r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11931
Expires: Wed, 09 Nov 2022 17:14:42 GMT
Date: Wed, 09 Nov 2022 13:55:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2509
Cache-Control: max-age=163022
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 13:55:51 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 11:12:53 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2509
Cache-Control: max-age=163022
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 13:55:51 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 11:12:53 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16163
Expires: Wed, 09 Nov 2022 18:25:14 GMT
Date: Wed, 09 Nov 2022 13:55:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tbaPo9PuzaLbroNvPLIiz8UMOnqPZTL0uhnTu0mKRv4NRjUmVhXYwvGQPlF2H4fOuP5+0pNA/Xo=
x-amz-request-id: 1T1ABSCJRTZE6Q2P
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 13:49:00 GMT
age: 411
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
desmondinsurance.com/
199.34.228.79301 Moved Permanently 240 B IP 199.34.228.79:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c72684d42475114a44c32778c083855e
12f9896d5b10ba48194e33126578b9023dc0a30e
fc9bf1be8eac756d392bad95478f89841abbea8c013526711cf1f8b0f71cf772
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 09 Nov 2022 13:55:51 GMT
Server: Apache
Location: http://www.desmondinsurance.com/
Content-Length: 240
Keep-Alive: timeout=10, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 13:55:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.desmondinsurance.com/
199.34.228.79301 Moved Permanently 378 B URL HTTP/1.1 www.desmondinsurance.com/
IP 199.34.228.79:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a12cb2cd02a7af04a84a18fd8ccf1620
1531fed7f50eaa710ac6a4a83990674a713227e0
c2fab158cd1e2c04906796efbdd26db7aff368b48de944bbf5c6c3dbdab53ca5
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 09 Nov 2022 13:55:51 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=www.desmondinsurance.com
Vary: X-W-SSL,User-Agent
Location: https://www.desmondinsurance.com/
X-Host: grn21.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 378
Keep-Alive: timeout=10, max=56
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c59d06092401e375df491b06ee8e6dbc
2e27b8ff7c08a5349e27969bc2a08e5e19d0c1da
23ee4ab633fcf67dc5d4d1931450e365cec8d436ef1f9ba5f46b6bab974724c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4962
Cache-Control: max-age=160419
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 13:55:52 GMT
Etag: "636b6da9-1d7"
Expires: Fri, 11 Nov 2022 10:29:31 GMT
Last-Modified: Wed, 09 Nov 2022 09:06:49 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6775cfec6209b1ea149fe3a9f21a9445
91e87ac693d638abc6cf997ecb0b596a888e4f1e
4f6f2a28c1c4cbe40839ad8254677cc8e9a44c24d72295c8c39190a2922a5ead
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F6F2A28C1C4CBE40839AD8254677CC8E9A44C24D72295C8C39190A2922A5EAD"
Last-Modified: Wed, 09 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21575
Expires: Wed, 09 Nov 2022 19:55:27 GMT
Date: Wed, 09 Nov 2022 13:55:52 GMT
Connection: keep-alive
push.services.mozilla.com/
34.217.237.91101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.217.237.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iec0MblPqoEOB2Uph2/YQw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OABl1AXzXK4anVvyc/481Fo0qvM=
www.desmondinsurance.com/
199.34.228.79200 OK 16 kB URL HTTP/1.1 www.desmondinsurance.com/
IP 199.34.228.79:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1350)
Hash 91d00f340bcf3125909171b6e4c15734
21239d57a7c8a2420150c97cc5ecd3565a009fa6
ecd0e62af457c98ce3fd9208f544d1434d42bd987b203ae1ffcd2175450280b3
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 13:55:52 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.desmondinsurance.com
language=en; expires=Wed, 23-Nov-2022 13:55:52 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"d623ea7b57e0ab7cb6ed1ad09da72d3d-gzip"
Content-Encoding: gzip
X-Host: grn107.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 16039
Keep-Alive: timeout=10, max=72
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cdn2.editmysite.com/css/social-icons.css?buildtime=1666376981
151.101.85.46200 OK 1.6 kB URL HTTP/2 cdn2.editmysite.com/css/social-icons.css?buildtime=1666376981
IP 151.101.85.46:0
File type ASCII text, with very long lines (13080)
Hash ac8255fd3aff763f633de26aa635b291
9717c2a03ffe5a9662f8f4e834501160dea56f14
1450f9388d143d7f975c263e9c9728d99cdd07782439dffc564089ee02a74b31
GET /css/social-icons.css?buildtime=1666376981 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 28 Oct 2022 22:29:06 GMT
etag: W/"635c57b2-3319"
expires: Tue, 15 Nov 2022 09:31:27 GMT
cache-control: max-age=1209600
x-host: grn122.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 09 Nov 2022 13:55:52 GMT
age: 707066
x-served-by: cache-sjc10044-SJC, cache-bma1651-BMA
x-cache: HIT, HIT
x-cache-hits: 2687, 1
x-timer: S1668002153.939201,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1640
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/jquery-1.8.3.min.js
151.101.85.46200 OK 34 kB URL HTTP/2 cdn2.editmysite.com/js/jquery-1.8.3.min.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (65483)
Hash 67a5a77f65f13559b3d723829f2e0108
5e861ec7c2993abffc3591d6132c47bc7cdc3e98
ac4ffabaed7382810a3829d812e1a45c77984a1dbfaf7d172c8bc19b3cf68ca6
GET /js/jquery-1.8.3.min.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Tue, 01 Nov 2022 16:19:10 GMT
etag: "636146fe-16dc4"
expires: Tue, 15 Nov 2022 23:08:13 GMT
cache-control: max-age=1209600
x-host: blu148.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 09 Nov 2022 13:55:52 GMT
age: 658059
x-served-by: cache-sjc10038-SJC, cache-bma1651-BMA
x-cache: HIT, HIT
x-cache-hits: 80, 3847
x-timer: S1668002153.939735,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33467
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1666376981&
151.101.85.46200 OK 33 kB URL HTTP/2 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1666376981&
IP 151.101.85.46:0
File type ASCII text, with very long lines (65024)
Hash 47ecd46fdd9dc84622ce1294541d92ef
7aeda09a697e41f88f4cbad0843d94bb3fdb7a50
ec251328b1cb905ffb368b273ab84ca8cf4f451218ed3412024ab56b48d0fbd0
GET /js/lang/en/stl.js?buildTime=1666376981& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 00:26:34 GMT
etag: "63630aba-2c1b7"
expires: Thu, 17 Nov 2022 14:02:55 GMT
cache-control: max-age=1209600
x-host: blu85.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 09 Nov 2022 13:55:52 GMT
age: 517978
x-served-by: cache-sjc10068-SJC, cache-bma1651-BMA
x-cache: HIT, HIT
x-cache-hits: 3508, 30
x-timer: S1668002153.939956,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32708
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/old/fancybox.css?1666376981
151.101.85.46200 OK 1.2 kB URL HTTP/2 cdn2.editmysite.com/css/old/fancybox.css?1666376981
IP 151.101.85.46:0
File type ASCII text, with very long lines (3910)
Hash b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
GET /css/old/fancybox.css?1666376981 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 18:50:13 GMT
etag: "63640d65-f47"
expires: Fri, 18 Nov 2022 18:33:01 GMT
cache-control: max-age=1209600
x-host: blu81.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 09 Nov 2022 13:55:52 GMT
age: 415371
x-served-by: cache-sjc10079-SJC, cache-bma1651-BMA
x-cache: HIT, HIT
x-cache-hits: 49, 1
x-timer: S1668002153.951150,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1218
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/sites.css?buildTime=1666376981
151.101.85.46200 OK 30 kB URL HTTP/2 cdn2.editmysite.com/css/sites.css?buildTime=1666376981
IP 151.101.85.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
GET /css/sites.css?buildTime=1666376981 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 18:50:07 GMT
etag: W/"63640d5f-347ac"
expires: Fri, 18 Nov 2022 18:31:51 GMT
cache-control: max-age=1209600
x-host: blu135.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 09 Nov 2022 13:55:52 GMT
age: 415441
x-served-by: cache-sjc10034-SJC, cache-bma1651-BMA
x-cache: HIT, HIT
x-cache-hits: 18, 1
x-timer: S1668002153.947266,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29746
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Montserrat/font.css?2
151.101.85.46200 OK 276 B URL HTTP/2 cdn2.editmysite.com/fonts/Montserrat/font.css?2
IP 151.101.85.46:0
Hash 559eefb63fcae2a3f85471dd3903016a
5e4a9f5b529f2f6d2ee1de511231f856e673066c
09110f0d179c52677e2caf24d4bad70e5d717acb2eff2887ac36dbc1d9583fae
GET /fonts/Montserrat/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Wed, 02 Nov 2022 21:12:12 GMT
etag: "6362dd2c-354"
expires: Thu, 17 Nov 2022 18:07:57 GMT
cache-control: max-age=1209600
x-host: blu92.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 09 Nov 2022 13:55:52 GMT
age: 503276
x-served-by: cache-sjc10070-SJC, cache-bma1651-BMA
x-cache: HIT, HIT
x-cache-hits: 43, 1575
x-timer: S1668002153.954090,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 276
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Oxygen/font.css?2
151.101.85.46200 OK 300 B URL HTTP/2 cdn2.editmysite.com/fonts/Oxygen/font.css?2
IP 151.101.85.46:0
Hash d3c0d97dc17b2ee024290947c6f71701
ac0e49c22fdb1bca33ef11e51de3c906d15a64ae
5230984dfc2031040d2f6e821e2b9f777b80a64dbb207a0d57bd556b521d2331
GET /fonts/Oxygen/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 24 Oct 2022 20:02:15 GMT
etag: "6356ef47-4f0"
expires: Thu, 10 Nov 2022 09:35:56 GMT
cache-control: max-age=1209600
x-host: grn141.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 09 Nov 2022 13:55:52 GMT
age: 1138796
x-served-by: cache-sjc10021-SJC, cache-bma1651-BMA
x-cache: HIT, HIT
x-cache-hits: 5688, 1
x-timer: S1668002153.962191,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 300
X-Firefox-Spdy: h2
www.desmondinsurance.com/files/main_style.css?1666619705
199.34.228.79200 OK 6.0 kB URL HTTP/1.1 www.desmondinsurance.com/files/main_style.css?1666619705
IP 199.34.228.79:0
File type ASCII text, with very long lines (850)
Hash a93fb4be1c0b0568b34eaedf18b51166
d0a5cdd35eef69640be727a7a714b840b79454a0
4d62b992ec13c0d037dd1adc5dde861664e602d3dde582a12cf46d49a94c3123
Analyzer Verdict Alert fortinet Phishing
GET /files/main_style.css?1666619705 HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:52 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn110.sf2p.intern.weebly.net
Content-Encoding: gzip
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.21.226:0
Hash a97682cff9b9c998a42199441d916735
7eceabd0f22e91b370095ff7d0b2a245f1f1f319
12dc64282cc7b51f4503728f35b8705f3393a018460ffdae5e391a8dba6e3ecb
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 13:55:53 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "315EEDE235FBC0E337623FFB3FFEBF1F8961AC85"
Expires: Thu, 10 Nov 2022 01:00:00 GMT
Last-Modified: Wed, 09 Nov 2022 13:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 540
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76770c70c9110b59-OSL
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3b26e900b9be930a07101e0d5f5de579
fc84082e3eef2e000f255f1cbd4cf45b694a2118
1dff9aae4984871070d193b60d41548a8a816f0ba20839d41d6e73a08e548afe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 13:55:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116325 bytes)
Hash ff4671f71c958029bbf6d9694284da70
7535744f2dbaf99902a54fc529e760b08a73f265
123f781673b2e45e18df36b64984674f489a5f3541c69e295f01f554b8d3c738
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116325
date: Wed, 09 Nov 2022 13:55:53 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-109125885-11
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-109125885-11
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash de1a0f7cec201d4b0e087d95595c546a
05e851d5087374e4db4ce13115130d805277da13
97f1687319c1034f97417052872a2c99acdf0e3a83a1f93912b6f2701194e13e
GET /gtag/js?id=UA-109125885-11 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 09 Nov 2022 13:55:53 GMT
expires: Wed, 09 Nov 2022 13:55:53 GMT
cache-control: private, max-age=900
last-modified: Wed, 09 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43561
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3b26e900b9be930a07101e0d5f5de579
fc84082e3eef2e000f255f1cbd4cf45b694a2118
1dff9aae4984871070d193b60d41548a8a816f0ba20839d41d6e73a08e548afe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 13:55:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.desmondinsurance.com/files/theme/mobile.js?1509381796
199.34.228.79200 OK 3.1 kB URL HTTP/1.1 www.desmondinsurance.com/files/theme/mobile.js?1509381796
IP 199.34.228.79:0
Hash e40ff88ad90d55d689bab21f4f9a3fcc
192d3dcd1f0b21e463119af538ab865a3aef4e31
f18f7ffce8a69a63c008a209cd796a013f42a6785d91f92789058297ed87c55f
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/mobile.js?1509381796 HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 13 Dec 2020 04:31:48 GMT
x-rgw-object-type: Normal
ETag: W/"6f81cbd9f6b4376c27c4cf99f685da19"
x-amz-request-id: tx000000000000001c8daab-0062848e54-b9fbc64-sfo1
X-Storage-Bucket: z3a01
X-Storage-Object: 3a01a626ae8f90c3e5ccc1ff570a42f7431c0a636c21751f5bd99d54151e66c3
X-Host: grn133.sf2p.intern.weebly.net
Content-Encoding: gzip
www.desmondinsurance.com/files/templateArtifacts.js?1666619705
199.34.228.79200 OK 1.6 kB URL HTTP/1.1 www.desmondinsurance.com/files/templateArtifacts.js?1666619705
IP 199.34.228.79:0
File type exported SGML document, ASCII text, with very long lines (1630)
Hash e0836e8203c22b8e4086f27e91e86f5a
28235e77f5a895c8cd411aff4a6ef4e6f7d419c2
32dbc4a2eeca39a57d35670f00e2cf59e03c279521e47506c56c5c36d8b664b6
Analyzer Verdict Alert fortinet Phishing
GET /files/templateArtifacts.js?1666619705 HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:53 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu123.sf2p.intern.weebly.net
Content-Encoding: gzip
www.desmondinsurance.com/files/theme/custom.js?1509381796
199.34.228.79200 OK 3.4 kB URL HTTP/1.1 www.desmondinsurance.com/files/theme/custom.js?1509381796
IP 199.34.228.79:0
Hash c4f42d70ba60fd9c54a3c69cc67a0e09
586c4e2713a4d1f492e82590fd84be06cddff523
7a0e8e02cc5e369756ad45a31321144e9dc707796476d32616caf6c5f76e35dc
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/custom.js?1509381796 HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:53 GMT
Content-Type: application/javascript
Content-Length: 3417
Connection: keep-alive
Last-Modified: Sat, 17 Jul 2021 22:29:27 GMT
x-rgw-object-type: Normal
ETag: "c4f42d70ba60fd9c54a3c69cc67a0e09"
x-amz-request-id: tx0000000000000011baa1d-0061a7607d-a9f6a62-sfo1
X-Storage-Bucket: z7a0e
X-Storage-Object: 7a0e8e02cc5e369756ad45a31321144e9dc707796476d32616caf6c5f76e35dc
X-Host: blu76.sf2p.intern.weebly.net
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16917
Expires: Wed, 09 Nov 2022 18:37:50 GMT
Date: Wed, 09 Nov 2022 13:55:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16917
Expires: Wed, 09 Nov 2022 18:37:50 GMT
Date: Wed, 09 Nov 2022 13:55:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29429581f8dc762c69c5916009f70080
9265cae98aa663a5498925b70079abdd8e7031fd
c3deee74c80905a1e92b84868b9987cb30ad7a210dca066b97c325cc2c83872e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9313
x-amzn-requestid: be3f6b0f-cf61-4bec-ad1a-87abdbc45d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTwF5AoAMFZAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-5ca45b5b1065a4ea492f2ac6;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9lVY7YgQQ0FAP3ItgCSWePY0Msd4RIyBz4eNPc-K51BtnWUjOObv6g==
via: 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:31 GMT
etag: "9265cae98aa663a5498925b70079abdd8e7031fd"
content-type: image/jpeg
age: 58342
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F609c6c88-4535-488a-8bf4-de0e93b9ae31.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F609c6c88-4535-488a-8bf4-de0e93b9ae31.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86ec3f22045de1a100eccf27d91593ae
e26769d82108f89057b05096061f1276d34e223a
b863d19ab12945922b4d014c517f5ffe349cefe2bbe1c2f16661371f22378cbd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F609c6c88-4535-488a-8bf4-de0e93b9ae31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10822
x-amzn-requestid: 730ec36d-2d1d-4a0f-90c8-dd819811bdd1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bM39VEZkIAMF7lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636839ee-6e75e34c64d489ca25765e67;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 22:49:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: R2JUiJdMAsIbCHDmMMHyN0sKaVBZMDRh2WOfBPUWZpnMBVOcI40Y3w==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 11:14:53 GMT
age: 9660
etag: "e26769d82108f89057b05096061f1276d34e223a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1666376981
151.101.85.46200 OK 10 kB URL HTTP/2 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1666376981
IP 151.101.85.46:0
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /js/site/main-customer-accounts-site.js?buildTime=1666376981 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 18:50:30 GMT
etag: "63640d76-8250f"
expires: Mon, 21 Nov 2022 13:33:49 GMT
cache-control: max-age=1209600
x-host: blu145.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 09 Nov 2022 13:55:52 GMT
age: 174123
x-served-by: cache-sjc10041-SJC, cache-bma1651-BMA
x-cache: HIT, HIT
x-cache-hits: 1649, 1
x-timer: S1668002153.945660,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 158930
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c69b19d2273c3ade32fd0797921c0459
8cafda5659f5b36c855a2bbcaeb03aa715ddeebd
d78b92e1175207b1179c85f9490f937e1647aeae3fe95cf8b3dc336db232945e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8154
x-amzn-requestid: 1d9d6e13-69a4-473d-af4b-ef3d4382f3ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTU2EyZoAMF94w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc1e-0dec203434f42df01d9a1182;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5sq7XRYInS334VVDEtCJNlf_O9FTHn2G4u-WAIygFZ-SALN0flMwew==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:02:14 GMT
age: 57219
etag: "8cafda5659f5b36c855a2bbcaeb03aa715ddeebd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39446652ee66d20bd73df20f1a29589c
349ea78f3ad0f2f7376ba22e417226b2e06806d7
655a00944a319ba167e99b43055044cb18bc48d53605ff0d1b6c8b1ba8ee8237
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4737
x-amzn-requestid: ad230e08-9f4e-46cf-9a86-f8e013a1c498
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQBFkEhLIAMFq_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697bbd-7e8b686a23a84c5d473c9ef5;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:42:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FoOPmZEjC6nhw801dgqENVL-9-aC0pyFAF-fMS57XzQyfxck2GGUvA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:49:16 GMT
age: 57997
etag: "349ea78f3ad0f2f7376ba22e417226b2e06806d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84109408-bbc7-4166-8974-df4b4fbbf1c1.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84109408-bbc7-4166-8974-df4b4fbbf1c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11ef1d34ac2d42662fe53fc58c882fdf
16f1e048895ed1ee0c0c071e3939e741113e4969
61c42bae12654cf9bd1e7ca0f616164ff4139dc470fb6c1033176374444d6bda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84109408-bbc7-4166-8974-df4b4fbbf1c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6272
x-amzn-requestid: 7287a2fe-853d-497f-a63e-1d521dd5326e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bG3dSGEIIAMF7Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365d2bb-4c6803ad2d4ea46e68abd386;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 03:04:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HorGiakcVRB2pttVHMwYarPgVp3mK2Fk1uf5dagcCPOWw184ZD4A8A==
via: 1.1 6a6653dfb47ccc5082f2a5b9d0d168ce.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 09:37:53 GMT
age: 15480
etag: "16f1e048895ed1ee0c0c071e3939e741113e4969"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.desmondinsurance.com/uploads/1/1/3/9/113931905/editor/iiaba.png?1509372540
199.34.228.79200 OK 5.2 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/editor/iiaba.png?1509372540
IP 199.34.228.79:0
File type PNG image data, 127 x 99, 8-bit/color RGBA, non-interlaced\012- data
Hash 61aeac1898558ecb028552853d71a17d
4427ec20e227ea009e5b3c9fa4e1322be02c5722
0a8f725e5d63bffa71ca5801a0f0a31e4b539029b2251e3bc11c128c719b95b6
Analyzer Verdict Alert fortinet Phishing
GET /uploads/1/1/3/9/113931905/editor/iiaba.png?1509372540 HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:53 GMT
Content-Type: image/png
Content-Length: 5155
Connection: keep-alive
Last-Modified: Mon, 08 Oct 2018 16:53:28 GMT
x-rgw-object-type: Normal
ETag: "61aeac1898558ecb028552853d71a17d"
x-amz-request-id: tx0000000000000214e37b7-006357650d-c695612-sfo1
X-Storage-Bucket: z0a8f
X-Storage-Object: 0a8f725e5d63bffa71ca5801a0f0a31e4b539029b2251e3bc11c128c719b95b6
X-Host: blu111.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.desmondinsurance.com/uploads/1/1/3/9/113931905/iiak_orig.png
199.34.228.79200 OK 5.0 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/iiak_orig.png
IP 199.34.228.79:0
File type PNG image data, 264 x 73, 8-bit colormap, non-interlaced\012- data
Hash 6dd1179f3cdb5caf2f45b61a3992fb14
4ffc2a70a463a0d08df234ab1700904262cb1fe3
fcfaf5cd6cb06e82ab6cc4dc0746087f33d08b4ad863a1361e6e372bffcfa0ce
GET /uploads/1/1/3/9/113931905/iiak_orig.png HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:53 GMT
Content-Type: image/png
Content-Length: 5022
Connection: keep-alive
Last-Modified: Mon, 08 Oct 2018 16:49:17 GMT
x-rgw-object-type: Normal
ETag: "6dd1179f3cdb5caf2f45b61a3992fb14"
x-amz-request-id: tx0000000000000221b22f2-00635912c2-c669cc6-sfo1
X-Storage-Bucket: zfcfa
X-Storage-Object: fcfaf5cd6cb06e82ab6cc4dc0746087f33d08b4ad863a1361e6e372bffcfa0ce
X-Host: blu28.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.desmondinsurance.com/files/theme/plugins.js
199.34.228.79200 OK 19 kB URL HTTP/1.1 www.desmondinsurance.com/files/theme/plugins.js
IP 199.34.228.79:0
Hash 80b977ddf918a1ff63f2350225772ca6
6fbc6b952295c565f67ea251eeb7a4c0cccd1c6a
ca0e7374161e8f72ba8d049e4392e8785c6038763b1cba40726d15a87557d38d
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/plugins.js HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 02 Apr 2022 08:42:51 GMT
x-rgw-object-type: Normal
ETag: W/"4cf5477130f7311a5f0af1ecaf425ee4"
x-amz-request-id: tx000000000000001ba6869-006284804f-b9fbc64-sfo1
X-Storage-Bucket: zb83c
X-Storage-Object: b83c1bdb86ae601a4a54799c364306dd922e98d5fddc177d404611bf1a2706f3
X-Host: blu69.sf2p.intern.weebly.net
Content-Encoding: gzip
www.desmondinsurance.com/uploads/1/1/3/9/113931905/8345463_2.jpg
199.34.228.79200 OK 12 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/8345463_2.jpg
IP 199.34.228.79:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x287, components 3\012- data
Hash 2c0b03b4be65d24196c025b174ac0224
5df08617ee9b8d1b58eece2a3c5d328c018106b1
23b80991a4d7de95cfb9ef99dab821fea0c74ccd3da8c4f626559580c70caba4
GET /uploads/1/1/3/9/113931905/8345463_2.jpg HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:53 GMT
Content-Type: image/jpeg
Content-Length: 12273
Connection: keep-alive
Last-Modified: Wed, 02 Jan 2019 16:06:39 GMT
x-rgw-object-type: Normal
ETag: "2c0b03b4be65d24196c025b174ac0224"
x-amz-request-id: tx000000000000014f44d67-00634411c8-c67eadd-sfo1
X-Storage-Bucket: z23b8
X-Storage-Object: 23b80991a4d7de95cfb9ef99dab821fea0c74ccd3da8c4f626559580c70caba4
X-Host: grn110.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.desmondinsurance.com/uploads/1/1/3/9/113931905/desmond-logo-revised.jpg
199.34.228.79200 OK 14 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/desmond-logo-revised.jpg
IP 199.34.228.79:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 439x100, components 3\012- data
Hash d6683c0302462dfa84c5a51527a0cbbd
720d090f16818e171babf7c9ef7ecbd2f779dad6
3cef59490999b9f9a56a93013a1a32699d79f6a34993b63616cc1a731c906a7e
GET /uploads/1/1/3/9/113931905/desmond-logo-revised.jpg HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:53 GMT
Content-Type: image/jpeg
Content-Length: 14253
Connection: keep-alive
Last-Modified: Mon, 08 Oct 2018 16:49:23 GMT
x-rgw-object-type: Normal
ETag: "d6683c0302462dfa84c5a51527a0cbbd"
x-amz-request-id: tx00000000000000204a006-006284cc30-b9fbc64-sfo1
X-Storage-Bucket: z3cef
X-Storage-Object: 3cef59490999b9f9a56a93013a1a32699d79f6a34993b63616cc1a731c906a7e
X-Host: blu48.sf2p.intern.weebly.net
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dee3039809fc2026852697eaa005560c
f4f6b76cf09e0a9e756ab6b9b8be26cb6e15b2c7
8091750102499bbd5d92ea3e89cf364e833df30e186963d67a0d66a13751ef8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 13:55:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.desmondinsurance.com/uploads/1/1/3/9/113931905/bbb_1_orig.png
199.34.228.79200 OK 29 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/bbb_1_orig.png
IP 199.34.228.79:0
File type PNG image data, 640 x 242, 8-bit gray+alpha, non-interlaced\012- data
Hash 0f3168048af639b070360f3e79aa6f0c
afeddce8f46caa2958060f86c2a7cc4c1f48fba4
78f5f0de52c8c5cc0edf9fcf8b59dd92d796194b75337568d3409344670b4769
GET /uploads/1/1/3/9/113931905/bbb_1_orig.png HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:53 GMT
Content-Type: image/png
Content-Length: 28648
Connection: keep-alive
Last-Modified: Mon, 08 Oct 2018 16:48:57 GMT
x-rgw-object-type: Normal
ETag: "0f3168048af639b070360f3e79aa6f0c"
x-amz-request-id: tx000000000000020861093-006357eeba-c67eadd-sfo1
X-Storage-Bucket: z78f5
X-Storage-Object: 78f5f0de52c8c5cc0edf9fcf8b59dd92d796194b75337568d3409344670b4769
X-Host: blu90.sf2p.intern.weebly.net
Accept-Ranges: bytes
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Wed, 09 Nov 2022 13:55:54 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
www.desmondinsurance.com/uploads/1/1/3/9/113931905/bus2_orig.png
199.34.228.79200 OK 2.8 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/bus2_orig.png
IP 199.34.228.79:0
File type PNG image data, 172 x 144, 8-bit colormap, non-interlaced\012- data
Hash 49a7f640a79be07093be095935e5afd6
0ae3959fa3ce6ed07e377fb94b3a74c4358304cb
3c8fef862b5e5372774e5522ae16522f30138a9bbd9d9176420c4a62d04101c1
GET /uploads/1/1/3/9/113931905/bus2_orig.png HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:54 GMT
Content-Type: image/png
Content-Length: 2765
Connection: keep-alive
Last-Modified: Mon, 29 Oct 2018 21:01:31 GMT
x-rgw-object-type: Normal
ETag: "49a7f640a79be07093be095935e5afd6"
x-amz-request-id: tx00000000000000d03a620-006295045d-b9fbc77-sfo1
X-Storage-Bucket: z3c8f
X-Storage-Object: 3c8fef862b5e5372774e5522ae16522f30138a9bbd9d9176420c4a62d04101c1
X-Host: grn66.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.desmondinsurance.com/uploads/1/1/3/9/113931905/background-images/22446426.jpg
199.34.228.79200 OK 8.8 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/background-images/22446426.jpg
IP 199.34.228.79:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1152x648, components 3\012- data
Hash 26ddfedbc48db2ea564d465ee46c63b1
bf5286079b1382fa6dabb39058ce0bb5ad5d97af
59f0d7dd86d16c3e36cc0926a2217a062751bfbf8cb69700b36b253499dd9bec
GET /uploads/1/1/3/9/113931905/background-images/22446426.jpg HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:54 GMT
Content-Type: image/jpeg
Content-Length: 8769
Connection: keep-alive
Last-Modified: Mon, 08 Oct 2018 16:51:34 GMT
x-rgw-object-type: Normal
ETag: "26ddfedbc48db2ea564d465ee46c63b1"
x-amz-request-id: tx00000000000002c65dbb3-00636b320d-c67eadd-sfo1
X-Storage-Bucket: z59f0
X-Storage-Object: 59f0d7dd86d16c3e36cc0926a2217a062751bfbf8cb69700b36b253499dd9bec
X-Host: grn79.sf2p.intern.weebly.net
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 66fde01bec5f0fbe674692ca9f16c958
c6d61e93e8cb222b7fa1a8edbcde20f4f95cb067
b750530cd3f9d9d16a572e89fab5d581567fd0d0e17fa8bcfc5f222ce2bd04e1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6571
Cache-Control: max-age=87514
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 13:55:54 GMT
Etag: "636a4a99-1d7"
Expires: Thu, 10 Nov 2022 14:14:28 GMT
Last-Modified: Tue, 08 Nov 2022 12:24:57 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3096.0453364614095!2d-84.4871726846435!3d39.10543797953901!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xc445bfb6589dacd8!2sDesmond+Insurance!5e0!3m2!1sen!2sph!4v1543918593111
142.250.74.164200 OK 1.7 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3096.0453364614095!2d-84.4871726846435!3d39.10543797953901!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xc445bfb6589dacd8!2sDesmond+Insurance!5e0!3m2!1sen!2sph!4v1543918593111
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3363)
Hash f38ddbd5eb873d86131c2f8e5c8b2d4a
58f235553aa2a097e9eb8a904ab02db48fc17aa9
ceee39ab027dd782d7e88bc9a4e88c9029fa03646101d3817f5a54347ca71fe5
GET /maps/embed?pb=!1m18!1m12!1m3!1d3096.0453364614095!2d-84.4871726846435!3d39.10543797953901!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xc445bfb6589dacd8!2sDesmond+Insurance!5e0!3m2!1sen!2sph!4v1543918593111 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Wed, 09 Nov 2022 13:55:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-1VpqgcaUVKDQ7I4x1okD2w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1681
x-xss-protection: 0
server-timing: gfet4t7; dur=162
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?_=1668002150747
142.250.74.164200 OK 555 B URL HTTP/2 www.google.com/recaptcha/api.js?_=1668002150747
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash d28d984f39b355bcd90fe9981627ebe8
d88dfa6c97c64015900132845da36b028c90f98d
4b4f811bbc74311f8f6ae9180029819d9673200d06045fd58a11164bfdac5560
GET /recaptcha/api.js?_=1668002150747 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Wed, 09 Nov 2022 13:55:54 GMT
date: Wed, 09 Nov 2022 13:55:54 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 5c4c9c21e826ed9dd1520ac96dea393c
106bc7d84ae02a77a4006f2cae1cf7b5093d36c0
1201a34924da1af919077623ac06926d89f890b33b843d30e1e129fee007783f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 13:55:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 09ff1a4ea435f4f77edbb4cadba037fe
df058b912347a1cbed7d705193e419842776347a
61545e665f77e9e58aa1e11ba746f9cbca04d10680ac8cda1cb75de716844f37
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=146104
Date: Wed, 09 Nov 2022 13:55:54 GMT
Etag: "636b4922-1d7"
Expires: Fri, 11 Nov 2022 06:30:58 GMT
Last-Modified: Wed, 09 Nov 2022 06:30:58 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZYr5K1psQwGeYeLgh9_onOeyLGaxmT_YbW1ykO44M2T0dTAAb5k-_w==
platform.reviewmgr.com/widgets.js
54.230.111.26200 OK 9.7 kB URL HTTP/1.1 platform.reviewmgr.com/widgets.js
IP 54.230.111.26:0
File type Unicode text, UTF-8 text, with very long lines (10162)
Hash 5f0f50db205fbca9b542758b10a6df89
e45296319d24fd24e315bec8cd04426156018f04
11536ce83edb8aeb294c786ce0c0653bec0a136e7f292619aec9dba1031db203
GET /widgets.js HTTP/1.1
Host: platform.reviewmgr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 9670
Connection: keep-alive
Date: Wed, 09 Nov 2022 13:31:07 GMT
Last-Modified: Wed, 09 Nov 2022 13:30:53 GMT
ETag: "5f0f50db205fbca9b542758b10a6df89"
Cache-Control: max-age=3600
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sBAt9EsHxewDHjKwQl6aJctoHm7xbeZPw7NQflkQEx-cDZnlkXQF0w==
Age: 1488
www.desmondinsurance.com/uploads/1/1/3/9/113931905/auto_orig.png
199.34.228.79200 OK 2.7 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/auto_orig.png
IP 199.34.228.79:0
File type PNG image data, 172 x 144, 8-bit colormap, non-interlaced\012- data
Hash 40f86b75f27dcb6776ab0501893953e4
0ccb78a0a80e194bd3ac98b56a04c64f838ba746
8e823c1d52c42b894d545eec8554f2e021cdf5f9239527c12b8b36c720580e83
GET /uploads/1/1/3/9/113931905/auto_orig.png HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:54 GMT
Content-Type: image/png
Content-Length: 2671
Connection: keep-alive
Last-Modified: Fri, 07 Dec 2018 20:50:12 GMT
x-rgw-object-type: Normal
ETag: "40f86b75f27dcb6776ab0501893953e4"
x-amz-request-id: tx000000000000001f567d7-006284c223-b9fbc20-sfo1
X-Storage-Bucket: z8e82
X-Storage-Object: 8e823c1d52c42b894d545eec8554f2e021cdf5f9239527c12b8b36c720580e83
X-Host: blu111.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.desmondinsurance.com/uploads/1/1/3/9/113931905/home_orig.png
199.34.228.79200 OK 1.9 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/home_orig.png
IP 199.34.228.79:0
File type PNG image data, 172 x 144, 8-bit colormap, non-interlaced\012- data
Hash 6ff7f13d685a1d2377616b2af7552885
205ef23052bdae0a23fbcc2f4a755c9aec4b7b5e
f30c55d57a68832ff18cc5c1816c15dd60ac871f6b4eafa3877ebb846ec2c7f5
GET /uploads/1/1/3/9/113931905/home_orig.png HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:54 GMT
Content-Type: image/png
Content-Length: 1878
Connection: keep-alive
Last-Modified: Fri, 07 Dec 2018 20:50:12 GMT
x-rgw-object-type: Normal
ETag: "6ff7f13d685a1d2377616b2af7552885"
x-amz-request-id: tx000000000000001afbc29-0062847885-b9fbc7f-sfo1
X-Storage-Bucket: zf30c
X-Storage-Object: f30c55d57a68832ff18cc5c1816c15dd60ac871f6b4eafa3877ebb846ec2c7f5
X-Host: blu28.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.desmondinsurance.com/uploads/1/1/3/9/113931905/nfib_orig.png
199.34.228.79200 OK 1.9 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/nfib_orig.png
IP 199.34.228.79:0
File type PNG image data, 315 x 152, 8-bit colormap, non-interlaced\012- data
Hash fd457e22d581f39be9b5326972875de7
f9f9fc5d8217ca85edb4f9597d0f09c0799670b1
5559a46b30711be0c476f85dfc162101c8de13aa8ee37b9bffdbf2f41e8eea23
GET /uploads/1/1/3/9/113931905/nfib_orig.png HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:54 GMT
Content-Type: image/png
Content-Length: 1912
Connection: keep-alive
Last-Modified: Mon, 08 Oct 2018 16:48:31 GMT
x-rgw-object-type: Normal
ETag: "fd457e22d581f39be9b5326972875de7"
x-amz-request-id: tx000000000000022224f7c-00635934e7-c699baa-sfo1
X-Storage-Bucket: z5559
X-Storage-Object: 5559a46b30711be0c476f85dfc162101c8de13aa8ee37b9bffdbf2f41e8eea23
X-Host: blu90.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.desmondinsurance.com/uploads/1/1/3/9/113931905/background-images/1927159403.jpg
199.34.228.79200 OK 98 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/background-images/1927159403.jpg
IP 199.34.228.79:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2000x476, components 3\012- data
Hash 378df735ed2de3020f689256cdbb59ff
1fd8efb5ab8e9dd69525badf73896a1c443dafb7
a68d838348ca3c9e1cce14f04fd44678c879a6733d6175d81d3f7e7ed799f179
GET /uploads/1/1/3/9/113931905/background-images/1927159403.jpg HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:53 GMT
Content-Type: image/jpeg
Content-Length: 98264
Connection: keep-alive
Last-Modified: Mon, 08 Oct 2018 16:52:02 GMT
x-rgw-object-type: Normal
ETag: "378df735ed2de3020f689256cdbb59ff"
x-amz-request-id: tx00000000000002526cfd1-00635e9619-c699baa-sfo1
X-Storage-Bucket: za68d
X-Storage-Object: a68d838348ca3c9e1cce14f04fd44678c879a6733d6175d81d3f7e7ed799f179
X-Host: grn133.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.desmondinsurance.com/uploads/1/1/3/9/113931905/other_1_orig.png
199.34.228.79200 OK 1.8 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/other_1_orig.png
IP 199.34.228.79:0
File type PNG image data, 172 x 144, 8-bit colormap, non-interlaced\012- data
Hash 604b3436959f6746d33cebd37a73f321
2a977e0138e60815f9942559706471cc48d5739e
b99b250bb71ae42e64a9610fd3c9df3c77864eb2a1dbcddcefc7deada55e233a
GET /uploads/1/1/3/9/113931905/other_1_orig.png HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:54 GMT
Content-Type: image/png
Content-Length: 1768
Connection: keep-alive
Last-Modified: Fri, 30 Nov 2018 17:16:38 GMT
x-rgw-object-type: Normal
ETag: "604b3436959f6746d33cebd37a73f321"
x-amz-request-id: tx000000000000001e65ff7-006284b218-b9fbc20-sfo1
X-Storage-Bucket: zb99b
X-Storage-Object: b99b250bb71ae42e64a9610fd3c9df3c77864eb2a1dbcddcefc7deada55e233a
X-Host: grn110.sf2p.intern.weebly.net
Accept-Ranges: bytes
static.reviewmgr.com/assets/loading_84px_bgFFFFFF.gif?v=20160521
54.230.111.36200 OK 27 kB URL HTTP/1.1 static.reviewmgr.com/assets/loading_84px_bgFFFFFF.gif?v=20160521
IP 54.230.111.36:0
File type GIF image data, version 89a, 84 x 84\012- data
Hash 37f28050547e585f7484843697635734
426aad930f86657bc1e307d0b12b9b5f768e275d
1874a65faf037361ebbaf2e390b5c2f72e60331a30bae1b0a53f8d9399ca7d52
GET /assets/loading_84px_bgFFFFFF.gif?v=20160521 HTTP/1.1
Host: static.reviewmgr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 26582
Connection: keep-alive
Last-Modified: Tue, 01 Dec 2020 16:25:28 GMT
Via: 1.1 vegur, 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
CF-Cache-Status: HIT
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 766b1e635d72bbfb-FRA
Date: Tue, 08 Nov 2022 20:49:24 GMT
Cache-Control: public, max-age=86400
Expires: Wed, 09 Nov 2022 20:49:24 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YSSWaNc4VbJmLmw_uepmMA0bgXEx7hBPQhFXQ-Ym1k2AWMWR2eK4lw==
Age: 61590
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 4e48180712e2e140b9748591e3228a70
49d4292426ddfbc6e98cff6d468e3bdf1be41ff7
16ebf61312b22e0032171995a665bad4ea8c7fd80636fc04eb6456d0f60397ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 13:55:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.desmondinsurance.com/uploads/1/1/3/9/113931905/background-images/1497620583.jpg
199.34.228.79200 OK 111 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/background-images/1497620583.jpg
IP 199.34.228.79:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Mario Habenbacher], progressive, precision 8, 2280x1667, components 3\012- data
Size 111 kB (110704 bytes)
Hash f3a886f9ebc837200b09e7b333d26c55
4aceb9a8c6b35d609b6ed48740769ff6778c344d
5ad0382f5822ce4574fde5799c9cd8ab11c123ce21dd16a4b7e4893fe3f59197
GET /uploads/1/1/3/9/113931905/background-images/1497620583.jpg HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:54 GMT
Content-Type: image/jpeg
Content-Length: 110704
Connection: keep-alive
Last-Modified: Mon, 29 Oct 2018 14:16:12 GMT
x-rgw-object-type: Normal
ETag: "f3a886f9ebc837200b09e7b333d26c55"
x-amz-request-id: tx000000000000001d44ca6-006284a256-b9fbc77-sfo1
X-Storage-Bucket: z5ad0
X-Storage-Object: 5ad0382f5822ce4574fde5799c9cd8ab11c123ce21dd16a4b7e4893fe3f59197
X-Host: blu90.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.weebly.com/weebly/apps/generateMap.php?map=google&elementid=487597266147821972&ineditor=0&control=3&width=auto&height=150px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=7&long=-84.4849835&lat=39.10543759999999&domain=www&point=1&align=1&reseller=true
74.115.50.110302 Found 0 B URL HTTP/1.1 www.weebly.com/weebly/apps/generateMap.php?map=google&elementid=487597266147821972&ineditor=0&control=3&width=auto&height=150px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=7&long=-84.4849835&lat=39.10543759999999&domain=www&point=1&align=1&reseller=true
IP 74.115.50.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /weebly/apps/generateMap.php?map=google&elementid=487597266147821972&ineditor=0&control=3&width=auto&height=150px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=7&long=-84.4849835&lat=39.10543759999999&domain=www&point=1&align=1&reseller=true HTTP/1.1
Host: www.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 09 Nov 2022 13:55:54 GMT
Server: Apache
Location: https://www.editmysite.com/ajax/apps/generateMap.php?map=google&elementid=487597266147821972&ineditor=0&control=3&width=auto&height=150px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=7&long=-84.4849835&lat=39.10543759999999&domain=www&point=1&align=1&reseller=true
X-Host: blu56.sf2p.intern.weebly.net
Vary: User-Agent
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Keep-Alive: timeout=10, max=72
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
Set-Cookie: sto-id-editor=IIGLBNAK; Domain=weebly.com; Path=/
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US®ion=ph&callback=onApiLoad
142.250.74.138200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US®ion=ph&callback=onApiLoad
IP 142.250.74.138:0
File type ASCII text, with very long lines (2475)
Hash e7baa70e9f500edcedcd05987fbc27b7
137cd196c8d64d4f707408d870406a32529c3fc6
0c4236a93def90bf3fc2bbdabe0af6261c866db48d61aca5e7079654f98d457d
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US®ion=ph&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Wed, 09 Nov 2022 13:55:54 GMT
expires: Wed, 09 Nov 2022 14:25:54 GMT
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56284
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=15
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.desmondinsurance.com/uploads/1/1/3/9/113931905/____8760432.jpg
199.34.228.79200 OK 12 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/____8760432.jpg
IP 199.34.228.79:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x287, components 3\012- data
Hash 7064e1cadc0b94e3c2bfbc654ac73ab8
150625b3259eaf55d4863ac4c1fbc8373f761cad
5f9e3ab9c333de99304e465a57f47d284c702d22666be7bd1044b92f135fb31d
GET /uploads/1/1/3/9/113931905/____8760432.jpg HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:54 GMT
Content-Type: image/jpeg
Content-Length: 11856
Connection: keep-alive
Last-Modified: Mon, 29 Oct 2018 12:48:04 GMT
x-rgw-object-type: Normal
ETag: "7064e1cadc0b94e3c2bfbc654ac73ab8"
x-amz-request-id: tx0000000000000232bed88-00635c8a0d-c6aed46-sfo1
X-Storage-Bucket: z5f9e
X-Storage-Object: 5f9e3ab9c333de99304e465a57f47d284c702d22666be7bd1044b92f135fb31d
X-Host: grn133.sf2p.intern.weebly.net
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 4e48180712e2e140b9748591e3228a70
49d4292426ddfbc6e98cff6d468e3bdf1be41ff7
16ebf61312b22e0032171995a665bad4ea8c7fd80636fc04eb6456d0f60397ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 13:55:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.desmondinsurance.com/uploads/1/1/3/9/113931905/editor/18157492-10154298924546396-6660712458551094572-n_1.jpg?1646071388
199.34.228.79200 OK 22 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/editor/18157492-10154298924546396-6660712458551094572-n_1.jpg?1646071388
IP 199.34.228.79:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 294x294, components 3\012- data
Hash c8c9426bb65c33d7d95380f724de6027
d649adca681bb6f789ab7ddee02943bd0963327a
f091c2a6dba384ca28fc8ea55678137b276297a08bea63cff20cc6a019755580
Analyzer Verdict Alert fortinet Phishing
GET /uploads/1/1/3/9/113931905/editor/18157492-10154298924546396-6660712458551094572-n_1.jpg?1646071388 HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:54 GMT
Content-Type: image/jpeg
Content-Length: 22294
Connection: keep-alive
Last-Modified: Mon, 28 Feb 2022 18:03:08 GMT
x-rgw-object-type: Normal
ETag: "c8c9426bb65c33d7d95380f724de6027"
x-amz-request-id: tx000000000000015d7f70d-0063442f15-c696eea-sfo1
X-Storage-Bucket: zf091
X-Storage-Object: f091c2a6dba384ca28fc8ea55678137b276297a08bea63cff20cc6a019755580
X-Host: blu69.sf2p.intern.weebly.net
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 4dc4a177d25f666a9ba1cf6225354467
8975f2e5cc9cadc4a1e369da45471eb1f0830c5e
6c9e54a13abc265cac7bdee51c6fa49e5e7590fec7a1cc99096c384dabef31be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 13:55:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/maps-api-v3/embed/js/50/12a/init_embed.js
142.250.74.163200 OK 68 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/50/12a/init_embed.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (2669)
Hash 33fed333a55580b5c13fb891bf0e0343
7566dff90bb8035abcced956615eadbc6ebcf4a9
70386264b35cd6ef3b68f7e6c568197388d1140bb4e8e2cdd6d44fdfb0c00a2a
GET /maps-api-v3/embed/js/50/12a/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 68524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 18:26:33 GMT
expires: Tue, 07 Nov 2023 18:26:33 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 04 Nov 2022 20:13:38 GMT
content-type: text/javascript
age: 156561
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.desmondinsurance.com/uploads/1/1/3/9/113931905/tc-horizontal-logo-black-blue-2_orig.png
199.34.228.79200 OK 24 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/tc-horizontal-logo-black-blue-2_orig.png
IP 199.34.228.79:0
File type PNG image data, 1100 x 463, 8-bit colormap, non-interlaced\012- data
Hash bde7d65b6ffc1333683f430c6fff8bca
5bce95cbb2870034d5c57ebbbaff67a94d9ae764
2fa97baf7ebd10b02347019eaaf2912b5205919341b9970be510f04c54e9ba97
GET /uploads/1/1/3/9/113931905/tc-horizontal-logo-black-blue-2_orig.png HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:54 GMT
Content-Type: image/png
Content-Length: 23948
Connection: keep-alive
Last-Modified: Sat, 09 Feb 2019 20:47:37 GMT
x-rgw-object-type: Normal
ETag: "bde7d65b6ffc1333683f430c6fff8bca"
x-amz-request-id: tx00000000000001c1ccb78-0063500d39-c67eadd-sfo1
X-Storage-Bucket: z2fa9
X-Storage-Object: 2fa97baf7ebd10b02347019eaaf2912b5205919341b9970be510f04c54e9ba97
X-Host: grn61.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.desmondinsurance.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
199.34.228.79200 OK 402 kB URL HTTP/1.1 www.desmondinsurance.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP 199.34.228.79:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 402 kB (401725 bytes)
Hash 53212a0e8520c79c5054b230eab8df58
32007865ceb76edcd150cecbd05c1393492e5fc8
f2f018611e1dbbce81346a9c3046de7c3e6cbad599cf0f8c3238d5e9c7171425
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://www.desmondinsurance.com
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en; __atuvc=1%7C45; __atuvs=636bb165aea06b89000; _snow_ses.adce=*; _snow_id.adce=69c4668f-f5a5-4ec9-b210-b40d421acf13.1668002151.1.1668002151.1668002151.008ce223-acf0-44e9-b2f8-5ad67929a161
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 13:55:54 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn66.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 4dc4a177d25f666a9ba1cf6225354467
8975f2e5cc9cadc4a1e369da45471eb1f0830c5e
6c9e54a13abc265cac7bdee51c6fa49e5e7590fec7a1cc99096c384dabef31be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 13:55:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.desmondinsurance.com/uploads/1/1/3/9/113931905/grange_7.png
199.34.228.79200 OK 37 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/grange_7.png
IP 199.34.228.79:0
File type PNG image data, 400 x 287, 8-bit/color RGB, non-interlaced\012- data
Hash 94fd08b24fe2f3a90ff7d01d8d19f124
147f37cbcd7d1512d33a040264407a4bed0ca4f1
04ab343916d0b2c53a2c979fabacc7143fab124b164aaa21ef5e73dff0773331
GET /uploads/1/1/3/9/113931905/grange_7.png HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:54 GMT
Content-Type: image/png
Content-Length: 37397
Connection: keep-alive
Last-Modified: Mon, 05 Nov 2018 14:13:21 GMT
x-rgw-object-type: Normal
ETag: "94fd08b24fe2f3a90ff7d01d8d19f124"
x-amz-request-id: tx0000000000000183ecdbd-0062a708de-b9fbc63-sfo1
X-Storage-Bucket: z04ab
X-Storage-Object: 04ab343916d0b2c53a2c979fabacc7143fab124b164aaa21ef5e73dff0773331
X-Host: blu72.sf2p.intern.weebly.net
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash ef48ee833c9a13036e5b84f00f9e7856
9997abe4a008ec6e6f785a2e5258a2642caaf791
3ccde4327fc997eac3e151c8cb5344edf2589e5a80033acaa74e296bd863f880
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=102396
Date: Wed, 09 Nov 2022 13:55:54 GMT
Etag: "636a9525-1d7"
Expires: Thu, 10 Nov 2022 18:22:30 GMT
Last-Modified: Tue, 08 Nov 2022 17:43:01 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wV2s9dFaHd2CBsIWLa2e3pI0NLGLI7vA4SykYsd-tBJs8-1ykc6PCg==
Age: 2369
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash ef48ee833c9a13036e5b84f00f9e7856
9997abe4a008ec6e6f785a2e5258a2642caaf791
3ccde4327fc997eac3e151c8cb5344edf2589e5a80033acaa74e296bd863f880
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=105163
Date: Wed, 09 Nov 2022 13:55:54 GMT
Etag: "636a9525-1d7"
Expires: Thu, 10 Nov 2022 19:08:37 GMT
Last-Modified: Tue, 08 Nov 2022 17:43:01 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3FRT47kZkNzbBQDO690VuiU9X71HmaLrp2vDn3l88qd2QRJTALqMZQ==
Age: 5136
www.desmondinsurance.com/uploads/1/1/3/9/113931905/editor/22491850-10154758242876396-8036577088807904014-n_1.jpeg?1509380158
199.34.228.79200 OK 81 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/editor/22491850-10154758242876396-8036577088807904014-n_1.jpeg?1509380158
IP 199.34.228.79:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 912x561, components 3\012- data
Hash a086bc9985cb40d6262c72482ea18a98
84f8616c848925fb7f74fab407cca0787292d995
18e7ccfb17d1a934831d6f69f1af683116fbe1c10afd9ce968351632793a2e36
GET /uploads/1/1/3/9/113931905/editor/22491850-10154758242876396-8036577088807904014-n_1.jpeg?1509380158 HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:54 GMT
Content-Type: image/jpeg
Content-Length: 80687
Connection: keep-alive
Last-Modified: Mon, 08 Oct 2018 16:53:31 GMT
x-rgw-object-type: Normal
ETag: "a086bc9985cb40d6262c72482ea18a98"
x-amz-request-id: tx00000000000001b3ccf95-00634d5c8e-c696eea-sfo1
X-Storage-Bucket: z18e7
X-Storage-Object: 18e7ccfb17d1a934831d6f69f1af683116fbe1c10afd9ce968351632793a2e36
X-Host: grn43.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.desmondinsurance.com/uploads/1/1/3/9/113931905/westfield-insurance_7.png
199.34.228.79200 OK 23 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/westfield-insurance_7.png
IP 199.34.228.79:0
File type PNG image data, 400 x 287, 8-bit/color RGB, non-interlaced\012- data
Hash bad2a2db0870ef969e9fa48985d68503
49b17ab3129d704e80ec877254cdd4bf0b511045
f597fc98b4ea2be1a2fca99638ca3f7ec1f85a352b528b1b54ffa858969197c0
GET /uploads/1/1/3/9/113931905/westfield-insurance_7.png HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:54 GMT
Content-Type: image/png
Content-Length: 22941
Connection: keep-alive
Last-Modified: Wed, 13 Mar 2019 14:51:17 GMT
x-rgw-object-type: Normal
ETag: "bad2a2db0870ef969e9fa48985d68503"
x-amz-request-id: tx000000000000020efab23-006357028d-c669cc6-sfo1
X-Storage-Bucket: zf597
X-Storage-Object: f597fc98b4ea2be1a2fca99638ca3f7ec1f85a352b528b1b54ffa858969197c0
X-Host: blu78.sf2p.intern.weebly.net
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9d11f715d650274f5b1fe3f7a55ef7ad
155dd6f3b1703d0c530e7cdcc6f654651f229983
ccf60b19181d6848d01a6f95a6fb76dd4f986f964755612ba563da2d6d5f3f6d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1422
Cache-Control: max-age=125532
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 13:55:54 GMT
Etag: "636af338-1d7"
Expires: Fri, 11 Nov 2022 00:48:06 GMT
Last-Modified: Wed, 09 Nov 2022 00:24:24 GMT
Server: ECS (amb/6BB5)
X-Cache: HIT
Content-Length: 471
www.desmondinsurance.com/uploads/1/1/3/9/113931905/8349062_2.jpg
199.34.228.79200 OK 9.2 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/8349062_2.jpg
IP 199.34.228.79:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x287, components 3\012- data
Hash 7387b305e93d301beccc08ca5f094429
c6cb92e8db83dd1b19dca937cdcb61d9006b051c
e52e06cb5e4ab0642d5a8a519fa466a59ab17879f08a5caf0be6bd9000ba1e32
GET /uploads/1/1/3/9/113931905/8349062_2.jpg HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:54 GMT
Content-Type: image/jpeg
Content-Length: 9237
Connection: keep-alive
Last-Modified: Mon, 19 Nov 2018 19:29:15 GMT
x-rgw-object-type: Normal
ETag: "7387b305e93d301beccc08ca5f094429"
x-amz-request-id: tx000000000000001ea0e11-006284b92d-b9fbc77-sfo1
X-Storage-Bucket: ze52e
X-Storage-Object: e52e06cb5e4ab0642d5a8a519fa466a59ab17879f08a5caf0be6bd9000ba1e32
X-Host: grn44.sf2p.intern.weebly.net
Accept-Ranges: bytes
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.desmondinsurance.com/
Origin: https://www.desmondinsurance.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 13:55:54 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.desmondinsurance.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
www.desmondinsurance.com/uploads/1/1/3/9/113931905/____7149097.jpg
199.34.228.79200 OK 18 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/____7149097.jpg
IP 199.34.228.79:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x287, components 3\012- data
Hash b10da8b5e7f261f0a562e641586ab212
a1d76a8a7b8fc60525f3d9c70a095c8d8669df1b
f69889c71d82be82e933d9d1949fcc4dac198954cbffcabc0a6c55881594d740
GET /uploads/1/1/3/9/113931905/____7149097.jpg HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:54 GMT
Content-Type: image/jpeg
Content-Length: 17525
Connection: keep-alive
Last-Modified: Mon, 29 Oct 2018 14:16:17 GMT
x-rgw-object-type: Normal
ETag: "b10da8b5e7f261f0a562e641586ab212"
x-amz-request-id: tx000000000000024ee07a3-00635e13a4-c699baa-sfo1
X-Storage-Bucket: zf698
X-Storage-Object: f69889c71d82be82e933d9d1949fcc4dac198954cbffcabc0a6c55881594d740
X-Host: grn79.sf2p.intern.weebly.net
Accept-Ranges: bytes
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1795
Origin: https://www.desmondinsurance.com
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 13:55:55 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=913dfd16-ab34-44b6-a224-d69a2a6be9da; Expires=Thu, 09 Nov 2023 13:55:55 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.desmondinsurance.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.editmysite.com/ajax/apps/generateMap.php?map=google&elementid=487597266147821972&ineditor=0&control=3&width=auto&height=150px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=7&long=-84.4849835&lat=39.10543759999999&domain=www&point=1&align=1&reseller=true
74.115.50.67200 OK 12 kB URL HTTP/1.1 www.editmysite.com/ajax/apps/generateMap.php?map=google&elementid=487597266147821972&ineditor=0&control=3&width=auto&height=150px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=7&long=-84.4849835&lat=39.10543759999999&domain=www&point=1&align=1&reseller=true
IP 74.115.50.67:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (827)
Hash d8171150705740a7652226f5f4fe37b2
2cb8ca49e2e6a897f31d2c791c380f23939d4220
225bd18d31c57737019f06122d8ab96316f6422aff11fc9cce2b9e20b23ca8a9
GET /ajax/apps/generateMap.php?map=google&elementid=487597266147821972&ineditor=0&control=3&width=auto&height=150px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=7&long=-84.4849835&lat=39.10543759999999&domain=www&point=1&align=1&reseller=true HTTP/1.1
Host: www.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.desmondinsurance.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 13:55:55 GMT
Server: Apache
X-Host: blu54.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 11573
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
Set-Cookie: sto-id-designer=PFGKBNAK; Domain=editmysite.com; Path=/
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=10403
date: Wed, 09 Nov 2022 13:55:55 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 69293b8c8a45196bb68c2fb4a573ee67
fbd418617bfbf280af580abf1d2698db8228d84b
bda77decf1a738ce7c86b23325d36faeff1878c643547c54dd62f182fc7ad5ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6292
Cache-Control: max-age=92241
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 13:55:55 GMT
Etag: "636a5e28-1d7"
Expires: Thu, 10 Nov 2022 15:33:16 GMT
Last-Modified: Tue, 08 Nov 2022 13:48:24 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
www.desmondinsurance.com/uploads/1/1/3/9/113931905/background-images/1185361933.png
199.34.228.79200 OK 100 kB URL HTTP/1.1 www.desmondinsurance.com/uploads/1/1/3/9/113931905/background-images/1185361933.png
IP 199.34.228.79:0
File type PNG image data, 1500 x 1500, 8-bit/color RGBA, non-interlaced\012- data
Size 100 kB (100307 bytes)
Hash 273515d0b5ae14df56faa20721f099ae
8095455812b7cddf24b0a9a393e48de3c2a245ff
6870731e6a46d18694a164a694b66914fa8cd26cf8719bc28fd7337e2f5c9eba
GET /uploads/1/1/3/9/113931905/background-images/1185361933.png HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:54 GMT
Content-Type: image/png
Content-Length: 100307
Connection: keep-alive
Last-Modified: Sat, 09 Feb 2019 15:23:28 GMT
x-rgw-object-type: Normal
ETag: "273515d0b5ae14df56faa20721f099ae"
x-amz-request-id: tx000000000000002c9ce71-0062c44ba8-c033918-sfo1
X-Storage-Bucket: z6870
X-Storage-Object: 6870731e6a46d18694a164a694b66914fa8cd26cf8719bc28fd7337e2f5c9eba
X-Host: grn79.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 09 Nov 2022 12:41:09 GMT
expires: Wed, 09 Nov 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 4486
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 0ac10debd3a9ea8147a26d045bb93e6e
ff45f3442508e8695f2303701682ebdb6e016464
5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: k5kf/qN5LKhyAwaa7lEd9NhsprJYZHo8I9ahQaMEwQO6rnCUi1SrVEdyPiIfa3h9or8opXgWU3fi64OJzXJ4nw==
priority: u=3,i
content-length: 27337
x-fb-trip-id: 1904183273
date: Wed, 09 Nov 2022 13:55:55 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300lo.json?si=636bb165b730cf1a&bkl=0&bl=1&pdt=1624&sid=636bb165b730cf1a&pub=ra-58135d76b95ae011&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.desmondinsurance.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=insurance%2Cinsurance%20quote%2Cinsurance%20company%2Cinsurance%20agency%2Cinsurance%20online%2Cinsurance%20quotes%2Cinsurance%20companies%2CInsurance%20brokers%2CInsurance%20rates&colc=1668002150723&jsl=33&uvs=636bb165aea06b89000&skipb=1&callback=addthis.cbs.jsonp__96526637615096940
23.38.200.123200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=636bb165b730cf1a&bkl=0&bl=1&pdt=1624&sid=636bb165b730cf1a&pub=ra-58135d76b95ae011&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.desmondinsurance.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=insurance%2Cinsurance%20quote%2Cinsurance%20company%2Cinsurance%20agency%2Cinsurance%20online%2Cinsurance%20quotes%2Cinsurance%20companies%2CInsurance%20brokers%2CInsurance%20rates&colc=1668002150723&jsl=33&uvs=636bb165aea06b89000&skipb=1&callback=addthis.cbs.jsonp__96526637615096940
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 0880ce42f59b381ea144206e68424a79
e51f172999846e28d31dae29ec8a0cd9c4d17351
7d89b8607386b2762db1f7c56104b7779161935c39c214682870c8075129f6ab
GET /live/red_lojson/300lo.json?si=636bb165b730cf1a&bkl=0&bl=1&pdt=1624&sid=636bb165b730cf1a&pub=ra-58135d76b95ae011&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.desmondinsurance.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=insurance%2Cinsurance%20quote%2Cinsurance%20company%2Cinsurance%20agency%2Cinsurance%20online%2Cinsurance%20quotes%2Cinsurance%20companies%2CInsurance%20brokers%2CInsurance%20rates&colc=1668002150723&jsl=33&uvs=636bb165aea06b89000&skipb=1&callback=addthis.cbs.jsonp__96526637615096940 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Wed, 09 Nov 2022 13:55:55 GMT
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-58135d76b95ae011/_ate.track.config_resp
23.38.200.123200 OK 1.3 kB URL HTTP/2 v1.addthisedge.com/live/boost/ra-58135d76b95ae011/_ate.track.config_resp
IP 23.38.200.123:0
File type ASCII text, with very long lines (7472), with no line terminators
Hash 12ddc2aae9c1680f769e880d9ec7547f
8bc66f67bed119fb8797910459db5d5c5da063b1
8ccd9f45b12e01996ecda13dba6f91cd2dd528ac39b92d0b8f507ca5136f5d48
GET /live/boost/ra-58135d76b95ae011/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 1322
etag: 1598352975--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=39, s-maxage=86400
date: Wed, 09 Nov 2022 13:55:55 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 69293b8c8a45196bb68c2fb4a573ee67
fbd418617bfbf280af580abf1d2698db8228d84b
bda77decf1a738ce7c86b23325d36faeff1878c643547c54dd62f182fc7ad5ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6292
Cache-Control: max-age=92241
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 13:55:55 GMT
Etag: "636a5e28-1d7"
Expires: Thu, 10 Nov 2022 15:33:16 GMT
Last-Modified: Tue, 08 Nov 2022 13:48:24 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
www.desmondinsurance.com/favicon.ico
199.34.228.79200 OK 17 kB URL HTTP/1.1 www.desmondinsurance.com/favicon.ico
IP 199.34.228.79:0
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash b30af94957eda312fc9c70a8844fed01
eaa3a8dd90e27c828234198f1e7218f3cad4fd58
306f8093f1e45a0db683e6c1204b0c4a48227d024be24a684f4d21b06d5c54da
GET /favicon.ico HTTP/1.1
Host: www.desmondinsurance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Cookie: is_mobile=0; language=en; __atuvc=1%7C45; __atuvs=636bb165aea06b89000; _snow_ses.adce=*; _snow_id.adce=69c4668f-f5a5-4ec9-b210-b40d421acf13.1668002151.1.1668002151.1668002151.008ce223-acf0-44e9-b2f8-5ad67929a161
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 13:55:55 GMT
Content-Type: image/x-icon
Content-Length: 16958
Connection: keep-alive
Last-Modified: Tue, 04 Dec 2018 11:03:12 GMT
x-rgw-object-type: Normal
ETag: "b30af94957eda312fc9c70a8844fed01"
x-amz-request-id: tx00000000000002a5809c9-006303c276-bfe36ba-sfo1
X-Storage-Bucket: z306f
X-Storage-Object: 306f8093f1e45a0db683e6c1204b0c4a48227d024be24a684f4d21b06d5c54da
X-Host: grn66.sf2p.intern.weebly.net
Accept-Ranges: bytes
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
23.38.200.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Wed, 09 Nov 2022 13:55:55 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=255291883270982&ev=PageView&dl=https%3A%2F%2Fwww.desmondinsurance.com%2F&rl=&if=false&ts=1668002152448&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668002152447.135719187&it=1668002152185&coo=false&rqm=GET
31.13.72.36200 OK 86 kB URL HTTP/2 www.facebook.com/tr/?id=255291883270982&ev=PageView&dl=https%3A%2F%2Fwww.desmondinsurance.com%2F&rl=&if=false&ts=1668002152448&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668002152447.135719187&it=1668002152185&coo=false&rqm=GET
IP 31.13.72.36:0
File type gzip compressed data, from Unix\012- data
Hash 4af4d63e5798aa5917cdeafa39b94604
ea7011e5946c505df0dd989caf556e3b0385ac86
ccd082e7d7d45768f5fe9de1186f4e052c2f72aae7d4b4b8463dbdb9d7a931c3
GET /tr/?id=255291883270982&ev=PageView&dl=https%3A%2F%2Fwww.desmondinsurance.com%2F&rl=&if=false&ts=1668002152448&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668002152447.135719187&it=1668002152185&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 09 Nov 2022 13:55:55 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 92d0819a4db903d9b5318b0d31db5347
0a264459ee6229d9eeb1e588dfad07e9a6317420
da9d1cf5950c95b83073442e30160fe593db558b8a2db80741aae80946f7e21e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=86704
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 13:55:56 GMT
Etag: "636a611c-118"
Expires: Thu, 10 Nov 2022 14:01:00 GMT
Last-Modified: Tue, 08 Nov 2022 14:01:00 GMT
Server: nginx
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 1.8 kB IP 142.250.74.35:0
File type gzip compressed data, max compression\012- data
Hash 0a85ef12ed0b7dd91bbd07d5ac15913d
ed2855f06eb16e7ba4cc4cad56eabd9c2b13a567
87373514cb2088df3cc41e653bd64159df6ac4e0d75535da93ab45711552a88e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 13:55:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 730 B IP 142.250.74.35:0
File type gzip compressed data, max compression\012- data
Hash 8525849fa802d70910ff36f759f02b55
a92a62b50beb799a9b908a2b2528717a691038c7
18f2f3c69957a44a4dac70665d80c53a5899aff55fcc78c750908bd664c38526
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 13:55:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 584508
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 14:07:32 GMT
expires: Thu, 02 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 604104
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.reviewouragency.com/button/desmondinsurance/?content=Review%20Us&xdm_e=https%3A%2F%2Fwww.desmondinsurance.com&xdm_c=default7323&xdm_p=1
104.16.207.155200 OK 12 kB URL HTTP/2 www.reviewouragency.com/button/desmondinsurance/?content=Review%20Us&xdm_e=https%3A%2F%2Fwww.desmondinsurance.com&xdm_c=default7323&xdm_p=1
IP 104.16.207.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (31086)
Hash bf6149b7913d41d9e94455e75f3e0b13
12200aca87bfda5df62cac190f80e0b314bde6e6
f9f057782ed3ba8955988810053658c93285c184f7fdf4040a17f7c9b9f23357
GET /button/desmondinsurance/?content=Review%20Us&xdm_e=https%3A%2F%2Fwww.desmondinsurance.com&xdm_c=default7323&xdm_p=1 HTTP/1.1
Host: www.reviewouragency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 13:55:56 GMT
content-type: text/html; charset=utf-8
x-frame-options: ALLOWALL
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: max-age=0, private, must-revalidate
set-cookie: ahoy_visitor=4f6f48b8-15d5-4e0e-b681-9f82fabe9618; domain=.reviewouragency.com; path=/; expires=Sat, 09 Nov 2024 13:55:56 GMT; Secure; SameSite=None
ahoy_visit=1918f33b-82f1-4e00-84fe-1c99e378dbd6; domain=.reviewouragency.com; path=/; expires=Wed, 09 Nov 2022 17:55:56 GMT; Secure; SameSite=None
ahoy_track=true; path=/; Secure; SameSite=None
x-request-id: 2228059a-01af-465e-ab12-aeec3cffb084
x-runtime: 0.049082
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76770c857b770b31-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
static.reviewmgr.com/assets/manifests/button.js
54.230.111.36200 OK 7.4 kB URL HTTP/1.1 static.reviewmgr.com/assets/manifests/button.js
IP 54.230.111.36:0
File type Unicode text, UTF-8 text, with very long lines (5609)
Hash 522fff072b331ae104186bb7d03dc021
d23277a00ffb4f2a143d5e0c75f2e6e611c0c1e3
02647fe5a97bf252dac0c6164ff166576225a07fb3f563e8ec2e63865356f3f2
GET /assets/manifests/button.js HTTP/1.1
Host: static.reviewmgr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.reviewouragency.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7361
Connection: keep-alive
Date: Tue, 08 Nov 2022 23:58:13 GMT
Last-Modified: Tue, 01 Dec 2020 16:25:28 GMT
Cache-Control: public, max-age=86400
Content-Encoding: gzip
Via: 1.1 vegur, 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
CF-Cache-Status: HIT
Expires: Wed, 09 Nov 2022 23:58:13 GMT
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 76724164eefa90c4-FRA
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wifcYr4KObLs7HfS9fw6KOpiXr_Cht-Pyml6GqdKI4YftPIFJIHcxQ==
Age: 58133
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.reviewouragency.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 05:42:51 GMT
expires: Fri, 03 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 547986
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.86.137200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.reviewouragency.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Nov 2022 13:55:57 GMT
via: 1.1 varnish
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 264
x-timer: S1668002158.695140,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 600068581e035a56fc6346d488e8f415
418e562a914c44e4ceed5e12e1104d0b9d962161
324677fc199235a95ed8883ec81bc5a2b2cefc989a42b2f38938b04d60b04fa5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 537
Cache-Control: max-age=117844
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 13:55:57 GMT
Etag: "636ad8a8-1d7"
Expires: Thu, 10 Nov 2022 22:40:01 GMT
Last-Modified: Tue, 08 Nov 2022 22:31:04 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
bam.nr-data.net/1/NRJS-e47fbe4d2e6a55d34f5?a=1046578875&v=1216.487a282&to=dgkMR0NfClgBFE5QF1wKBlZDHxZVAwMSHQBAEhZcXw%3D%3D&rst=1816&ck=1&ref=https://www.reviewouragency.com/button/desmondinsurance/&ap=48&be=1044&fe=1728&dc=1700&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1668002152503,%22n%22:0,%22f%22:0,%22dn%22:26,%22dne%22:194,%22c%22:194,%22s%22:197,%22ce%22:487,%22rq%22:487,%22rp%22:1031,%22rpe%22:1032,%22dl%22:1035,%22di%22:1699,%22ds%22:1699,%22de%22:1701,%22dc%22:1726,%22l%22:1726,%22le%22:1728%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
162.247.241.14200 OK 72 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-e47fbe4d2e6a55d34f5?a=1046578875&v=1216.487a282&to=dgkMR0NfClgBFE5QF1wKBlZDHxZVAwMSHQBAEhZcXw%3D%3D&rst=1816&ck=1&ref=https://www.reviewouragency.com/button/desmondinsurance/&ap=48&be=1044&fe=1728&dc=1700&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1668002152503,%22n%22:0,%22f%22:0,%22dn%22:26,%22dne%22:194,%22c%22:194,%22s%22:197,%22ce%22:487,%22rq%22:487,%22rp%22:1031,%22rpe%22:1032,%22dl%22:1035,%22di%22:1699,%22ds%22:1699,%22de%22:1701,%22dc%22:1726,%22l%22:1726,%22le%22:1728%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/NRJS-e47fbe4d2e6a55d34f5?a=1046578875&v=1216.487a282&to=dgkMR0NfClgBFE5QF1wKBlZDHxZVAwMSHQBAEhZcXw%3D%3D&rst=1816&ck=1&ref=https://www.reviewouragency.com/button/desmondinsurance/&ap=48&be=1044&fe=1728&dc=1700&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1668002152503,%22n%22:0,%22f%22:0,%22dn%22:26,%22dne%22:194,%22c%22:194,%22s%22:197,%22ce%22:487,%22rq%22:487,%22rp%22:1031,%22rpe%22:1032,%22dl%22:1035,%22di%22:1699,%22ds%22:1699,%22de%22:1701,%22dc%22:1726,%22l%22:1726,%22le%22:1728%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.reviewouragency.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 13:55:58 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 76770c8df8b71c16-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=3121dcd9e9d5c2e1; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/events/1/NRJS-e47fbe4d2e6a55d34f5?a=1046578875&v=1216.487a282&to=dgkMR0NfClgBFE5QF1wKBlZDHxZVAwMSHQBAEhZcXw%3D%3D&rst=2323&ck=1&ref=https://www.reviewouragency.com/button/desmondinsurance/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-e47fbe4d2e6a55d34f5?a=1046578875&v=1216.487a282&to=dgkMR0NfClgBFE5QF1wKBlZDHxZVAwMSHQBAEhZcXw%3D%3D&rst=2323&ck=1&ref=https://www.reviewouragency.com/button/desmondinsurance/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-e47fbe4d2e6a55d34f5?a=1046578875&v=1216.487a282&to=dgkMR0NfClgBFE5QF1wKBlZDHxZVAwMSHQBAEhZcXw%3D%3D&rst=2323&ck=1&ref=https://www.reviewouragency.com/button/desmondinsurance/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.reviewouragency.com/
content-type: text/plain
Content-Length: 187
Origin: https://www.reviewouragency.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 13:55:58 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 76770c90fc3c1c16-OSL
Access-Control-Allow-Origin: https://www.reviewouragency.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
cdn2.editmysite.com/js/site/main.js?buildTime=1666376981
151.101.85.46200 OK 0 B URL HTTP/2 cdn2.editmysite.com/js/site/main.js?buildTime=1666376981
IP 151.101.85.46:0
GET /js/site/main.js?buildTime=1666376981 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 18:50:30 GMT
etag: "63640d76-74804"
expires: Fri, 18 Nov 2022 09:03:44 GMT
cache-control: max-age=1209600
x-host: blu47.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 09 Nov 2022 13:55:52 GMT
age: 449529
x-served-by: cache-sjc10072-SJC, cache-bma1651-BMA
x-cache: HIT, HIT
x-cache-hits: 976, 1
x-timer: S1668002153.940058,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146400
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js
142.250.74.163200 OK 0 B URL HTTP/2 www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js
IP 142.250.74.163:0
GET /recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.desmondinsurance.com
Connection: keep-alive
Referer: https://www.desmondinsurance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162282
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 15:58:35 GMT
expires: Tue, 07 Nov 2023 15:58:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 31 Oct 2022 04:02:45 GMT
content-type: text/javascript
age: 165440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.reviewouragency.com/builder/palettes/7.css?template_slug=standard&theme_name=classic
104.16.207.155200 OK 0 B URL HTTP/2 www.reviewouragency.com/builder/palettes/7.css?template_slug=standard&theme_name=classic
IP 104.16.207.155:0
GET /builder/palettes/7.css?template_slug=standard&theme_name=classic HTTP/1.1
Host: www.reviewouragency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.reviewouragency.com/button/desmondinsurance/?content=Review%20Us&xdm_e=https%3A%2F%2Fwww.desmondinsurance.com&xdm_c=default7323&xdm_p=1
Connection: keep-alive
Cookie: ahoy_visitor=4f6f48b8-15d5-4e0e-b681-9f82fabe9618; ahoy_visit=1918f33b-82f1-4e00-84fe-1c99e378dbd6; ahoy_track=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 13:55:57 GMT
content-type: text/css; charset=utf-8
x-frame-options: ALLOWALL
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: W/"9729a490f079acd86f2999e89a47cdd1"
cache-control: public, max-age=14400
x-request-id: d896b479-db8c-4af5-a2a6-7bc1f5bc118a
x-runtime: 0.014139
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: MISS
expires: Wed, 09 Nov 2022 17:55:57 GMT
server: cloudflare
cf-ray: 76770c88eef00b31-OSL
X-Firefox-Spdy: h2