xxccounnntue.blogspot.com.ng/
142.250.74.161302 Moved Temporarily 180 B URL HTTP/1.1 xxccounnntue.blogspot.com.ng/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 0c5d3d32e2d381a00eafd456ab3f2aa3
148ee49e62c797dd49e19458875082516b17c16e
0bfb84a0151247f1ef539f34452a83deaae95afa64dea650052b6cede2f45958
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: xxccounnntue.blogspot.com.ng
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://xxccounnntue.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 04:30:27 GMT
Expires: Sat, 24 Sep 2022 04:30:27 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 180
Server: GSE
firefox.settings.services.mozilla.com/v1/
18.164.68.8200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.164.68.8:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 04:05:32 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f138cee49761f5f7e3b88ec7b66614ee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: 8mW8O_V8LzA1F0BUNzYM0ukd_-JApMtM9BuMasSAOzBxQBWiylzI-A==
Age: 1495
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4553
Expires: Sat, 24 Sep 2022 05:46:20 GMT
Date: Sat, 24 Sep 2022 04:30:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.102200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.102:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 3c40a0775e2798dc9f20a237d0225e44.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: j1ixgReGb26-ok7E1VM9YYEsjRNcd7ev4beVBITXCW_Iy8hda4YOqA==
age: 1044
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 04:30:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
xxccounnntue.blogspot.com/
142.250.74.161301 Moved Permanently 180 B URL HTTP/1.1 xxccounnntue.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash d3054cb568381a1698cdabfcc0c265f8
cd97457c9cea30e858edfdc1f321df1018b81b77
6db8b8acbef51ec3d829ac943288f07bf5eb6a34926aa595412f84c437756f64
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: xxccounnntue.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://xxccounnntue.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 04:30:27 GMT
Expires: Sat, 24 Sep 2022 04:30:27 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 180
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87f943bbdb905bb7d98cd09ed471f1cb
8aa4bc6edf772758a59d9c4be16583a8fd8c96a3
a22b7ec1475d498aeb0e8eb80aef4f424c5d2651ee231650b116c739273dc4e5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.164.68.8200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.164.68.8:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Expires, Alert, Content-Length, ETag, Cache-Control, Content-Type, Backoff, Pragma, Last-Modified
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 24 Sep 2022 04:20:46 GMT
Expires: Sat, 24 Sep 2022 04:41:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 73afe8565c6794e933a665f6672c4b12.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: 6Td1_g2mnX5JmLGmFAUDq1_ls_UZNVjC3qC45JcsXy3tr-5hnXHRVg==
Age: 582
xxccounnntue.blogspot.com/
142.250.74.161200 OK 17 kB URL HTTP/2 xxccounnntue.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6565)
Hash 3bec03589dc45d2b0b6cc436aaaa6e44
f1532e37f83e7244c00d82489a368b1bdeaaab86
38fb402c8e9c1840f53927ee6f99cded76ee5aff0eeb2f0739eb02186948d514
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: xxccounnntue.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 24 Sep 2022 04:30:28 GMT
date: Sat, 24 Sep 2022 04:30:28 GMT
cache-control: private, max-age=0
last-modified: Fri, 23 Sep 2022 16:04:17 GMT
etag: W/"49ae7302bb8af2855bfea4eb973850f1f1ba612e49bc18ba4fecc84aa90e115d"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 16918
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87f943bbdb905bb7d98cd09ed471f1cb
8aa4bc6edf772758a59d9c4be16583a8fd8c96a3
a22b7ec1475d498aeb0e8eb80aef4f424c5d2651ee231650b116c739273dc4e5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3635
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:30:28 GMT
Last-Modified: Sat, 24 Sep 2022 03:29:53 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xxccounnntue.blogspot.com
Connection: keep-alive
Referer: https://xxccounnntue.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 204980
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da90409c72d710432ed4c105d169e42b
7bd965dbe69c0774bd7c6e7735588c9d4beea9ec
bc344255517fec731eb512fa75ff7a6286fd79938d20b9cfe277759c65455612
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da90409c72d710432ed4c105d169e42b
7bd965dbe69c0774bd7c6e7735588c9d4beea9ec
bc344255517fec731eb512fa75ff7a6286fd79938d20b9cfe277759c65455612
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
142.250.74.163200 OK 3.5 kB URL HTTP/2 www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
IP 142.250.74.163:0
File type Unicode text, UTF-8 text, with very long lines (10473)
Hash 5f322b95a9dc592286f58bb0b446fb3a
7b504dd1f75dca0b6545643188e510cae4699c6a
a87b7a7bb8c3c8104355c38ea1e71953c2fc38320e3d32c675e753afa96eed15
GET /external_hosted/clipboardjs/clipboard.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxccounnntue.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 3475
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 04:30:28 GMT
expires: Sat, 24 Sep 2022 04:30:28 GMT
cache-control: public, max-age=0
last-modified: Wed, 14 Apr 2021 19:28:00 GMT
content-type: text/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xxccounnntue.blogspot.com
Connection: keep-alive
Referer: https://xxccounnntue.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 204980
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 04e873763c0e6e10784b42fa55f10039
02d40b9831cb977e35f3d003515f24d4570efac3
a3f90bd7f0e9d96a3405a9bc52650f338c4e8befbfbe09cc5da2b7778e409713
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 04e873763c0e6e10784b42fa55f10039
02d40b9831cb977e35f3d003515f24d4570efac3
a3f90bd7f0e9d96a3405a9bc52650f338c4e8befbfbe09cc5da2b7778e409713
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
resources.blogblog.com/blogblog/data/res/3436224651-indie_compiled.js
142.250.74.105200 OK 47 kB URL HTTP/2 resources.blogblog.com/blogblog/data/res/3436224651-indie_compiled.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (1535)
Hash 7bb29069d71b3d27a65280535f90d3b1
a5fba6ca7dd203ee2c2d1e6e19d8e91ec9cf0c51
c2dae7e06d7c42999179bc5b445510022f35bff0ff667e2549bc266fdc922f03
GET /blogblog/data/res/3436224651-indie_compiled.js HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxccounnntue.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 46789
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 05:28:50 GMT
expires: Thu, 29 Sep 2022 05:28:50 GMT
cache-control: public, max-age=604800
last-modified: Wed, 21 Sep 2022 15:52:58 GMT
content-type: text/javascript
age: 169298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 04e873763c0e6e10784b42fa55f10039
02d40b9831cb977e35f3d003515f24d4570efac3
a3f90bd7f0e9d96a3405a9bc52650f338c4e8befbfbe09cc5da2b7778e409713
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 04e873763c0e6e10784b42fa55f10039
02d40b9831cb977e35f3d003515f24d4570efac3
a3f90bd7f0e9d96a3405a9bc52650f338c4e8befbfbe09cc5da2b7778e409713
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
themes.googleusercontent.com/image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w1600
142.250.74.1200 OK 228 kB URL HTTP/2 themes.googleusercontent.com/image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w1600
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, description=Sunset afterglow and twlight dunes in White Sands National Monument, software=Picasa], baseline, precision 8, 1600x1067, components 3\012- data
Size 228 kB (228521 bytes)
Hash e66ef1f4c654be20558150214aa2b85a
ad1dfbefad9a21e48aeeac1bae9f8a5b8ea1ef3c
6a5482e0dc4e77a6be20281b13d7ef4d8b67521e73b66bc633ea4e4242934be9
GET /image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w1600 HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxccounnntue.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 25 Sep 2022 04:30:28 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 24 Sep 2022 04:30:28 GMT
server: fife
content-length: 228521
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da90409c72d710432ed4c105d169e42b
7bd965dbe69c0774bd7c6e7735588c9d4beea9ec
bc344255517fec731eb512fa75ff7a6286fd79938d20b9cfe277759c65455612
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:30:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.161.231.36101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.231.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kNX6CaRPQ1QowONUd7hAcw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QAmjmdj7Ik+48LV9Sz5J8owjJxU=
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNOUEwPzIRvGUjn1mlK6SPVNAp9Rx20Wyw4rlCdiNXGcTkLcCxarvcuyMJJeRgvjwMnuCkxnARIFR3p2oVJKYcx8-UiOI9jj3Jxo3garfL1FKG5awHdINueMRmX65hyTpCRAxvjPAPOX1s3Z3CBW_6UDgEZ6z47cnqJ-oUB5iWG6rdy0v8Z30qPrI3/w945-h600-p-k-no-nu/lettre_sg_new.PNG
142.250.74.1200 OK 54 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNOUEwPzIRvGUjn1mlK6SPVNAp9Rx20Wyw4rlCdiNXGcTkLcCxarvcuyMJJeRgvjwMnuCkxnARIFR3p2oVJKYcx8-UiOI9jj3Jxo3garfL1FKG5awHdINueMRmX65hyTpCRAxvjPAPOX1s3Z3CBW_6UDgEZ6z47cnqJ-oUB5iWG6rdy0v8Z30qPrI3/w945-h600-p-k-no-nu/lettre_sg_new.PNG
IP 142.250.74.1:0
File type PNG image data, 561 x 469, 8-bit/color RGB, non-interlaced\012- data
Hash 56368040f734bdffadb8e147b0b298c9
8cb020a895501805bf40e5021d52ef5bef7d44d2
63559e45c59cb53215696490d897e949031f0da1f45c79321eaf06715f2e55dd
GET /img/b/R29vZ2xl/AVvXsEjNOUEwPzIRvGUjn1mlK6SPVNAp9Rx20Wyw4rlCdiNXGcTkLcCxarvcuyMJJeRgvjwMnuCkxnARIFR3p2oVJKYcx8-UiOI9jj3Jxo3garfL1FKG5awHdINueMRmX65hyTpCRAxvjPAPOX1s3Z3CBW_6UDgEZ6z47cnqJ-oUB5iWG6rdy0v8Z30qPrI3/w945-h600-p-k-no-nu/lettre_sg_new.PNG HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxccounnntue.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1b"
expires: Sun, 25 Sep 2022 04:30:29 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="lettre_sg_new.PNG"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sat, 24 Sep 2022 04:30:29 GMT
server: fife
content-length: 53982
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7684
Expires: Sat, 24 Sep 2022 06:38:34 GMT
Date: Sat, 24 Sep 2022 04:30:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7684
Expires: Sat, 24 Sep 2022 06:38:34 GMT
Date: Sat, 24 Sep 2022 04:30:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7684
Expires: Sat, 24 Sep 2022 06:38:34 GMT
Date: Sat, 24 Sep 2022 04:30:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f10a12719b387d176497669ba75f0acc
16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: igIWZ2IhMA_GIovp4HgIHtGeDt5xoX0iThoQFKjnNJUYP_uMdO7FHw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 22:11:52 GMT
age: 22718
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F742ed98b-b8fa-4199-984b-51f661ac6e89.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F742ed98b-b8fa-4199-984b-51f661ac6e89.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3f93f322ecd0244e7ee4169b200b50df
8db9c71402f2c8ceee047c56ca1a5e41c74f5cf3
2bb739a60a4581e554fb308be7df8b3d7f47e95051e5ef5e0d1d9ed0a0443b68
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F742ed98b-b8fa-4199-984b-51f661ac6e89.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4829
x-amzn-requestid: c283df3f-4198-47dd-9b24-634c425bccd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2aA_HgFoAMF_tQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c0a06-3881d661368a03ae48227b37;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:08:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3zDl5u8ndYwMQ2-4aH1sRDit8p-G3OK9bvGNj1hOab9dWo5389KPGg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 07:12:50 GMT
age: 76660
etag: "8db9c71402f2c8ceee047c56ca1a5e41c74f5cf3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc313594-ca24-4e62-bba0-99a0475817bf.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc313594-ca24-4e62-bba0-99a0475817bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed165f50993660657ba10cdebdb895b3
0241ca5908ca229c2528a3c84177488cc2c08c13
b13c7b9ce6ae5d4295467977258ab19da8329b0f1db39e38f11d16d905d742cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc313594-ca24-4e62-bba0-99a0475817bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14237
x-amzn-requestid: ebac6624-ee74-4911-b34d-f12abd8524e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7ruIG08oAMF6bQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e265a-1119098a051db3235b3a0674;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:34:18 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -x5REt7Gk5xFKc7zZ1pvC09jIXkLoSTvZ1agUIbeVRAUCuHiH4IMkA==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 22:20:39 GMT
age: 22191
etag: "0241ca5908ca229c2528a3c84177488cc2c08c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a4b36e1bf29c9c82f069cdd3c50874c
d2180d40ceb16924a87a41aad90dedb0bb912085
aab96d28ea8e21e6d37449eba400cac45acced1825ebdb27853d17ae4f993b00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7963
x-amzn-requestid: cadfa4ff-473d-4927-bdf6-3aad64cddf18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQbHTCIAMFfZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2735-41d711e5210099aa6273dd86;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: g0NS7XamCzSMKmm1-mLnWLwUuBoJczvwSmTb0c_7klsY78wbrg4bRw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:57:25 GMT
age: 23585
etag: "d2180d40ceb16924a87a41aad90dedb0bb912085"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N7TwxCLUL8qnvm3YuZ6CGyJquVerc266VvZ1g8j5RxGpQXoUJwhULg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:51:16 GMT
age: 23954
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d9363e8-7e74-47d0-b49b-ac648ebf58c9.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d9363e8-7e74-47d0-b49b-ac648ebf58c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d84c4ddafb066f0340a6108644e18e6b
058909341bf245c24fd86fc076acf2a3c246a96c
ca9019fab30635e3548e05e088ff5a5d612ffe7c01f29465c4133710a41c0245
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d9363e8-7e74-47d0-b49b-ac648ebf58c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7829
x-amzn-requestid: 79add9b6-6cde-48a3-9c42-1205931f6114
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7t9_FXhoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e29f2-6d0d600139ae5be33989e303;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:49:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: IvhIsub3cPBuVbyQzV1vfgtR71W-m47YCeaeFVduPm-MotECuZhyBg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 22:08:01 GMT
age: 22949
etag: "058909341bf245c24fd86fc076acf2a3c246a96c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 03708c751aad07a5e021db9e5ba0319d
5dbb484aedcabae47cf46ed7064f0389825e336d
654b4e40df294fa2fd1908f7f8c5a2b99d3cc72b3d83bc3ff013f0d575aa4ba3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 04:30:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 11:39:24 GMT
Expires: Fri, 30 Sep 2022 11:39:23 GMT
Etag: "5dbb484aedcabae47cf46ed7064f0389825e336d"
Cache-Control: max-age=543532,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f8c9002903fabc-OSL
sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/
63.250.43.2200 OK 2.3 kB URL HTTP/2 sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/
IP 63.250.43.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 53db349fa6e9eeec992846899cf10494
f7ecc16644ee93b2409acbbe7052d1a3bdd50824
668cf10ba83c7526e6b06af9935d3d1add3d2936f091107165b2bcb296ff2867
Analyzer Verdict Alert openphish Societe Generale
fortinet Phishing
GET /wp-content/synchronisation/ HTTP/1.1
Host: sg-synchro-b85204.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _fbp=fb.1.1663993521718.1776339024
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 21:53:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
x-cacheable: YES
age: 23835
x-cache: HIT
accept-ranges: bytes
content-length: 2347
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1e6c9be31449287ca2725eb224a39e88
c65a22026855d7f48e9e735e19c34470e4487066
b6d0504176ab904be26a92b03910531c3a99a30a542d45a1f4865a5166256096
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5653
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:30:30 GMT
Last-Modified: Sat, 24 Sep 2022 02:56:17 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/sweetalert.min.js
104.17.25.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/sweetalert.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (40808), with no line terminators
Hash cb97ae392c3fb56f4afc6d5f97da4237
38c35ad19fb9b7bacaff79840bef8638b6f52d85
cbff330b47a3850bdc0c1047256d98921de83c11cbdfcdfd42a61d9424b3021d
GET /ajax/libs/sweetalert/2.1.2/sweetalert.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/
Origin: https://sg-synchro-b85204.ingress-bonde.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 04:30:30 GMT
content-type: application/javascript; charset=utf-8
content-length: 10494
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ff8-9f68"
last-modified: Mon, 04 May 2020 16:16:56 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3220400
expires: Thu, 14 Sep 2023 04:30:30 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSb5KGEx9TWF6KkWDlxtE4MI3cIkYOKUkcfsqDYCpQz1cwrFNknHJoJQu299MIACPlpb4JucyGknzXDf6wXoGQqt1JfMVkXb4uf1Q%2F7AyOIN%2Br5qgjRmvKmlwMvcz9RnQqm4EThD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f8c9030829b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
104.18.10.207200 OK 25 kB URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (65324)
Hash dd87830ce1577c6de177c1d12b0aceb8
a98d0665fc06314a4f50012ea952ff1a24f93867
6a471039bdea98a2b888ccef62a472b14cfc0e72b538a8868696ed81f08fd26b
GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 04:30:30 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 08/03/2021 15:16:56
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: d6b43e13ddbcd4f60dded6d39b2abed5
cdn-cache: HIT
cf-cache-status: HIT
age: 9434818
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74f8c9031ad6b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/sweetalert2@7.26.11/dist/sweetalert2.all.min.js
151.101.85.229200 OK 15 kB URL HTTP/2 cdn.jsdelivr.net/npm/sweetalert2@7.26.11/dist/sweetalert2.all.min.js
IP 151.101.85.229:0
File type Unicode text, UTF-8 text, with very long lines (34666)
Hash 4d09ebb6b98eea8864b0907f469b3915
0bd401bfe99c80a9675e3c60012cdb64a131197d
d5d777125e123cd311ceb283f7f9c6a9d16fc593a704e089e31f12aa3570a35e
GET /npm/sweetalert2@7.26.11/dist/sweetalert2.all.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 7.26.11
x-jsd-version-type: version
etag: W/"f0e9-mwT0+YYEiqCevutFnxfidLvDzeY"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 24 Sep 2022 04:30:30 GMT
age: 3377040
x-served-by: cache-fra19179-FRA, cache-bma1655-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14829
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash c80657322887735c3845b06c5be36dab
5c1cf967afa15c120ba094b8b9747daad4ed5a69
997abb00b627823fa64646a9ef8954bf54f11695ce0cf2f2917f0bd786ceca8e
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 04:30:30 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "2BC81AF969F795803C7720F40C0777F175508E65"
Expires: Sat, 24 Sep 2022 15:00:00 GMT
Last-Modified: Sat, 24 Sep 2022 03:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2365
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f8c90378d1b4ff-OSL
sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/css/nm.css
63.250.43.2200 OK 1.8 kB URL HTTP/2 sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/css/nm.css
IP 63.250.43.2:0
File type ASCII text, with CRLF line terminators
Hash d3ecc4e24719d3e8acc76781e13d9375
63c818038fcdac0f1788816b95885438b24537c8
05e52471fe062e39a29ac5cccc23a3d2af269ed526540a8013f7623e35b77311
GET /wp-content/synchronisation/layout/css/nm.css HTTP/1.1
Host: sg-synchro-b85204.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/
Connection: keep-alive
Cookie: _fbp=fb.1.1663993521718.1776339024
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 21:54:42 GMT
content-type: text/css
last-modified: Fri, 23 Sep 2022 10:35:06 GMT
vary: Accept-Encoding
etag: W/"632d8bda-1bfa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 23748
x-cache: HIT
accept-ranges: bytes
content-length: 1799
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/css/css2.css
63.250.43.2200 OK 742 B URL HTTP/2 sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/css/css2.css
IP 63.250.43.2:0
Hash 6c51f932d0b7639dd16a8ea826685d33
047bad0df218a0771584b66d699b09bdfc1e2298
66969cdd47247e73cb88bcc211a87cea1401fc5b681c9bed9be4e12c4b24b6d2
GET /wp-content/synchronisation/layout/css/css2.css HTTP/1.1
Host: sg-synchro-b85204.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/
Connection: keep-alive
Cookie: _fbp=fb.1.1663993521718.1776339024
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 21:54:42 GMT
content-type: text/css
last-modified: Fri, 23 Sep 2022 10:35:06 GMT
vary: Accept-Encoding
etag: W/"632d8bda-1eb0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 23748
x-cache: HIT
accept-ranges: bytes
content-length: 742
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/css/main.css
63.250.43.2200 OK 3.7 kB URL HTTP/2 sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/css/main.css
IP 63.250.43.2:0
File type ASCII text, with CRLF line terminators
Hash f0ac34d09121e4f9955ccbd7a787ffd8
f22f2b6351f8d69bed6d93a6d36392419f73c7d5
7e9c3b58340c222b746c7c9de9a393f148507d09b1047522c289d556e22e28fe
GET /wp-content/synchronisation/layout/css/main.css HTTP/1.1
Host: sg-synchro-b85204.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/
Connection: keep-alive
Cookie: _fbp=fb.1.1663993521718.1776339024
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 21:54:42 GMT
content-type: text/css
last-modified: Fri, 23 Sep 2022 10:35:06 GMT
vary: Accept-Encoding
etag: W/"632d8bda-56d2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 23748
x-cache: HIT
accept-ranges: bytes
content-length: 3690
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/css/main2.css
63.250.43.2200 OK 3.4 kB URL HTTP/2 sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/css/main2.css
IP 63.250.43.2:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 67960dce78a477d6a3487dd6a5f9349d
a120ee44919137972db9c70e70d33c3c7f4ecdc0
69627bcf738efe607518b1b352ba3204b60d5018a4302cb8f63fd5ffa89073a5
GET /wp-content/synchronisation/layout/css/main2.css HTTP/1.1
Host: sg-synchro-b85204.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/
Connection: keep-alive
Cookie: _fbp=fb.1.1663993521718.1776339024
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 21:54:42 GMT
content-type: text/css
last-modified: Fri, 23 Sep 2022 10:35:06 GMT
vary: Accept-Encoding
etag: W/"632d8bda-4e1b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 23748
x-cache: HIT
accept-ranges: bytes
content-length: 3378
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:30:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:30:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:30:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 14880, version 1.0\012- data
Hash 819af3d3abdc9f135d49b80a91e2ff4c
0fd9f29faa386a9c8de328f799d2698948ed3d25
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
GET /s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sg-synchro-b85204.ingress-bonde.ewp.live
Connection: keep-alive
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14880
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 01:46:29 GMT
expires: Tue, 19 Sep 2023 01:46:29 GMT
cache-control: public, max-age=31536000
age: 441842
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0b.woff2
142.250.74.163200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0b.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 14380, version 1.0\012- data
Hash 33543c5cc5d88f5695dd08c87d280dfd
600db9374e47e4f73a59ccc0a99bcc42f4a3e02a
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
GET /s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0b.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sg-synchro-b85204.ingress-bonde.ewp.live
Connection: keep-alive
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14380
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 22:39:30 GMT
expires: Tue, 19 Sep 2023 22:39:30 GMT
cache-control: public, max-age=31536000
age: 366661
last-modified: Tue, 23 Jul 2019 19:30:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15056, version 1.0\012- data
Hash 0edb76284a7a0f8db4665b560ee2b48f
02496387a5f7bf7b79df52c7b76ece4ebc7a0710
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
GET /s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sg-synchro-b85204.ingress-bonde.ewp.live
Connection: keep-alive
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 01:47:35 GMT
expires: Sun, 24 Sep 2023 01:47:35 GMT
cache-control: public, max-age=31536000
age: 9776
last-modified: Tue, 23 Jul 2019 19:30:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/icora.png
63.250.43.2200 OK 975 B URL HTTP/2 sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/icora.png
IP 63.250.43.2:0
File type PNG image data, 50 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash f76996087a2582f228f56290a1692239
e0e04a46815bada84eb63bfb6fa215dc21d585f1
5735d2ceaefd9e4a326e6f015178feee4bb2b80c9d048a1857f18f5640c6b987
GET /wp-content/synchronisation/layout/img/icora.png HTTP/1.1
Host: sg-synchro-b85204.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/
Connection: keep-alive
Cookie: _fbp=fb.1.1663993521718.1776339024
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 21:54:42 GMT
content-type: image/png
content-length: 975
last-modified: Fri, 23 Sep 2022 10:34:47 GMT
etag: "632d8bc7-3cf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 23748
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/icora1.png
63.250.43.2200 OK 1.1 kB URL HTTP/2 sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/icora1.png
IP 63.250.43.2:0
File type PNG image data, 63 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 94d565c17eb506f5c7cb7269f143de52
87ae8ffb409dae4060cce85b6109d9c037c3277c
2f17ed036cfd90e3be3a94066352e4fd68b508453d6bb79a3df839d54078e6f7
GET /wp-content/synchronisation/layout/img/icora1.png HTTP/1.1
Host: sg-synchro-b85204.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/
Connection: keep-alive
Cookie: _fbp=fb.1.1663993521718.1776339024
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 21:54:42 GMT
content-type: image/png
content-length: 1103
last-modified: Fri, 23 Sep 2022 10:34:47 GMT
etag: "632d8bc7-44f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 23748
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/logo-sg-seul.png
63.250.43.2200 OK 3.3 kB URL HTTP/2 sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/logo-sg-seul.png
IP 63.250.43.2:0
File type PNG image data, 245 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ce152793719208ddec25710c54f2687e
395293765d358215c40a66056eab8b3d250bfdaf
1095ef0c8401943aebdcd816e921c30b770b1c232acf5df2e40b70300efde552
GET /wp-content/synchronisation/layout/img/logo-sg-seul.png HTTP/1.1
Host: sg-synchro-b85204.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/
Connection: keep-alive
Cookie: _fbp=fb.1.1663993521718.1776339024
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 21:54:42 GMT
content-type: image/png
content-length: 3264
last-modified: Fri, 23 Sep 2022 10:34:47 GMT
etag: "632d8bc7-cc0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 23748
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/icora2.png
63.250.43.2200 OK 438 B URL HTTP/2 sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/icora2.png
IP 63.250.43.2:0
File type PNG image data, 45 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash 79291e8ef7ed55380de1d1b9bc0920c2
2d3b5bbf86dcef67b91ca1e87d4ee9617b3346c7
97e1d35262f8d1df88a0d036b7058a8d7cd60baa0218de601b617ad3441576af
GET /wp-content/synchronisation/layout/img/icora2.png HTTP/1.1
Host: sg-synchro-b85204.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/
Connection: keep-alive
Cookie: _fbp=fb.1.1663993521718.1776339024
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 21:54:42 GMT
content-type: image/png
content-length: 438
last-modified: Fri, 23 Sep 2022 10:34:47 GMT
etag: "632d8bc7-1b6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 23748
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/js/jquery.js
63.250.43.2200 OK 30 kB URL HTTP/2 sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/js/jquery.js
IP 63.250.43.2:0
File type ASCII text, with very long lines (32061), with CRLF line terminators
Hash 9a093335e50561c422abdf2453210678
6792616c431e91e51859449c05aa986438478e03
16577e6f02e3a0c0f7c4a014128ace8dc9ee99792ee71c135903f115221532ee
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/synchronisation/layout/js/jquery.js HTTP/1.1
Host: sg-synchro-b85204.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/
Connection: keep-alive
Cookie: _fbp=fb.1.1663993521718.1776339024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 21:54:42 GMT
content-type: application/javascript
last-modified: Fri, 23 Sep 2022 10:34:44 GMT
vary: Accept-Encoding
etag: W/"632d8bc4-14917"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 23748
x-cache: HIT
accept-ranges: bytes
content-length: 29543
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/js/main.js
63.250.43.2200 OK 1.7 kB URL HTTP/2 sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/js/main.js
IP 63.250.43.2:0
File type Algol 68 source text\012- Pascal source, ASCII text, with CRLF line terminators
Hash f4c6d2ab49691a151110a7369aad111d
f8ff399c1ce75c5b9ab2a788506f3b788c8365e7
a809b6525c88cee48c77bf4f168f879057c1f35bd330cec92e15b9a0c181a54d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/synchronisation/layout/js/main.js HTTP/1.1
Host: sg-synchro-b85204.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/
Connection: keep-alive
Cookie: _fbp=fb.1.1663993521718.1776339024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 21:54:42 GMT
content-type: application/javascript
last-modified: Fri, 23 Sep 2022 10:34:44 GMT
vary: Accept-Encoding
etag: W/"632d8bc4-2741"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 23748
x-cache: HIT
accept-ranges: bytes
content-length: 1729
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/common/log.js
63.250.43.2200 OK 444 B URL HTTP/2 sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/common/log.js
IP 63.250.43.2:0
File type ASCII text, with CRLF line terminators
Hash 8c7b3a240d9034fd5c45d3dd8a591949
9985a25b5cebe246a19fc6247d1d7da02b3f890b
3a233bdd8b51b9c5a9d71cda31275f8a9563ef4b4cdfbcdd4060cd7fd4e75dbf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/synchronisation/common/log.js HTTP/1.1
Host: sg-synchro-b85204.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/
Connection: keep-alive
Cookie: _fbp=fb.1.1663993521718.1776339024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 21:54:42 GMT
content-type: application/javascript
last-modified: Fri, 23 Sep 2022 10:35:07 GMT
vary: Accept-Encoding
etag: W/"632d8bdb-36e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 23748
x-cache: HIT
accept-ranges: bytes
content-length: 444
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/js/jquery-ui.js
63.250.43.2200 OK 64 kB URL HTTP/2 sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/js/jquery-ui.js
IP 63.250.43.2:0
File type ASCII text, with very long lines (32157), with CRLF line terminators
Hash d3a29c82c107588ba14a42d57f6d4788
98fe1b0ff101878ff8433cb185c2c91119c9283a
1e27599e1b92224f881cbf9212c4d9fdc5b9758b77949670033c6adb81c55637
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/synchronisation/layout/js/jquery-ui.js HTTP/1.1
Host: sg-synchro-b85204.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/
Connection: keep-alive
Cookie: _fbp=fb.1.1663993521718.1776339024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 21:54:42 GMT
content-type: application/javascript
last-modified: Fri, 23 Sep 2022 10:34:44 GMT
vary: Accept-Encoding
etag: W/"632d8bc4-3a7d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 23748
x-cache: HIT
accept-ranges: bytes
content-length: 64480
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/logo_desk.png
63.250.43.2200 OK 3.1 kB URL HTTP/2 sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/logo_desk.png
IP 63.250.43.2:0
File type PNG image data, 211 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash acee6e3c89be65ad1e6b7883c805f984
370e5b07648d226a8d3115bb5763a2dc101fe8fd
2f1163ec7e6e951ca4a06d722ff2e50827a3788a6a36d5fa2af1f284c668c1a3
GET /wp-content/synchronisation/layout/img/logo_desk.png HTTP/1.1
Host: sg-synchro-b85204.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/css/main.css
Cookie: _fbp=fb.1.1663993521718.1776339024
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 21:54:42 GMT
content-type: image/png
content-length: 3065
last-modified: Fri, 23 Sep 2022 10:34:48 GMT
etag: "632d8bc8-bf9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 23748
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/logo_desk_right.png
63.250.43.2200 OK 2.9 kB URL HTTP/2 sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/logo_desk_right.png
IP 63.250.43.2:0
File type PNG image data, 195 x 82, 8-bit/color RGBA, non-interlaced\012- data
Hash de732dd1a1fd527dd4e02aee6c0085d6
54bc6ef40a0995f2ae66737474dbbccef75eb961
efa4e07d133048f4c2341b63a74e7cd50a29146710bf682c9bdabcd173285278
GET /wp-content/synchronisation/layout/img/logo_desk_right.png HTTP/1.1
Host: sg-synchro-b85204.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/css/main.css
Cookie: _fbp=fb.1.1663993521718.1776339024
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 21:54:42 GMT
content-type: image/png
content-length: 2866
last-modified: Fri, 23 Sep 2022 10:34:48 GMT
etag: "632d8bc8-b32"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 23748
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/del.png
63.250.43.2200 OK 394 B URL HTTP/2 sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/del.png
IP 63.250.43.2:0
File type PNG image data, 29 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash e35e3deee20eb343773c7ab354aae6f8
288fdfc29eae862f071e9d5b3a3ad5c8921cba71
0cacaf469800b12d9f3ae16c58e13836c70e4e4a0ef87501f6f3458127da4057
GET /wp-content/synchronisation/layout/img/del.png HTTP/1.1
Host: sg-synchro-b85204.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/css/main.css
Cookie: _fbp=fb.1.1663993521718.1776339024
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 21:54:42 GMT
content-type: image/png
content-length: 394
last-modified: Fri, 23 Sep 2022 10:34:45 GMT
etag: "632d8bc5-18a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 23748
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/sov.png
63.250.43.2200 OK 3.8 kB URL HTTP/2 sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/sov.png
IP 63.250.43.2:0
File type PNG image data, 242 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash c7f51f466f01e234d8c45f39086a9d5c
20d936a93cdb8776f9e2b8c3d46fc2e074cc2668
443156d6d3e81b6248173675b3612b2d66a57d9e4f2b508016931ac8d099c10d
GET /wp-content/synchronisation/layout/img/sov.png HTTP/1.1
Host: sg-synchro-b85204.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/css/main.css
Cookie: _fbp=fb.1.1663993521718.1776339024
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 21:54:42 GMT
content-type: image/png
content-length: 3774
last-modified: Fri, 23 Sep 2022 10:35:06 GMT
etag: "632d8bda-ebe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 23748
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/ico_text.png
63.250.43.2200 OK 256 B URL HTTP/2 sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/ico_text.png
IP 63.250.43.2:0
File type PNG image data, 15 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 81da99c17940b159fae9b148edfcf184
fc974800ce7105761ed8bc6639cfa8a27f7d9280
1da576a49156cff58c8ecd323c7c85da4a4ebff143ba1946509a88611547093b
GET /wp-content/synchronisation/layout/img/ico_text.png HTTP/1.1
Host: sg-synchro-b85204.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/css/main.css
Cookie: _fbp=fb.1.1663993521718.1776339024
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 21:54:42 GMT
content-type: image/png
content-length: 256
last-modified: Fri, 23 Sep 2022 10:34:47 GMT
etag: "632d8bc7-100"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 23748
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/icora3.png
63.250.43.2200 OK 1.5 kB URL HTTP/2 sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/icora3.png
IP 63.250.43.2:0
File type PNG image data, 200 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash 9b41df62a6b07f8ae97f5ca5fecc76b2
074a7ffe3dfc3eeb4f8b2b32c1908f74aedcf9a8
28998adacc6d83affb12d973b7500a5ec9e7e96a5eb5f9ba9c521a8ed0cb1539
GET /wp-content/synchronisation/layout/img/icora3.png HTTP/1.1
Host: sg-synchro-b85204.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/css/main2.css
Cookie: _fbp=fb.1.1663993521718.1776339024
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 21:54:42 GMT
content-type: image/png
content-length: 1524
last-modified: Fri, 23 Sep 2022 10:34:47 GMT
etag: "632d8bc7-5f4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 23748
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/index.ico
63.250.43.2200 OK 116 B URL HTTP/2 sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/layout/img/index.ico
IP 63.250.43.2:0
File type MS Windows icon resource - 1 icon, 16x16, 16 colors\012- data
Hash 5febc34748cd56acf2aa6d91656e2177
537d67534a3730a970e4dd5ae3254208f498fe2c
cd3a435ef78098ec34bcb93bee204b67feca5126316b389b093932b647767523
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/synchronisation/layout/img/index.ico HTTP/1.1
Host: sg-synchro-b85204.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sg-synchro-b85204.ingress-bonde.ewp.live/wp-content/synchronisation/
Connection: keep-alive
Cookie: _fbp=fb.1.1663993521718.1776339024
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 21:56:01 GMT
content-type: image/x-icon
last-modified: Fri, 23 Sep 2022 10:34:47 GMT
vary: Accept-Encoding
etag: W/"632d8bc7-13e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 23670
x-cache: HIT
accept-ranges: bytes
content-length: 116
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/1416043673-widgets.js
142.250.74.105200 OK 0 B URL HTTP/2 www.blogger.com/static/v1/widgets/1416043673-widgets.js
IP 142.250.74.105:0
GET /static/v1/widgets/1416043673-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxccounnntue.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56913
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 02:21:33 GMT
expires: Thu, 21 Sep 2023 02:21:33 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 00:51:51 GMT
content-type: text/javascript
age: 266935
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2