
                f(O, this), I(function(y) {
                    y(K.s)
                })
            }
        },
        hW = function(b, I) {
            return (I = I.create().shift(), b.C.create().length || b.S.create().length) || (b.C = void 0, b.S = void 0), I
        },
        kP = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        zJ = [],
        f2 = [],
        $P = ((U.prototype.FY = void 0, U).prototype.T = "toString", U.prototype.CI = false, []),
        W = (U.prototype.eu = void 0, []),
        E = [],
        S = [],
        uo = [],
        D = {},
        F = [],
        p = (((I8, T, XO, function() {})(n2), U.prototype).h = "create", D.constructor),
        Vj = ((a = U.prototype, a.nI = function(b, I, K, O, y, R) {
            for (R = [], K = O = 0; K < b.length; K++)
                for (O += I, y = y << I | b[K]; 7 < O;) O -= 8, R.push(y >> O & 255);
            return R
        }, a).GP = function(b, I, K) {
            return b ^ ((I = (I ^= I << 13, I ^= I >> 17, (I ^ I << 5) & K)) || (I = 1), I)
        }, void 0),
        PW = (((a.D = (a.B = (a.Mm = function() {
            return Math.floor(this.Y + (this.D() - this.X))
        }, a.dt = function() {
            return Math.floor(this.D())
        }, a.Oj = function(b, I, K, O, y) {
            for (y = O = 0; y < b.length; y++) O += b.charCodeAt(y), O += O << 10, O ^= O >> 6;
            return O = (b = (O += O << 3, O ^= O >> 11, O) + (O << 15) >>> 0, new Number(b & (1 << I) - 1)), O[0] = (b >>> I) % K, O
        }, function(b, I, K, O, y) {
            if (K = "array" === R8(K) ? K : [K], this.s) b(this.s);
            else try {
                y = [], O = !this.R.length, l([W, y, K], this), l([E, b, y], this), I && !O || C(I, true, this)
            } catch (R) {
                f(R, this), b(this.s)
            }
        }), (window.performance || {}).now ? function() {
            return this.DP + window.performance.now()
        } : function() {
            return +new Date
        }), U.prototype.u = function(b, I) {
            return Vj = (I = (b = {}, {}), function() {
                    return I == b ? -64 : -17
                }),
                function(K, O, y, R, w, q, N, u, M, H, r, m, L, X, G) {
                    I = (u = I, b);
                    try {
                        if (y = K[0], y == S) {
                            L = K[1];
                            try {
                                for (M = H = (R = (q = atob(L), []), 0); H < q.length; H++) O = q.charCodeAt(H), 255 < O && (R[M++] = O & 255, O >>= 8), R[M++] = O;
                                this.H = R, this.j = this.H.length << 3, k(377, this, [0, 0, 0])
                            } catch (Q) {
                                e(Q, this, 17);
                                return
                            }
                            wl(this, 8001)
                        } else if (y == W) K[1].push(Z(97, this), Z(162, this).length, Z(17, this).length, Z(507, this).length), k(356, this, K[2]), this.K[376] && yj(this, 8001, Z(376, this));
                        else {
                            if (y == E) {
                                (X = (G = v(2, ((H = K[2], Z(507, this)).length | 0) + 2), this).A, this).A = this;
                                try {
                                    w = Z(253, this), 0 < w.length && x(507, this, v(2, w.length).concat(w), 10), x(507, this, v(1, this.L), 109), x(507, this, v(1, this[E].length)), q = 0, N = Z(162, this), q += Z(366, this) & 2047, q -= (Z(507, this).length | 0) + 5, 4 < N.length && (q -= (N.length | 0) + 3), 0 < q && x(507, this, v(2, q).concat(T(q)), 15), 4 < N.length && x(507, this, v(2, N.length).concat(N), 156)
                                } finally {
                                    this.A = X
                                }
                                if (r = ((M = T(2).concat(Z(507, this)), M)[1] = M[0] ^ 6, M[3] = M[1] ^ G[0], M[4] = M[1] ^ G[1], this).sj(M)) r = "!" + r;
                                else
                                    for (q = 0, r = ""; q < M.length; q++) m = M[q][this.T](16), 1 == m.length && (m = "0" + m), r += m;
                                return Z(507, (Z(((k(97, (R = r, this), H.shift()), Z)(162, this).length = H.shift(), 17), this).length = H.shift(), this)).length = H.shift(), R
                            }
                            if (y == zJ) yj(this, K[2], K[1]);
                            else if (y == F) return yj(this, 8001, K[1])
                        }
                    } finally {
                        I = u
                    }
                }
        }(), U.prototype).V2 = 0, U.prototype).sj = function(b, I, K, O) {
            if (I = window.btoa) {
                for (O = (K = 0, ""); K < b.length; K += 8192) O += String.fromCharCode.apply(null, b.slice(K, K + 8192));
                b = I(O).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else b = void 0;
            return b
        }, U.prototype.XY = 0, /./),
        o8, BW = S.pop.bind((U.prototype[f2] = [0, 0, 1, 1, 0, 1, 1], U.prototype[W])),
        xP = (o8 = MO(U.prototype.h, (PW[U.prototype.T] = BW, {get: BW
        })), U.prototype.gt = void 0, function(b, I) {
            return (I = TJ()) && 1 === b.eval(I.createScript("1")) ? function(K) {
                return I.createScript(K)
            } : function(K) {
                return "" + K
            }
        }(z));
    (40 < (d = z.botguard || (z.botguard = {}), d.m) || (d.m = 41, d.bg = O1, d.a = K2), d).LDL_ = function(b, I, K) {
        return [(K = new U(b, I), function(O) {
            return cW(O, K)
        })]
    };
}).call(this);

Executed Writes (0)


HTTP Transactions (99)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4071
Expires: Fri, 25 Nov 2022 00:08:06 GMT
Date: Thu, 24 Nov 2022 23:00:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1648
Cache-Control: max-age=129504
Date: Thu, 24 Nov 2022 23:00:15 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 10:58:39 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 22:19:00 GMT
cache-control: public,max-age=3600
age: 2475
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14382
Expires: Fri, 25 Nov 2022 02:59:57 GMT
Date: Thu, 24 Nov 2022 23:00:15 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: jYTDaJHHkTiMshoM6tVZr1VlCUBkO490OxC67LcaKSBacOg5I7J7FKXvQ4OU7Ni+uTuJQOhj44c=
x-amz-request-id: W7M818TXCADAF61F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 22:40:34 GMT
age: 1181
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 24 Nov 2022 23:00:15 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 22:11:11 GMT
cache-control: public,max-age=3600
age: 2945
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6017
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 23:00:16 GMT
Last-Modified: Thu, 24 Nov 2022 21:19:59 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         43.250.142.34
HTTP/1.1 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
set-cookie: apbct_timestamp=1669330815; path=/; SameSite=Lax apbct_site_landing_ts=1669330815; path=/; HttpOnly; SameSite=Lax apbct_page_hits=1; path=/; HttpOnly; SameSite=Lax apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522bd839d77a618fa88758353e2a6c9073a%2522%257D; path=/; HttpOnly; SameSite=Lax apbct_urls=%7B%22legalightbulbs.com.au%2F%22%3A%5B1669330815%5D%7D; expires=Sun, 27-Nov-2022 23:00:15 GMT; Max-Age=259200; path=/; domain=legalightbulbs.com.au; HttpOnly; SameSite=Lax apbct_site_referer=UNKNOWN; expires=Sun, 27-Nov-2022 23:00:15 GMT; Max-Age=259200; path=/; domain=legalightbulbs.com.au; HttpOnly; SameSite=Lax
x-redirect-by: WordPress
location: https://legalightbulbs.com.au/
x-litespeed-cache: miss
content-length: 0
date: Thu, 24 Nov 2022 23:00:16 GMT
server: LiteSpeed


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xGEgHX07pA7OO9BBg24bcA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.36.24.174
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0HWuTWHbYIvNtGIksqTM4WZFtcM=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3662
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 23:00:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3662
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 23:00:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3662
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 23:00:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3662
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 23:00:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3662
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 23:00:17 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2351
x-amzn-requestid: 1e3e6b14-8f46-4b62-a3d1-f5dbe5d5f94f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGupUE_VIAMFa3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f5e3b-573fabc44ce59c2f4c24a32d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 12:06:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XEUrOPYr2rn89eMIJORVFnpqJfxqfjBadcbplZKzqLjDkzHV8NEbHg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 18:51:30 GMT
age: 14927
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2351
Md5:    66d06d3cac1784e4ce6c8c89c300f10a
Sha1:   41ef94d198bbf98185eb332a3b6934c3c26c3afc
Sha256: 55312d1b43447e4f77d8e9e52451bb63a9868ba8122c9e16e0a20479d34367e3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b4f6042-6f6f-4572-b535-71b1a4b587e8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6049
x-amzn-requestid: 96e5c00c-1565-4e9f-aa5b-6da99785a03b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brsokHSgoAMF_RQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748e36-547f241a67f3703958f2eade;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:16:06 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KDIu_SbDdEi4ynoXJsXclQJmaAse8FTkyZdGCzmv0Pvgj3C0bus8XQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 03:59:13 GMT
age: 68464
etag: "29edd439b6e7894bc4771fc655a50d926f349a08"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6049
Md5:    73f65dfa986cf95e8fb459778b945c59
Sha1:   29edd439b6e7894bc4771fc655a50d926f349a08
Sha256: c6182797d5fce1a086580a338929e851a73ccb75e6432b12969aae6f0952fa27
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ad933c0-8cbe-40eb-920c-38b8ae531c9f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7900
x-amzn-requestid: a9d184b1-3b4a-4ca6-9ad2-ce3aac10f422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB91H2IIAMFjGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38b-5732361f36c023c22c922ee9;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cRreyOCHys8rW4UWA3JSMhtOiiltT6ULxxgi9aLM7sw07UruCXgPkQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:13:14 GMT
age: 2823
etag: "81f85633fca39972d8e0bf9a4ec7cd999e54564f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7900
Md5:    d43ec6824d4fdc4d31b8c245bf8c5849
Sha1:   81f85633fca39972d8e0bf9a4ec7cd999e54564f
Sha256: b0e521b23879af86102f46a9ec412faf6345df31a97a7b58880f63f81fdcd0c6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd87485db-f230-4024-987f-6b9ea6098576.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10356
x-amzn-requestid: 8450975f-bcb2-4b59-b0ef-42e43d1bb16a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM-cGKIIAMFo7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8ec2-7f95154e3177c6e30a925244;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NCCF79BaJkG2j75ihGL9jd3gEE4zajsC9vmEKMmk9u7-wm2s5u4mVQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 04:22:08 GMT
age: 67089
etag: "7f29e0e2de89f7a88ff0bf2a720365032ef11cc1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10356
Md5:    05a92b9f554600c920e8b772eb16ee75
Sha1:   7f29e0e2de89f7a88ff0bf2a720365032ef11cc1
Sha256: 4b51a70a0ee6fe0d723880ea70fee25c15bff671d8a484bbb2a3c9962303c735
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 64549
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4309
Md5:    841a4b110022a99ddea6f7bf66df0fa1
Sha1:   126771b86638108050cf57c0d12faa27f80f0edb
Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11954
x-amzn-requestid: 0c912d90-72b5-4060-ae22-c2ecbe16b57a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8J-nEFEoAMF2eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2390-503ead086c8021af6eaeaa85;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JZAeoFNsUy2usSV7O41YGIfVow9gaIMXuKnfcaundLduQ5UX2eTKOQ==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 17:17:27 GMT
age: 20570
etag: "b80047da428636adb7027f12718c8d11bd461da4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11954
Md5:    6673267df195141739d1018c17101368
Sha1:   b80047da428636adb7027f12718c8d11bd461da4
Sha256: de30af07eed7326a1326c831e04727649a112c20d0c485a7e973edd96f91bfaa
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 23:00:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 23:00:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 23:00:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js?render=6LftiMoUAAAAAPjx7QAv1QP5ZCmxZLCu5ma7VWGg&ver=3.0 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Thu, 24 Nov 2022 23:00:18 GMT
date: Thu, 24 Nov 2022 23:00:18 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   585
Md5:    bec8c57bb56c21b073b7b94a515aba97
Sha1:   8e1141bf6cc8143961e75c52d2366367456dce08
Sha256: 336ba675b36e7c1605e178f18daa8aeb51aa1e7ab92de36d0a6aa7048d5bb7ec
                                        
                                            GET /css?family=Montserrat:400 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 23:00:18 GMT
date: Thu, 24 Nov 2022 23:00:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Wed, 16 Nov 2022 04:17:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47826)
Size:   11616
Md5:    c4d7cc056b49b00e05cc29cc59aa3d5a
Sha1:   48c426bec60099d2a8628df430ed682c72aab42a
Sha256: 8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Thu, 10 Nov 2022 09:03:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 144
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   144
Md5:    fcbd239f30d9a6dd1f3637f291143d37
Sha1:   2871bf7d98af3f43e42f7fa32808048e7134fabf
Sha256: c2f98e9d71f782b7a3266cd337c61ae6c8dcbb7203669c07852aa2ab65ab6144

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/cleantalk-spam-protect/css/cleantalk-public.min.css?ver=5.188 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Thu, 10 Nov 2022 09:05:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 264
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (591), with no line terminators
Size:   264
Md5:    cd702aa3e95261e039288cc6a731e931
Sha1:   7ef085bd9b9db17484d1b256c156ff21f6077e26
Sha256: 6336416c29aed6657e9be7abfee887cb25f4ea909381ef699c7b1c90238c3d84
                                        
                                            GET / HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.4.33
link: <https://legalightbulbs.com.au/wp-json/>; rel="https://api.w.org/", <https://legalightbulbs.com.au/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json", <https://legalightbulbs.com.au/>; rel=shortlink
etag: "6399-1669330812;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 23:00:17 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (45019)
Size:   28967
Md5:    03083bee172efddf28dcfa91508907d9
Sha1:   d0aef93c0d0ebb957f4576a5b3add3d1c75cece7
Sha256: efb23e1d629035a65793dc58f2e571b5d63935d3f988d3dd7e8c7f0b7a83b079

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=3.0.8 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Mon, 07 Sep 2020 04:56:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8300
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7136)
Size:   8300
Md5:    e66ebe96ff800a794a52c3547a3a9d77
Sha1:   db6058db56de0b51d75bf6c452c7567a67eb12dc
Sha256: a99de3273759a4a7885d481efffcb960256a89135c2cf12356390d7d652a9eea
                                        
                                            GET /wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=3.0.8 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 10 Jul 2020 00:14:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2124
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   2124
Md5:    ccae4785f1c22d34b6cb43678a59a870
Sha1:   991d1d81a198c71dd8e3134f8b3ae96f1e7622c4
Sha256: d87b51808468c3b8db2920cfd065562dbdd0b18f8944a0755decf21fa554ee38

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.3.1 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Wed, 11 Nov 2020 23:20:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12132
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Size:   12132
Md5:    b412eb93f0cee26f9b8fb6b86fb84672
Sha1:   cfcdb91f90bf5c46d46a725aeaa2ca4327a4075b
Sha256: 7eb2551c41e44f6ffd1f7df85c82a35063184887fed10ccc988182fd5bc8e626

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/wp-post-modal/public/css/wp-post-modal-public.css?ver=1.0.0 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Tue, 02 Aug 2022 22:23:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1151
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1151
Md5:    ecc4b0be0480ccc41767b395dd3f872b
Sha1:   3a8f842bf4dbded4b8debc4155fce957d20b9de7
Sha256: 6839f4ab64bf11b06e18d21ba7b8083253885e0ae5e7d65ee0caae45bd33ebf9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/betheme/css/be.css?ver=24.0.2 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 23 Jul 2021 01:16:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 52412
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (464)
Size:   52412
Md5:    2ce802f4cbddf7bffa3f48167bcc189f
Sha1:   0ad1b0ee526d80ee1bd649656c47e3c5f69a50ca
Sha256: 1a6f0bbc13c39c953c2c8a0736afded9cd9f80005cba744f441f4087b0ebde00

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/betheme/assets/animations/animations.min.css?ver=24.0.2 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 23 Jul 2021 00:10:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4424
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (58528)
Size:   4424
Md5:    b5ffd053985dbe247067bad06178e26e
Sha1:   2a8ec57446cb9248a5d83bfcfb5bf749c1d8c1bb
Sha256: ed07c1fef91e06ffad187b9081c3d9c5c3b32f5fbcf0e94face6b53c8ed2ce0f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=24.0.2 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 23 Jul 2021 00:10:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12408
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (364)
Size:   12408
Md5:    d4443a56a04ea5bcc4da6b5415d5dcb8
Sha1:   2e94433ae783e1f9da3908a22f6099770081457a
Sha256: 74ae64f6e08dd113867cbfc27e1cc2ed2bef5a762266a70e5f73f2d2b4582a1c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/betheme/css/responsive.css?ver=24.0.2 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 23 Jul 2021 00:10:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9717
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (612)
Size:   9717
Md5:    e1cb9b0ece748c4495f8db1512c05c7b
Sha1:   8374327793bf046279bc2846e043b3b578363c3e
Sha256: 08b22a31643e47439694a6e26c52fd7275b9e1861716887eb5a936c98c506772

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 25 Feb 2022 04:13:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   3995
Md5:    7e058b51f939eacfa31cdface14dded5
Sha1:   9d732e5afdeb42edef9e1b9631b7e95e054787cc
Sha256: 4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
                                        
                                            GET /wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=5.188 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Thu, 10 Nov 2022 09:05:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11706
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (44971), with no line terminators
Size:   11706
Md5:    e81429017515eaaaa2b43ea216b30c4b
Sha1:   95253031f4fc3370d64708ebb1751ccb2de9cce1
Sha256: 8b4d751382c2dc1d01746739eb09e56dcb402eb6b0eef5c6a62effbce644bdea

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/wp-post-modal/public/js/wp-post-modal-public.js?ver=1.0.0 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Tue, 02 Aug 2022 22:23:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3178
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (325)
Size:   3178
Md5:    0c501f979f84c8b54c361cc0af715d79
Sha1:   d18797e80be75bdf924b5028022ae9ccb1839abe
Sha256: 56d8f1c3241aee1d41dc6af8cb19296a438d17bde60845d925b063f53cc611ea

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.8.0 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Mon, 20 Dec 2021 21:02:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3952
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (34217)
Size:   3952
Md5:    e00926a3c189b2f2396d96d90ac77785
Sha1:   f61219b1a1e4924051c4e5c7acb70cd925173bdb
Sha256: 30a6fd0e5a3610d5074e2a634513348ff8a5a92510d45c6c2621d6bda6b2fd27

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.8.0 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Mon, 20 Dec 2021 21:02:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11779
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (56243)
Size:   11779
Md5:    bc62c79810f6d9ff2023a3ce01fb17e8
Sha1:   c176d3254f491913c5567d35c85d0d02c6c9300a
Sha256: abe49ff5c57ab5013f8eac78076ef149837282fce42df3f0f526cb440e3d155b
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/vc_carousel/css/vc_carousel.min.css?ver=6.8.0 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Mon, 20 Dec 2021 21:02:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1252
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10211), with no line terminators
Size:   1252
Md5:    bb08a1c194b8a07a7478738854e83322
Sha1:   507ba9561248f92dc73e3676dbe580c82c59ae0d
Sha256: f7bb7d70b8db770b80020ff522e1fe276d6d54c5b55a4fd56aa8d3525afd24c4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Thu, 27 Oct 2022 21:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3706
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (12310), with no line terminators
Size:   3706
Md5:    dc6411bfa6891b75944f0074c945752d
Sha1:   03c1a8b686c287068c61ab90f58d905496d65085
Sha256: 96abeabc9cc7b4c2b7d46579f2827c67ccd02fbaef0343ae052f71accd381b0d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Thu, 10 Nov 2022 09:03:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8189)
Size:   6800
Md5:    3d0ff0f6731d9cef860af9a5a0e3ce62
Sha1:   13aed444304d782039e261475c8b4450b83e743e
Sha256: e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Thu, 10 Nov 2022 09:03:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3760
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11760)
Size:   3760
Md5:    3a8c0c6bf695efea9e3acfaff14c3ca5
Sha1:   38e58a427812d0655192a36bf644d51853febe8b
Sha256: fe50234a7e2fa53617f7379107d8e4f2baba0a98fc8a20e001fc5b2766292743

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/betheme/js/menu.js?ver=24.0.2 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 23 Jul 2021 00:10:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 749
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   749
Md5:    33c0b2d1963bf8d1aec85903f55372f2
Sha1:   1f8307e852a47838a785abdcde3dc260de017f1a
Sha256: 38df4b408528e6f2fe8651d3d3e06dd7fb197c650d1a9b67b40c61f968473c58

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/betheme/assets/animations/animations.min.js?ver=24.0.2 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 23 Jul 2021 00:10:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 550
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1733)
Size:   550
Md5:    c3a756b391fe1e6045b1b664b050a5f4
Sha1:   d9deaddac95f6a841a9ac512a49b1ac2ae21faf7
Sha256: 72ec4f8eadcac76d82107ad78d3522f8d429477ad77ea5adc3572458ef382bf8
                                        
                                            GET /wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=24.0.2 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 23 Jul 2021 00:10:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12378
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (634)
Size:   12378
Md5:    d8bfc3d742ffd06b97048893cf41f69e
Sha1:   9619ab317a12617272411c4c4a33f8ded73b7512
Sha256: d52b1f1423552aab4f48e0a917e614c3a5318e0c47cba03472ea029858869540
                                        
                                            GET /wp-content/themes/betheme/js/parallax/translate3d.js?ver=24.0.2 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 23 Jul 2021 00:10:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1195
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1195
Md5:    798cccf140859289da4f850b3b2b3c16
Sha1:   5080ddcb8fc9eaabbfba56b933fa304f08590d29
Sha256: a152cf3215e6c21eae0ae777ef888fe642cf51a13890632903be1ddbf5470afd
                                        
                                            GET /wp-content/themes/betheme/js/scripts.js?ver=24.0.2 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 23 Jul 2021 00:10:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14219
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   14219
Md5:    46230966bfd4d0f04bd060ebb6923099
Sha1:   aa90bf998a66d2af304a6306cbeabbb484471e36
Sha256: f614bab1c2e35d5b809b9ea49dff484fe6a7324628719d2f568aa81bf59a007c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Sun, 05 Jun 2022 22:33:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6475), with no line terminators
Size:   2354
Md5:    4e773d7cec56bacab6d2db420be6f262
Sha1:   c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
Sha256: 5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Thu, 10 Nov 2022 09:03:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6335
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Size:   6335
Md5:    fecbc00e8af71d8cfb678cd811c7cb2e
Sha1:   44e5dd77f62cb5c67271442b75cdff10d45f2f8d
Sha256: d6f03fb4728d0c23251451df8d66b5107d3c87458dc624aacfbad437e99d01f1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Thu, 27 Oct 2022 21:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 439
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (999), with no line terminators
Size:   439
Md5:    941c9d44f1c480a37006540de948ef9a
Sha1:   29bc99b84660341fc37d60774b3083025a19147c
Sha256: d297692ee1e68d1e2499576903508be06859340a25eded15b2565631a592851e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.8.0 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Mon, 20 Dec 2021 21:02:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5392
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19905)
Size:   5392
Md5:    5c4775770503a303920f7828b0c9ed93
Sha1:   eb423a78df0b4d1bc0490fc6232a9d8daa14b4f1
Sha256: dd8a0879968f81cc079ac9ab03e98f5f119aa390d07bed57e621f911f0d28cb4
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/vc_carousel/js/transition.min.js?ver=6.8.0 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Mon, 20 Dec 2021 21:02:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 403
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (619)
Size:   403
Md5:    d59465ab9774297879a30f6896d0bd32
Sha1:   b6e1d3b0228c2005ff04622c87b49d48fe4c14b0
Sha256: c0ca415988463095f7406abda1b6384ac0995cc9548852b4970f70d97914f319

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/vc_carousel/js/vc_carousel.min.js?ver=6.8.0 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Mon, 20 Dec 2021 21:02:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2764
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9690)
Size:   2764
Md5:    b0561cdedc286ad8db441aebb578923c
Sha1:   cc20566dcfa4e59a3b4927717785ebea0e5a4b0d
Sha256: 77b1fc344cf3416ec2edd57c26ee6c168acab41dfc82cd76e1961eb0f78a3e9e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Sun, 05 Jun 2022 22:33:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   4619
Md5:    0232689bd203f330529b36a437f41a68
Sha1:   9046583f7469ad38297969f10a9513eb895d5316
Sha256: feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=24.0.2 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 23 Jul 2021 00:10:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1907
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1907
Md5:    ec9c4823adb01a097d655f555adca9af
Sha1:   f50a073e8be2d675bf6c5af96f50a8f048a2ed15
Sha256: 8295f041024bf84f41a8c3292c995448dc00824bca9c70a1307255587492b7ee

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.8.0 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Mon, 20 Dec 2021 21:02:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 42039
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65358)
Size:   42039
Md5:    9e39dfcae341ce2e56f850ad8854f8cb
Sha1:   51b4a2a4192fea4d332c4787ec3d110a46b47419
Sha256: 921a07a52dffa7fee00ee8cf8ba0cf74aeb1077c780141c127bafe53f56ac6c4
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Thu, 10 Nov 2022 09:03:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30324
Md5:    3a1740685bd5c0bbd5f2b812e1eb7fb4
Sha1:   488e07695da787fed18361c50292aef35abb5e81
Sha256: 4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.1 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 28 Aug 2020 02:03:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 44724
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (42889)
Size:   44724
Md5:    48fda91697def6d0962a647a9bfd764a
Sha1:   c39b2dc4ba96519290c168ac663f68affae702e7
Sha256: fd8df2fea51d7e0c882a81724ae76152dc97150a69b1ff47e6769d99366f7df0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/betheme/js/plugins.js?ver=24.0.2 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 23 Jul 2021 00:10:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 53647
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32019)
Size:   53647
Md5:    c850afe3c31ce18439343169776f9ac2
Sha1:   00cc89e46d3a3f3612486199918c41254957c8ed
Sha256: fbf2235d1655f86a7bc3198257650987414998411a1474d0e8bdf6f391d6c017

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2018/10/logo.jpg HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Sat, 27 Oct 2018 04:39:16 GMT
accept-ranges: bytes
content-length: 11352
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 270x128, components 3\012- data
Size:   11352
Md5:    765fd1694c69c00757b443082eb2a466
Sha1:   9969d9e97959dd74750ff7218fe3bcbeaa4ace19
Sha256: 6f5b24cd059486837de00423f40c4bc92a4f6aa347cfc96a194c8142813a3eb0
                                        
                                            GET /wp-content/uploads/2018/11/sparks.png HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 09 Nov 2018 05:09:34 GMT
accept-ranges: bytes
content-length: 8503
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size:   8503
Md5:    391a4185b75f1a91ab68aaaf231f7a70
Sha1:   a4f20a6258013bf367ab9fa9110ac81c0f0d8966
Sha256: ccfe650ceabb85f03ed399ac3145378f5d0815a52f934c0ed84e8b42a5dc7769
                                        
                                            GET /wp-content/uploads/2018/10/less-than-equal.jpg HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 26 Oct 2018 08:15:43 GMT
accept-ranges: bytes
content-length: 11850
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 251x400, components 3\012- data
Size:   11850
Md5:    c30421936d4157e330da662fa2ac0e16
Sha1:   cbf0597bad73fedf32fbdfc67e958e8cc10122e2
Sha256: effa71bf37e6f839d7de33ddb25659262e707c16828cd5e40e9330436b484766
                                        
                                            GET /wp-content/uploads/2018/10/less-than-equal-200x300.jpg HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Thu, 08 Nov 2018 00:54:46 GMT
accept-ranges: bytes
content-length: 9347
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x300, components 3\012- data
Size:   9347
Md5:    c92cff1509f27d4975c584e9a8d3b7ac
Sha1:   fb75e039fd92ce51fb71742e1f8db58a3d4b5d8d
Sha256: 8b76ff2f381793e3a61381d1e82a5e256e09fcfaf53e705c63fbfbd31a5036b8
                                        
                                            GET /wp-content/uploads/2018/10/justice-connections-200x300.jpg HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Thu, 08 Nov 2018 00:54:46 GMT
accept-ranges: bytes
content-length: 11530
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x300, components 3\012- data
Size:   11530
Md5:    5d1883c25b1cacc7c28b7effef62ca4c
Sha1:   8bf202e5368b9c0b94dec71434c5773c098ba141
Sha256: 815f64c9b5f00c350b2755ff039a61a13c811fa166cfb183f1bee30c888a8d48
                                        
                                            GET /wp-content/uploads/2018/10/multidisciplinary-approac-200x300.jpg HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Thu, 08 Nov 2018 00:54:46 GMT
accept-ranges: bytes
content-length: 12390
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x300, components 3\012- data
Size:   12390
Md5:    5991c0200387e0b735f988edf71a53fa
Sha1:   d02e15cb680d0e8667fcb8ffa75b1b01d17ba31c
Sha256: ed4632f69d904f8840def548cd68e21333db33e0c6155331fce23d3c9336f054
                                        
                                            GET /wp-content/uploads/2018/10/shattered-dreams.jpg HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Sat, 27 Oct 2018 05:07:58 GMT
accept-ranges: bytes
content-length: 12731
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 167x250, components 3\012- data
Size:   12731
Md5:    5f9748ce3389103cfe13e7f104a26f7f
Sha1:   22836d2b0fabd13250f82bbbcee541c72b0e0fed
Sha256: 2fa63adcf46613cc6879acb25d474695d061b1f701bf72c38899a2781fb689ac
                                        
                                            GET /wp-content/uploads/2018/10/Intimate-Partner-Sexual-Violence-200x300.jpg HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 26 Oct 2018 08:17:09 GMT
accept-ranges: bytes
content-length: 13867
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x300, components 3\012- data
Size:   13867
Md5:    f8d6d602308eb25745de5f3c83c54b37
Sha1:   ec7c2f45990618964000cbeb29f03819681dde2e
Sha256: 56e595d1a4ecf4ddeb7e91af0e209151f97d5a3fa3390914ae0651228b19551c
                                        
                                            GET /wp-content/uploads/2018/10/Voices-of-the-Survivors-200x300.jpg HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Thu, 08 Nov 2018 00:54:46 GMT
accept-ranges: bytes
content-length: 14499
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x300, components 3\012- data
Size:   14499
Md5:    9248d85911d4f515333130cdf3f528ab
Sha1:   19aaddfd89c992918e23395384d6d9ebe033b931
Sha256: a7b3b1713666b5e623a5e504b7957648969cc5043296ea8ae98c5c5fc668d226
                                        
                                            GET /wp-content/uploads/2018/10/Balancing-the-Scales-200x300.jpg HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Thu, 08 Nov 2018 00:54:46 GMT
accept-ranges: bytes
content-length: 16427
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x300, components 3\012- data
Size:   16427
Md5:    9da48b8b94f3c425aa171438f7b1dba6
Sha1:   0185290ecbaa758497a4631f041505b5408e1bd6
Sha256: 3fff5897782df95d484c9d2f32fd6524d6602f42580237c32867cb7ade6f4ef0
                                        
                                            GET /wp-content/uploads/2018/10/Women-and-the-Law-in-Australia-200x300.jpg HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Thu, 08 Nov 2018 00:54:46 GMT
accept-ranges: bytes
content-length: 17908
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x300, components 3\012- data
Size:   17908
Md5:    fe5c6d3e6c19626b87f3be22c5b5c233
Sha1:   30ca6718ed02afa097e2d5934fbec8acbd03032b
Sha256: 0d3462f580196cd1c18f044e807666f06a8385b1596c0af29acc0206ced24b35
                                        
                                            GET /wp-content/uploads/2018/10/Domestic-and-Sexual-Violence-Against-Women-200x300.jpg HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 26 Oct 2018 08:15:23 GMT
accept-ranges: bytes
content-length: 10400
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x300, components 3\012- data
Size:   10400
Md5:    c9dd945e93247eda504536745049cfad
Sha1:   27a7c68eed6ee958a708d8539924c53e5e60d520
Sha256: f972798b5032154b9cdf9128c1c27e91c7cdf16bebd458781d99f9e52729b8bb
                                        
                                            GET /wp-content/uploads/2018/09/rape-law-2-200x300.jpg HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Thu, 08 Nov 2018 00:54:46 GMT
accept-ranges: bytes
content-length: 13942
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x300, components 3\012- data
Size:   13942
Md5:    9f128e03c5234a0786fd171e63676eb5
Sha1:   4c1cc24092a610834bc3ac186f0aa1847a3dd4ad
Sha256: 0858a29be2e425ee46747769b9020c7d8f3a5eb6c16ad1172463b04144daf886
                                        
                                            GET /wp-content/uploads/2018/10/spark-80x80.png HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Wed, 31 Oct 2018 03:32:38 GMT
accept-ranges: bytes
content-length: 1287
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   1287
Md5:    5946cf124ce9c8c29417acf43ca43e30
Sha1:   e20ac68ea2a9fa9ebed7bfb38661be6a18dd23a3
Sha256: ee6ca55e8b755b478cf08d2c77f9daeda62c6926b85d4cf022f6ab25a2dda72e
                                        
                                            GET /wp-content/uploads/2018/10/spark-opposite-110x110.png HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Wed, 31 Oct 2018 03:35:32 GMT
accept-ranges: bytes
content-length: 2290
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 110 x 110, 8-bit/color RGBA, non-interlaced\012- data
Size:   2290
Md5:    c60de71fb88b13e0cecc3958ff5813b3
Sha1:   e8cd3cefdd80e7a397f20cdc39ebc9bdd8102403
Sha256: 8868cd5342bb177f78e09914e33f5465cf35608a8f443634d2166de98ee0e806
                                        
                                            GET /wp-content/uploads/2018/09/rape-law-2.jpg HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 26 Oct 2018 08:04:29 GMT
accept-ranges: bytes
content-length: 19368
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 250x382, components 3\012- data
Size:   19368
Md5:    eb23325b2b0810b522cb808b1f9320c1
Sha1:   ffd81b274deab703352f83baf75872cddf4511f2
Sha256: b4b08a4c33145c74ad9602928ae39022ffebd5e867316a6e8fc1355b9d3d70f5
                                        
                                            GET /wp-content/uploads/2018/10/Domestic-and-Sexual-Violence-Against-Women.jpg HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 26 Oct 2018 08:15:23 GMT
accept-ranges: bytes
content-length: 25843
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 432x648, components 3\012- data
Size:   25843
Md5:    14ab17e70826f6b020a344af5b577dd4
Sha1:   4235df021af97ac56d8924c0c35d15750ab9dfeb
Sha256: c429f994500978be6382e143bf5f1f47bed4995fa85059dd1a155e7f3433fb6a
                                        
                                            GET /wp-content/uploads/2018/10/Balancing-the-Scales.jpg HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 26 Oct 2018 08:16:29 GMT
accept-ranges: bytes
content-length: 39510
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 75x75, segment length 16, baseline, precision 8, 359x580, components 3\012- data
Size:   39510
Md5:    a9fc9c9be3b4a12b9a8f0550f00e64f9
Sha1:   8730ee64050d0e5a7d677ce922a28980b5b5b1aa
Sha256: 32e658179f3d8c133d0a5fae9270d0ba0a006af616d1e06817c05ccfe81d606c
                                        
                                            GET /wp-content/uploads/2018/10/Voices-of-the-Survivors.jpg HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 26 Oct 2018 08:16:47 GMT
accept-ranges: bytes
content-length: 27208
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 324x500, components 3\012- data
Size:   27208
Md5:    70e5d1b9397a34d66f4d88df2803ff60
Sha1:   7ee76831a3b8a5446e358b64b8b95d376b542e72
Sha256: fbb5d2e4d7f4aec1ff8409a8fd205de7279eca6ab45ae6e2e1d5924271ad79f5
                                        
                                            GET /wp-content/uploads/2018/10/Intimate-Partner-Sexual-Violence.jpg HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 26 Oct 2018 08:17:09 GMT
accept-ranges: bytes
content-length: 23924
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 332x499, components 3\012- data
Size:   23924
Md5:    d49d8041cecfe288d965cc97d20024a8
Sha1:   c49d407a5714680e383563dad4ae848dac2d8d08
Sha256: ca9da2bc70e1d23c94bb806e5a1b835ec112101f3bcba59bc8ab98a3fb686a5d
                                        
                                            GET /wp-content/uploads/2018/10/Women-and-the-Law-in-Australia.jpg HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Fri, 26 Oct 2018 08:16:07 GMT
accept-ranges: bytes
content-length: 91362
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 240x369, components 3\012- data
Size:   91362
Md5:    48eae6bc4aa1337347702612225fadd3
Sha1:   b26efed6171c17e37e9b4ad977bd04bba98af10f
Sha256: 4fb8ceba0cf5c50040ef103550d36b1b66a232301a012db03852a435b2a5d907
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 23:00:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 23:00:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://legalightbulbs.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:45:19 GMT
expires: Thu, 23 Nov 2023 19:45:19 GMT
cache-control: public, max-age=31536000
age: 98100
last-modified: Wed, 27 Apr 2022 15:44:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 32900, version 1.0\012- data
Size:   32900
Md5:    fda3323314d895ae39de612559f6fad9
Sha1:   644dbb14f599920fdc8f8260b6e67bd1f8770e89
Sha256: d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
                                        
                                            GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://legalightbulbs.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:40:18 GMT
expires: Fri, 24 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 22801
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size:   30928
Md5:    ac0d2859ea5f8fd6bcb3c305c08ec184
Sha1:   7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
                                        
                                            GET /s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://legalightbulbs.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29492
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Nov 2022 23:36:13 GMT
expires: Sat, 18 Nov 2023 23:36:13 GMT
cache-control: public, max-age=31536000
age: 516246
last-modified: Wed, 27 Apr 2022 16:29:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 29492, version 1.0\012- data
Size:   29492
Md5:    1ef64f017b272dc9baf01a7e6c1f2c30
Sha1:   3a2cc0c846c0c5af065eee0f45edde9c02ec596f
Sha256: 7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
                                        
                                            GET /s/ptserif/v17/EJRQQgYoZZY2vCFuvAFT9gaQZynfoA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://legalightbulbs.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:39:54 GMT
expires: Thu, 23 Nov 2023 19:39:54 GMT
cache-control: public, max-age=31536000
age: 98425
last-modified: Wed, 27 Apr 2022 15:44:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 28336, version 1.0\012- data
Size:   28336
Md5:    374fdbd5087f7cc67077f8340b8b4b65
Sha1:   9b6278b5f1365c176148ccd06cd15261251597f9
Sha256: a8b4c3fed174cde914ce1d74e3e97a4c7d17a9d615ba13065e8dc58531a84046
                                        
                                            GET /s/ptserif/v17/EJRTQgYoZZY2vCFuvAFT_r21cg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://legalightbulbs.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:42:01 GMT
expires: Thu, 23 Nov 2023 18:42:01 GMT
cache-control: public, max-age=31536000
age: 101898
last-modified: Wed, 27 Apr 2022 15:38:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 34800, version 1.0\012- data
Size:   34800
Md5:    8d27237f254ec67691c6f4ea906a65d0
Sha1:   4d72c0bcc8f3c777eb244fef4f3a30b72c4ca53b
Sha256: dd6661b8cd544cf84130afd811d872ce216a1f069eef967566a300a7dfb8506e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 23:00:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/2018/11/header-header.jpg HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Wed, 07 Nov 2018 04:26:36 GMT
accept-ranges: bytes
content-length: 1269358
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x636, components 3\012- data
Size:   1269358
Md5:    b66ddd9cbbfad7edabf65d61c3781fe1
Sha1:   7b8e1c0c37586f48373577119dd85a16e8ee3d09
Sha256: a83f96712ffc73b063919a8b147f85b45d976f763e71b19d842b9b2e28e9df16
                                        
                                            GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://legalightbulbs.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 06:06:20 GMT
expires: Fri, 24 Nov 2023 06:06:20 GMT
cache-control: public, max-age=31536000
age: 60839
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Size:   12708
Md5:    b4a68b1e743ee317eaaf0bbadd131571
Sha1:   f24f7823d4e3830c7cfa5bcb33733d2897c00f13
Sha256: ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
                                        
                                            GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://legalightbulbs.com.au
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 09:43:42 GMT
expires: Fri, 24 Nov 2023 09:43:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
age: 47798
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (730)
Size:   162976
Md5:    79d18cf4265108d7cecca1bf4ada6109
Sha1:   e51d0285a545381d4c39e9e0292a650ffeeecbb9
Sha256: 59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Thu, 27 Oct 2022 21:41:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2817
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=PT+Serif%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CMontserrat%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.1.1 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 23:00:18 GMT
date: Thu, 24 Nov 2022 23:00:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.3.1 HTTP/1.1 
Host: legalightbulbs.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://legalightbulbs.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         43.250.142.34
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:00:18 GMT
last-modified: Mon, 23 Nov 2020 00:24:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 81579
date: Thu, 24 Nov 2022 23:00:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing