www.mdlaw-cardiff.co.uk/
95.172.86.104301 Moved Permanently 240 B IP 95.172.86.104:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash baeefbe75607a92d2f3bfcda1348d25c
d15e82582069c436a0a40251acfb250a31492f29
f9fa1fa54c41ee188fc8cc81c466b361a39484ceffe6294771609f67fda36b44
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 07:43:30 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 240
Connection: keep-alive
Location: https://www.mdlaw-cardiff.co.uk/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10284
Expires: Thu, 02 Feb 2023 10:34:54 GMT
Date: Thu, 02 Feb 2023 07:43:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10933
Expires: Thu, 02 Feb 2023 10:45:43 GMT
Date: Thu, 02 Feb 2023 07:43:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 07:36:04 GMT
content-type: application/json
age: 446
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4796
Expires: Thu, 02 Feb 2023 09:03:26 GMT
Date: Thu, 02 Feb 2023 07:43:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aV9HUXY6Ow8HbljmdzfYT+c9Y56oqiBTJsMp6lLS3oGITgU2DRSMrSHgneaM9rH+7055o7CaEb4=
x-amz-request-id: 5798NH7Z2NBBR5K6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 06:51:52 GMT
age: 3098
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 07:43:30 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 06:49:05 GMT
age: 3266
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.comodoca.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash b34daae1942f6f63cc24ab6d5867a091
c2e7430f5548f53ed634f57e6420a7054d0fd8bc
b56008cbd5e6df07a6a4ae96dcf93a122a7cab70f93fdfbbb88009471b0160c4
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 07:43:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 09:57:19 GMT
Expires: Tue, 07 Feb 2023 09:57:18 GMT
Etag: "c2e7430f5548f53ed634f57e6420a7054d0fd8bc"
Cache-Control: max-age=439426,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79314bd97b2d0b51-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10156
Expires: Thu, 02 Feb 2023 10:32:47 GMT
Date: Thu, 02 Feb 2023 07:43:31 GMT
Connection: keep-alive
push.services.mozilla.com/
54.149.190.160101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.190.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gFQBRmya3d8CAJpo2Uiw4g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: laIaiRdxJgK3UghF9rL+Gl2qff4=
www.mdlaw-cardiff.co.uk/
95.172.86.104200 OK 111 kB IP 95.172.86.104:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6306), with CRLF, LF line terminators
Size 111 kB (110980 bytes)
Hash 5054bb21d77fdc518ed09bd412d52f33
05a69227405c585c78a41f0cfc49331f9a87c427
77b9dae33730880ba11d390958891b154508fe5031022735c31accbe95a24aae
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: must-revalidate, no-cache, private
X-Drupal-Dynamic-Cache: UNCACHEABLE
Link: <https://www.mdlaw-cardiff.co.uk/>; rel="shortlink", <https://www.mdlaw-cardiff.co.uk/>; rel="canonical"
X-UA-Compatible: IE=edge
Content-language: en
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Expires: Sun, 19 Nov 1978 05:00:00 GMT
X-Generator: Drupal 8 (https://www.drupal.org)
X-LS-PURGE-STATUS: No Purge
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
www.mdlaw-cardiff.co.uk/sites/default/files/css/css_y10ZD1YNf6TOpip2PRbfkLPvvEbS1ntgZYn8vdRfxbY.css
95.172.86.104200 OK 48 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/css/css_y10ZD1YNf6TOpip2PRbfkLPvvEbS1ntgZYn8vdRfxbY.css
IP 95.172.86.104:0
File type assembler source, ASCII text, with very long lines (21825), with CRLF, LF line terminators
Hash a9837764ec8dbd388bbdbf16bbc323b3
ac6e4137b58a13c02fd1bbdc946f5db15bb6f256
cb5d190f560d7fa4cea62a763d16df90b3efbc46d2d67b606589fcbdd45fc5b6
GET /sites/default/files/css/css_y10ZD1YNf6TOpip2PRbfkLPvvEbS1ntgZYn8vdRfxbY.css HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:32 GMT
Content-Type: text/css
Content-Length: 47997
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Tue, 31 Jan 2023 15:47:08 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:32 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 07:43:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 07:43:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 07:43:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9125a8bacd163c2a3adb71cc90f4cc5c
2cc990863e1f9f8a699e6b3c41bb5d313885c34d
2e38d106b4cf4eeabcf337a73aea97df8f2aae503e285a6416048670bacf5ac2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3369
Cache-Control: max-age=160261
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 07:43:32 GMT
Etag: "63db2b80-117"
Expires: Sat, 04 Feb 2023 04:14:33 GMT
Last-Modified: Thu, 02 Feb 2023 03:18:24 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
www.googletagmanager.com/gtag/js?id=UA-116053880-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-116053880-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1759)
Hash 682e9c4de448c6593c58a254e5042a24
7f824bcada8fb81b2a62bd11a355ee2354d7111d
794e697250d0bd76370c1f6ab63fe88ec18bb3c7ee555820cd9287f70e59a58d
GET /gtag/js?id=UA-116053880-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 07:43:32 GMT
expires: Thu, 02 Feb 2023 07:43:32 GMT
cache-control: private, max-age=900
last-modified: Thu, 02 Feb 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43953
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.powr.io/powr.js?platform=drupal
172.67.5.146200 OK 6.0 kB URL HTTP/2 www.powr.io/powr.js?platform=drupal
IP 172.67.5.146:0
File type HTML document, ASCII text, with very long lines (15798), with no line terminators
Hash 5248878e2ec9fad3526ed3513ca66790
0d3b3278df3d0d7bb4474693e5c2a2a82f62c343
c370c0f33f33d6ea8300edf57d7133e0b71038c8d301d5880604a9a05db95aff
GET /powr.js?platform=drupal HTTP/1.1
Host: www.powr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:32 GMT
content-type: application/javascript
cache-control: max-age=604800, public
cf-bgj: minify
expires: Fri, 02 Feb 2024 07:25:30 GMT
last-modified: Thu, 02 Feb 2023 07:25:22 GMT
vary: Accept-Encoding
via: 1.1 vegur
x-origin-instance: heroku
cf-cache-status: HIT
age: 889
server: cloudflare
cf-ray: 79314be35d40fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 07:43:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 07:43:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mdlaw-cardiff.co.uk/themes/gavias_vitaco/css/custom.css
95.172.86.104200 OK 0 B URL HTTP/1.1 www.mdlaw-cardiff.co.uk/themes/gavias_vitaco/css/custom.css
IP 95.172.86.104:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themes/gavias_vitaco/css/custom.css HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:32 GMT
Content-Type: text/css
Content-Length: 0
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 May 2019 20:07:44 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:32 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/themes/gavias_vitaco/css/update.css
95.172.86.104200 OK 363 B URL HTTP/1.1 www.mdlaw-cardiff.co.uk/themes/gavias_vitaco/css/update.css
IP 95.172.86.104:0
Hash 77d61611cf7639365670a828866bd772
d01758fd488bc0976eebf97d8d61535f06b876e9
f2e6fae78a191edf86957a070cc719c40a52911c276bb9b5f8675b1dcc8a1aa1
GET /themes/gavias_vitaco/css/update.css HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:32 GMT
Content-Type: text/css
Content-Length: 363
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 May 2019 20:07:46 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:32 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/sites/default/files/js/js_tzVSTMHibC1bO_-QYRIeBYlKakR48Q9KY7ukSZIQWOY.js
95.172.86.104200 OK 76 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/js/js_tzVSTMHibC1bO_-QYRIeBYlKakR48Q9KY7ukSZIQWOY.js
IP 95.172.86.104:0
File type C source, ASCII text, with very long lines (12479)
Hash 96276304c6be506370c505774d8d8b5c
67f0ab9e3df3cc5f0f314317e41c1643a34c4682
b735524cc1e26c2d5b3bff9061121e05894a6a4478f10f4a63bba449921058e6
Analyzer Verdict Alert fortinet Phishing
GET /sites/default/files/js/js_tzVSTMHibC1bO_-QYRIeBYlKakR48Q9KY7ukSZIQWOY.js HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:32 GMT
Content-Type: application/javascript
Content-Length: 76324
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Tue, 31 Jan 2023 15:47:08 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:32 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/sites/default/files/css/css_6HtfSM-F3OGTGIEsBJcHSrUdJroQhjO9L1h0zkbmoUU.css
95.172.86.104200 OK 737 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/css/css_6HtfSM-F3OGTGIEsBJcHSrUdJroQhjO9L1h0zkbmoUU.css
IP 95.172.86.104:0
File type ASCII text, with very long lines (47371)
Size 737 kB (736830 bytes)
Hash 85cd61a300df12438d48455bc3cfcef2
3961df5fa55fe9eaf2483933efd53084a717f85e
e87b5f48cf85dce19318812c0497074ab51d26ba108633bd2f5874ce46e6a145
GET /sites/default/files/css/css_6HtfSM-F3OGTGIEsBJcHSrUdJroQhjO9L1h0zkbmoUU.css HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:32 GMT
Content-Type: text/css
Content-Length: 736830
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Tue, 31 Jan 2023 15:46:07 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:32 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/sites/default/files/js/js_0CYmcH6zXK4amb4ZKePTipMgZLaPwmJS29G1-a14lCk.js
95.172.86.104200 OK 1.1 MB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/js/js_0CYmcH6zXK4amb4ZKePTipMgZLaPwmJS29G1-a14lCk.js
IP 95.172.86.104:0
File type ASCII text, with very long lines (65451)
Size 1.1 MB (1092070 bytes)
Hash 8061b73ee3043ce7f735b876da2392b6
2029327c811695309ed5f0c5abfd61d8a8268ba8
d02626707eb35cae1a99be1929e3d38a932064b68fc26252dbd1b5f9ad789429
Analyzer Verdict Alert fortinet Phishing
GET /sites/default/files/js/js_0CYmcH6zXK4amb4ZKePTipMgZLaPwmJS29G1-a14lCk.js HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:32 GMT
Content-Type: application/javascript
Content-Length: 1092070
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Tue, 31 Jan 2023 15:46:07 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:32 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10187
Expires: Thu, 02 Feb 2023 10:33:19 GMT
Date: Thu, 02 Feb 2023 07:43:32 GMT
Connection: keep-alive
www.mdlaw-cardiff.co.uk/sites/default/files/team/lawyer-brewer-1.png
95.172.86.104200 OK 165 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/team/lawyer-brewer-1.png
IP 95.172.86.104:0
File type PNG image data, 481 x 481, 8-bit gray+alpha, non-interlaced\012- data
Size 165 kB (164686 bytes)
Hash cea423bd8538002f8d05abe9b3c11157
6e8e6ce9f1577b5b051d8deb119be5ecb81afa58
00c9645a4378805a8858747e2db35ec941240255cec9bcd718552c3b618a2f93
GET /sites/default/files/team/lawyer-brewer-1.png HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:32 GMT
Content-Type: image/png
Content-Length: 164686
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Jul 2021 16:12:22 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:32 GMT
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10187
Expires: Thu, 02 Feb 2023 10:33:19 GMT
Date: Thu, 02 Feb 2023 07:43:32 GMT
Connection: keep-alive
www.mdlaw-cardiff.co.uk/sites/default/files/mdlaw.png
95.172.86.104200 OK 22 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/mdlaw.png
IP 95.172.86.104:0
File type PNG image data, 237 x 147, 8-bit/color RGBA, non-interlaced\012- data
Hash 73d60e1d4804813e7682ab99120a96dd
9f94f2ac7a4a3e6637a5ee5ce5847c3e6954c0a9
61a59f5c9d6d9c8b98a7b18d06927de2b8f7153609182d98b47e9df2aebbbb87
GET /sites/default/files/mdlaw.png HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:32 GMT
Content-Type: image/png
Content-Length: 22017
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Mon, 04 Nov 2019 08:46:51 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:32 GMT
Accept-Ranges: bytes
fonts.googleapis.com/css?family=Montserrat:400,600,700,900
142.250.74.106200 OK 4.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,600,700,900
IP 142.250.74.106:0
Hash 130d224538d4396cd7dfc2cb7f9fd1e3
9998e30de5be73c5adac27f64afe75edf1773420
12ab971cb73ebdf448e4b066df0466bc32c53f9c0433464c01900d880a43ae64
GET /css?family=Montserrat:400,600,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 07:43:32 GMT
date: Thu, 02 Feb 2023 07:43:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a36c4fb-50d9-4aa0-bfa2-db52c0bc2f9a.gif
34.120.237.76200 OK 45 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a36c4fb-50d9-4aa0-bfa2-db52c0bc2f9a.gif
IP 34.120.237.76:0
File type GIF image data, version 89a, 296 x 148\012- data
Hash 54d9e8efcff3cc7fa309dc41e89c2a26
fa1cd58cf243d18f360e4394a02bee994e738c0a
4dd37eec5c27d911c3193c7ba08c10a8ec2526eac48c9b6a2a4ec49502cf189a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a36c4fb-50d9-4aa0-bfa2-db52c0bc2f9a.gif HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 44860
x-amzn-requestid: 318e5c01-c024-4c5e-8422-e6cba20b8dc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaTEeBoAMFesA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-4b775cdc759aac341f2aff9a;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vmPt8MLY6RsliPiMKcbnJ6jGjfuc8LXspyaqEIQiExnxnPOXIWDhqA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:19:04 GMT
age: 1468
etag: "fa1cd58cf243d18f360e4394a02bee994e738c0a"
content-type: image/gif
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d807a49-adb3-465b-bdcf-f7b8f276af86.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d807a49-adb3-465b-bdcf-f7b8f276af86.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a62a4f48037f1f84b8fd03347daf9ab9
e67e666749b07a0d343d1d0f74d59155ba25d687
5a9ebe1bec39e5d69b20c9747f32c85be906cddba92501052d54dc9a37d3c52d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d807a49-adb3-465b-bdcf-f7b8f276af86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 2874
x-amzn-requestid: 0102a009-be1f-4890-97db-674ebd79e449
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frep5EBOoAMFgiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dade3f-371af67b2cc767ed35cb81d6;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:48:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MwPmKlNm1j7hqbrlEgxAlfu0gQQNhnkrHnL-YABUr7P8_oFaoFDgFA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:37 GMT
age: 34975
etag: "e67e666749b07a0d343d1d0f74d59155ba25d687"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df4a4906103a8f409c066b1cded71384
22847e3926db3e3d5f6b529297a4abe8b377c3a6
84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 33714
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0f85742f336de59ca88f7f964a8b33f4
0fc7177f8cb06421a8807e93989f651bda743567
fbd5fd39c39c218b0fa956f8cb8050cbdbfcb109a92303f6175d73cc8c339526
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8642
x-amzn-requestid: f47f7616-41aa-4983-8ada-20f6f0b6856b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frfXtHkUoAMFr1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadf64-083a903959cdab540bd38265;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:53:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UqoeSWse0jZAC3IEIWk5fj9q_4xsAoZRkn67U4m2L5NkayHxsAYmlA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:35 GMT
age: 34977
etag: "0fc7177f8cb06421a8807e93989f651bda743567"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d910c24f5a6108cb74103cd70692a703
9fe648fa464e46d16f685aca1704f3414eda4107
5cbe5e571e62555225621440203ae24a3b8c41ac7f49b6b731bc2c94e620797f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5561
x-amzn-requestid: 76ca969b-a840-4d5c-97c1-2dfd93b8f630
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKYE3-IAMFqbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-2729fe22420bcc0563c39aff;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: E91BIw8QT3vXXQY8GIPpnRqnTZV4paZ3wynf7UjLnjeIfwS0tiC1Gg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 33714
etag: "9fe648fa464e46d16f685aca1704f3414eda4107"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.mdlaw-cardiff.co.uk/sites/default/files/team/lucy-williams.jpg
95.172.86.104200 OK 53 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/team/lucy-williams.jpg
IP 95.172.86.104:0
File type JPEG image data, progressive, precision 8, 800x800, components 3\012- data
Hash ea06b75df6d21f69df3786ce55cdf2f1
c89e78fe13573e917037d1b18bc12303e1c7c278
91a3abe58fff9f1f1911bf8f08808e96f2a2626d36a41b360096cfce61f2d6af
GET /sites/default/files/team/lucy-williams.jpg HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:32 GMT
Content-Type: image/jpeg
Content-Length: 53147
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Feb 2022 08:37:00 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:32 GMT
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/sites/default/files/2wish.jpg
95.172.86.104200 OK 22 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/2wish.jpg
IP 95.172.86.104:0
File type JPEG image data, progressive, precision 8, 2828x366, components 3\012- data
Hash fdc201606b7eff44d262913362ba8072
f0c3447a9e05422c46ac905b73487cfac0597b4d
4487b5e2e80d79064782f3e7842662784f8d78c3724543b8c2338e43e34ab849
GET /sites/default/files/2wish.jpg HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:32 GMT
Content-Type: image/jpeg
Content-Length: 21558
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 12 Jun 2020 12:25:45 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:32 GMT
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/sites/default/files/styles/medium/public/2019-11/md-law-beddau-meeting-rooms.png?itok=6tcL_2QZ
95.172.86.104200 OK 422 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/styles/medium/public/2019-11/md-law-beddau-meeting-rooms.png?itok=6tcL_2QZ
IP 95.172.86.104:0
File type PNG image data, 750 x 450, 8-bit/color RGBA, non-interlaced\012- data
Size 422 kB (422148 bytes)
Hash ce2283cff62fd216d27f751041f8ef99
839532f6659d566de95a2c264e6bf3800518ec3b
98eaab292c0ecadc2482be6292989d1d4b844a712526d62b29a00fad900c4555
GET /sites/default/files/styles/medium/public/2019-11/md-law-beddau-meeting-rooms.png?itok=6tcL_2QZ HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:32 GMT
Content-Type: image/png
Content-Length: 422148
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 28 Nov 2019 11:23:42 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:32 GMT
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/sites/default/files/team/mary-minton-2022.png
95.172.86.104200 OK 484 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/team/mary-minton-2022.png
IP 95.172.86.104:0
File type PNG image data, 750 x 750, 8-bit/color RGB, non-interlaced\012- data
Size 484 kB (483568 bytes)
Hash 3100c134327f6b5f0c9b5da82f527135
ca577cb3149b437160010f88d600ac54efb9430d
07b6279b97fcd30b71d3d75eb042d0d5206ea12e58287a0980a0ada0a737505d
GET /sites/default/files/team/mary-minton-2022.png HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:32 GMT
Content-Type: image/png
Content-Length: 483568
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Apr 2022 05:56:24 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:32 GMT
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/sites/default/files/team/toby-arja.png
95.172.86.104200 OK 322 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/team/toby-arja.png
IP 95.172.86.104:0
File type PNG image data, 800 x 800, 8-bit gray+alpha, non-interlaced\012- data
Size 322 kB (322027 bytes)
Hash 19f0abd8ebc5bb9f7df8957c1f13c75d
c3ee68a204a4f82c488dadf6d033acd4e1ded93e
91575c4678772d1879801e415ea530159db48018de40c937b6c5b9f4803174b0
GET /sites/default/files/team/toby-arja.png HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:32 GMT
Content-Type: image/png
Content-Length: 322027
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Feb 2021 14:52:49 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:32 GMT
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/sites/default/files/styles/medium/public/2019-11/md-law-57-merthyr-road.png?itok=ZFnQ5yHw
95.172.86.104200 OK 395 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/styles/medium/public/2019-11/md-law-57-merthyr-road.png?itok=ZFnQ5yHw
IP 95.172.86.104:0
File type PNG image data, 750 x 450, 8-bit/color RGBA, non-interlaced\012- data
Size 395 kB (394807 bytes)
Hash 190460ee5b5df56c63834143a2e9dbde
ff047f727b8a9cd0ac0e829e88c64491e69772e0
1fb0841cc666fe4f9ecb24745b80e3bd30e866d1a12ea90e26e1848d750491a8
Analyzer Verdict Alert fortinet Phishing
GET /sites/default/files/styles/medium/public/2019-11/md-law-57-merthyr-road.png?itok=ZFnQ5yHw HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:32 GMT
Content-Type: image/png
Content-Length: 394807
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 28 Nov 2019 11:17:46 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:32 GMT
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/sites/default/files/gva-sliderlayer-upload/mdlaw-whitchurch-1-8p4obf.jpg
95.172.86.104200 OK 1.2 MB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/gva-sliderlayer-upload/mdlaw-whitchurch-1-8p4obf.jpg
IP 95.172.86.104:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Macintosh), datetime=2019:12:09 09:30:24], baseline, precision 8, 1920x800, components 3\012- data
Size 1.2 MB (1166738 bytes)
Hash e47b81fd6a408bbbb91f39a60132496c
8e462a2d3322eb5e1f00b98ec5e88f739e75074e
38acf81632ecd2818bdb93958630aba2eabf9845ec94b3c4ad37a6e295fcb58d
GET /sites/default/files/gva-sliderlayer-upload/mdlaw-whitchurch-1-8p4obf.jpg HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:32 GMT
Content-Type: image/jpeg
Content-Length: 1166738
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Mon, 09 Dec 2019 08:31:00 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:32 GMT
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/sites/default/files/hyresnamnd.png
95.172.86.104200 OK 2.0 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/hyresnamnd.png
IP 95.172.86.104:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 24d46bd0b9fc4c2a9fd10fcfd2f508d3
63883f143042967fd48a0c79ebe1bb41c21ae122
7bb21de5c89b065a8e583a24c854c6b3c40520f2446c6d2c9b50c9ca794d16eb
GET /sites/default/files/hyresnamnd.png HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:33 GMT
Content-Type: image/png
Content-Length: 1983
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 May 2020 20:54:19 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:32 GMT
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/sites/default/files/gva-sliderlayer-upload/mdlaw-whitchurch-1-i6ogda.jpg
95.172.86.104200 OK 1.2 MB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/gva-sliderlayer-upload/mdlaw-whitchurch-1-i6ogda.jpg
IP 95.172.86.104:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Macintosh), datetime=2019:12:09 09:30:24], baseline, precision 8, 1920x800, components 3\012- data
Size 1.2 MB (1166738 bytes)
Hash e47b81fd6a408bbbb91f39a60132496c
8e462a2d3322eb5e1f00b98ec5e88f739e75074e
38acf81632ecd2818bdb93958630aba2eabf9845ec94b3c4ad37a6e295fcb58d
GET /sites/default/files/gva-sliderlayer-upload/mdlaw-whitchurch-1-i6ogda.jpg HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:32 GMT
Content-Type: image/jpeg
Content-Length: 1166738
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Mon, 09 Dec 2019 08:30:41 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:32 GMT
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/sites/default/files/gva-sliderlayer-upload/mdlaw-whitchurch-1-qxagmx.jpg
95.172.86.104200 OK 1.2 MB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/gva-sliderlayer-upload/mdlaw-whitchurch-1-qxagmx.jpg
IP 95.172.86.104:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Macintosh), datetime=2019:12:09 09:30:24], baseline, precision 8, 1920x800, components 3\012- data
Size 1.2 MB (1166738 bytes)
Hash e47b81fd6a408bbbb91f39a60132496c
8e462a2d3322eb5e1f00b98ec5e88f739e75074e
38acf81632ecd2818bdb93958630aba2eabf9845ec94b3c4ad37a6e295fcb58d
GET /sites/default/files/gva-sliderlayer-upload/mdlaw-whitchurch-1-qxagmx.jpg HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:32 GMT
Content-Type: image/jpeg
Content-Length: 1166738
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Mon, 09 Dec 2019 08:31:12 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:32 GMT
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/themes/gavias_vitaco/fonts/brandon-grotesque/BrandonGrotesque-Regular.otf
95.172.86.104200 OK 86 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/themes/gavias_vitaco/fonts/brandon-grotesque/BrandonGrotesque-Regular.otf
IP 95.172.86.104:0
File type OpenType font data\012- data
Hash 1f55925e52b9e71fd57108874184060d
e8acc9022336f58bb5ee2e2d4d98b51bebf45990
f02b5750f291a5bd474f7cdbcb7b3fa79f2016c6af20d661b490b9bf945d41fc
Analyzer Verdict Alert fortinet Phishing
GET /themes/gavias_vitaco/fonts/brandon-grotesque/BrandonGrotesque-Regular.otf HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/sites/default/files/css/css_6HtfSM-F3OGTGIEsBJcHSrUdJroQhjO9L1h0zkbmoUU.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:33 GMT
Content-Type: font/otf
Content-Length: 86528
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 May 2019 20:07:46 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:33 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/themes/gavias_vitaco/css/font-awesome/webfonts/fa-solid-900.woff2
95.172.86.104200 OK 62 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/themes/gavias_vitaco/css/font-awesome/webfonts/fa-solid-900.woff2
IP 95.172.86.104:0
File type Web Open Font Format (Version 2), TrueType, length 62472, version 1.0\012- data
Hash b75b4bfe0d58faeced5006c785eaae23
92da6e3c7121e21cdfde25ef08797a3937a683e1
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
Analyzer Verdict Alert fortinet Phishing
GET /themes/gavias_vitaco/css/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/sites/default/files/css/css_6HtfSM-F3OGTGIEsBJcHSrUdJroQhjO9L1h0zkbmoUU.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:33 GMT
Content-Type: font/woff2
Content-Length: 62472
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 May 2019 20:07:46 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:33 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/themes/gavias_vitaco/fonts/brandon-grotesque/BrandonGrotesque-Bold.otf
95.172.86.104200 OK 90 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/themes/gavias_vitaco/fonts/brandon-grotesque/BrandonGrotesque-Bold.otf
IP 95.172.86.104:0
File type OpenType font data\012- data
Hash fa11c3ca7b2301d6b8da51b04985fb05
a9b9dae4568883ef65d130a8237343185d463f2a
36906b2b3f6a199b3c59e6d862bfb36ed52d5c8de14ce46da8a8c5890250eb17
Analyzer Verdict Alert fortinet Phishing
GET /themes/gavias_vitaco/fonts/brandon-grotesque/BrandonGrotesque-Bold.otf HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/sites/default/files/css/css_6HtfSM-F3OGTGIEsBJcHSrUdJroQhjO9L1h0zkbmoUU.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:33 GMT
Content-Type: font/otf
Content-Length: 89928
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 May 2019 20:07:46 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:33 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 07:43:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mdlaw-cardiff.co.uk/themes/gavias_vitaco/fonts/brandon-grotesque/BrandonGrotesque-Black.otf
95.172.86.104200 OK 91 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/themes/gavias_vitaco/fonts/brandon-grotesque/BrandonGrotesque-Black.otf
IP 95.172.86.104:0
File type OpenType font data\012- data
Hash c10f15f179ff812edfa4ab94cb5e7652
49f66a5c83ed144dd9397652e4974d118e5136a2
b6f59c7db553f699a9c4995ce7583b2b158eb3f767ba99514ffa9ae94c41a8ef
Analyzer Verdict Alert fortinet Phishing
GET /themes/gavias_vitaco/fonts/brandon-grotesque/BrandonGrotesque-Black.otf HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/sites/default/files/css/css_6HtfSM-F3OGTGIEsBJcHSrUdJroQhjO9L1h0zkbmoUU.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:33 GMT
Content-Type: font/otf
Content-Length: 90892
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 May 2019 20:07:46 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:33 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/sites/default/files/gva-sliderlayer-upload/mdlaw-whitchurch-1-czo2tm.jpg
95.172.86.104200 OK 1.2 MB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/gva-sliderlayer-upload/mdlaw-whitchurch-1-czo2tm.jpg
IP 95.172.86.104:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Macintosh), datetime=2019:12:09 09:30:24], baseline, precision 8, 1920x800, components 3\012- data
Size 1.2 MB (1166738 bytes)
Hash e47b81fd6a408bbbb91f39a60132496c
8e462a2d3322eb5e1f00b98ec5e88f739e75074e
38acf81632ecd2818bdb93958630aba2eabf9845ec94b3c4ad37a6e295fcb58d
GET /sites/default/files/gva-sliderlayer-upload/mdlaw-whitchurch-1-czo2tm.jpg HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:33 GMT
Content-Type: image/jpeg
Content-Length: 1166738
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Dec 2019 05:52:45 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:33 GMT
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/sites/default/files/gva-sliderlayer-upload/mdlaw-whitchurch-1-ak5n0q.jpg
95.172.86.104200 OK 1.2 MB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/gva-sliderlayer-upload/mdlaw-whitchurch-1-ak5n0q.jpg
IP 95.172.86.104:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Macintosh), datetime=2019:12:09 09:30:24], baseline, precision 8, 1920x800, components 3\012- data
Size 1.2 MB (1166738 bytes)
Hash e47b81fd6a408bbbb91f39a60132496c
8e462a2d3322eb5e1f00b98ec5e88f739e75074e
38acf81632ecd2818bdb93958630aba2eabf9845ec94b3c4ad37a6e295fcb58d
GET /sites/default/files/gva-sliderlayer-upload/mdlaw-whitchurch-1-ak5n0q.jpg HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:33 GMT
Content-Type: image/jpeg
Content-Length: 1166738
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Dec 2019 05:52:57 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:33 GMT
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/sites/default/files/brott.png
95.172.86.104200 OK 3.9 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/brott.png
IP 95.172.86.104:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 3d1e6f5087188d6687f1ae1855da667e
89fae46c76cd1cd21586d4a527f9b643118ee482
c78b26ab47b27ffb9028662bcad79e05635114910b4bb431a397733931ac4c4c
GET /sites/default/files/brott.png HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:33 GMT
Content-Type: image/png
Content-Length: 3873
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Tue, 21 Apr 2020 20:36:07 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:33 GMT
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 07:43:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mdlaw-cardiff.co.uk/sites/default/files/team/helen-dickie-bw.png
95.172.86.104200 OK 505 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/team/helen-dickie-bw.png
IP 95.172.86.104:0
File type PNG image data, 800 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size 505 kB (505429 bytes)
Hash c2230489e6f08b468e38888d0c5fd938
3820124bb3e160df6e7df64a864ddba5f1f2b4ab
b10ea1d2a70455d116b0582cfe2f16371946f012199def24adfc9955d3583911
GET /sites/default/files/team/helen-dickie-bw.png HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:33 GMT
Content-Type: image/png
Content-Length: 505429
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 28 Nov 2019 06:54:45 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:33 GMT
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/sites/default/files/tvist_0.png
95.172.86.104200 OK 1.8 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/tvist_0.png
IP 95.172.86.104:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash f77e585ce86ad6e5e09676d3702558c4
e15188a5293f5f188d4681a496781482640d60cf
ddac357392b9f7397c6ad41be2c39dc76e2ddbd0d305ed7c938f7c337461e552
GET /sites/default/files/tvist_0.png HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:33 GMT
Content-Type: image/png
Content-Length: 1750
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Wed, 13 Nov 2019 16:48:33 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:33 GMT
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/sites/default/files/team/Amy1_0.jpg
95.172.86.104200 OK 38 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/team/Amy1_0.jpg
IP 95.172.86.104:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=299, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=299], baseline, precision 8, 400x400, components 3\012- data
Hash bb727669cc7db25103c67abf41b69280
1be8ad186a27e1ad1be3f580edad6693b699aa6f
440617fc405ddb5680b397ffb556e09cd52199b90b2a736506d5be75cb239068
GET /sites/default/files/team/Amy1_0.jpg HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:33 GMT
Content-Type: image/jpeg
Content-Length: 38054
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Fri, 09 Jul 2021 08:54:07 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:33 GMT
Accept-Ranges: bytes
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mdlaw-cardiff.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 294093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mdlaw-cardiff.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 153267
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 07:43:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 6d11a26e2d8e0e461e807ea0ac480a79
d1e5628b8537c5cd431571acc4108cb3acde71a8
39091ce03bd939491655615c3ee1c16b01ccb1b827681d70bb512ad17d6f3b03
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1906
Cache-Control: max-age=114315
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 07:43:33 GMT
Etag: "63da7dbe-2d7"
Expires: Fri, 03 Feb 2023 15:28:48 GMT
Last-Modified: Wed, 01 Feb 2023 14:57:02 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 727
cdn.yoshki.com/iframe/55845r.html
8.247.219.122200 OK 294 B URL HTTP/2 cdn.yoshki.com/iframe/55845r.html
IP 8.247.219.122:0
File type HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash dd48da5a91b6830d30dfa697e8c519ce
0e9f32be0380020f7048cda506329793ffc78c6b
61d5364a4181378603a0ac8d6c264792780967d7471eb80f9fe8f20f65d32e4f
GET /iframe/55845r.html HTTP/1.1
Host: cdn.yoshki.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:33 GMT
content-type: text/html
content-length: 294
last-modified: Tue, 02 Jun 2020 13:31:27 GMT
server: Microsoft-IIS/10.0
vary: accept-encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-powered-by: ASP.NET
content-encoding: gzip
etag: W/"76c86e1ee238d61:0"
age: 10520628
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 6d11a26e2d8e0e461e807ea0ac480a79
d1e5628b8537c5cd431571acc4108cb3acde71a8
39091ce03bd939491655615c3ee1c16b01ccb1b827681d70bb512ad17d6f3b03
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1906
Cache-Control: max-age=114315
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 07:43:33 GMT
Etag: "63da7dbe-2d7"
Expires: Fri, 03 Feb 2023 15:28:48 GMT
Last-Modified: Wed, 01 Feb 2023 14:57:02 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 727
cdn.yoshki.com/responsive.css
8.247.219.122200 OK 97 B URL HTTP/2 cdn.yoshki.com/responsive.css
IP 8.247.219.122:0
File type ASCII text, with CRLF line terminators
Hash 59db11fe62f959d29e8e3d48798c493f
942b02870638237f0d192477b9eff9a84773c4c8
57a83bea52c045cbcf4b579ad78017dfd2737afbad9357cc33d04505a6f52130
GET /responsive.css HTTP/1.1
Host: cdn.yoshki.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.yoshki.com/iframe/55845r.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:33 GMT
content-type: text/css
content-length: 97
last-modified: Thu, 12 Dec 2019 21:07:04 GMT
server: Microsoft-IIS/10.0
vary: accept-encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-powered-by: ASP.NET
content-encoding: gzip
etag: W/"89c1a1b30b1d51:0"
age: 10520892
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mdlaw-cardiff.co.uk/sites/default/files/family.png
95.172.86.104200 OK 2.1 MB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/family.png
IP 95.172.86.104:0
File type PNG image data, 2000 x 1414, 8-bit/color RGBA, non-interlaced\012- data
Size 2.1 MB (2096146 bytes)
Hash f143196562dd0162f94ea2c3c7bbc16b
66b73e6bc285c8e571de23bf589bc174a42cb9b0
eeb7c72bc4430ec57aea6235b054826dbfe60c33c8cd4d483bc4b46fc04ae0e8
GET /sites/default/files/family.png HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:33 GMT
Content-Type: image/png
Content-Length: 2096146
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Nov 2020 16:33:13 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:33 GMT
Accept-Ranges: bytes
cdn.yoshki.com/yoshki-library.js
8.247.219.122200 OK 8.0 kB URL HTTP/2 cdn.yoshki.com/yoshki-library.js
IP 8.247.219.122:0
File type ASCII text, with very long lines (32001), with CRLF line terminators
Hash 9679b95aa67105c6225bf703391e043e
b26d028a1908dca006bb72b5982f445c6b6e97b8
afed91d9e4a85861005b853086a655558f68996feaa79983b83bfc48b654412d
GET /yoshki-library.js HTTP/1.1
Host: cdn.yoshki.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.yoshki.com/iframe/55845r.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:33 GMT
content-type: application/javascript
content-length: 8011
last-modified: Tue, 20 Apr 2021 10:08:45 GMT
server: Microsoft-IIS/10.0
vary: accept-encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-powered-by: ASP.NET
content-encoding: gzip
etag: W/"401c2026cd35d71:0"
age: 10520933
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mdlaw-cardiff.co.uk/sites/default/files/mundeahlberg-2a.png
95.172.86.104200 OK 510 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/mundeahlberg-2a.png
IP 95.172.86.104:0
File type PNG image data, 1920 x 800, 8-bit grayscale, non-interlaced\012- data
Size 510 kB (509815 bytes)
Hash 727e312dfba44f036f1b724a9cfb48a8
11c0411da0659d0b9bced47fb14fe0a8824fb03b
900e1cd62b5a19da746d23b8e8cb3fe5754fe1a8bb9f57f85032df5b49c5aa34
GET /sites/default/files/mundeahlberg-2a.png HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:33 GMT
Content-Type: image/png
Content-Length: 509815
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Wed, 13 Nov 2019 20:57:44 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:33 GMT
Accept-Ranges: bytes
www.mdlaw-cardiff.co.uk/themes/gavias_vitaco/imagesgrid-slide.png
95.172.86.104404 Not Found 230 B URL HTTP/1.1 www.mdlaw-cardiff.co.uk/themes/gavias_vitaco/imagesgrid-slide.png
IP 95.172.86.104:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 798761c4a11a838cb07d5e6cf58d78f0
31f36f92452c426422d3a0d9eee124a67bbd7db3
f9087b919d831bc906ae3248bc6513a09683002c09edc53755c81436263875aa
GET /themes/gavias_vitaco/imagesgrid-slide.png HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/sites/default/files/css/css_6HtfSM-F3OGTGIEsBJcHSrUdJroQhjO9L1h0zkbmoUU.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 02 Feb 2023 07:43:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: must-revalidate, no-cache, private
X-UA-Compatible: IE=edge
Content-language: en
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Expires: Sun, 19 Nov 1978 05:00:00 GMT
X-Generator: Drupal 8 (https://www.drupal.org)
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
cdn.yoshki.com/SRA/EnglishColour/275/0/Default.png
8.247.219.122200 OK 36 kB URL HTTP/2 cdn.yoshki.com/SRA/EnglishColour/275/0/Default.png
IP 8.247.219.122:0
File type PNG image data, 275 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash a4e72200c1943d435ce6de0b35d62cf1
2a608042a5f2df9d600d7b7b30a52064253c017f
f1ff8f7dc1b58278b63b76de2daa637927d6213b2526ccd3cea6fce9620e6c54
GET /SRA/EnglishColour/275/0/Default.png HTTP/1.1
Host: cdn.yoshki.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.yoshki.com/iframe/55845r.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:33 GMT
content-type: image/png
content-length: 35938
cache-control: public
etag: "RDpcaW5ldHB1Ylx5b3Noa2l3ZWJcU1JBXEVuZ2xpc2hDb2xvdXJcMjc1XDBcRGVmYXVsdC5wbmc= 06/04/2021 12:16:25"
expires: Fri, 03 Feb 2023 00:00:00 GMT
last-modified: Tue, 06 Apr 2021 11:16:25 GMT
server: Microsoft-IIS/10.0
vary: accept-encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
age: 27557
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mdlaw-cardiff.co.uk/sites/default/files/gva-sliderlayer-upload/mdlaw-whitchurch-1-v0bbp2.jpg
95.172.86.104200 OK 1.2 MB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/gva-sliderlayer-upload/mdlaw-whitchurch-1-v0bbp2.jpg
IP 95.172.86.104:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Macintosh), datetime=2019:12:09 09:30:24], baseline, precision 8, 1920x800, components 3\012- data
Size 1.2 MB (1166738 bytes)
Hash e47b81fd6a408bbbb91f39a60132496c
8e462a2d3322eb5e1f00b98ec5e88f739e75074e
38acf81632ecd2818bdb93958630aba2eabf9845ec94b3c4ad37a6e295fcb58d
GET /sites/default/files/gva-sliderlayer-upload/mdlaw-whitchurch-1-v0bbp2.jpg HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:33 GMT
Content-Type: image/jpeg
Content-Length: 1166738
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Dec 2019 05:52:33 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:33 GMT
Accept-Ranges: bytes
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
216.58.207.202200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 216.58.207.202:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.yoshki.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:28:50 GMT
expires: Thu, 01 Feb 2024 22:28:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 33283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.yoshki.com/responsive.css
8.247.219.122304 Not Modified 0 B URL HTTP/2 cdn.yoshki.com/responsive.css
IP 8.247.219.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /responsive.css HTTP/1.1
Host: cdn.yoshki.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.yoshki.com/iframe/55851r.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Thu, 12 Dec 2019 21:07:04 GMT
If-None-Match: W/"89c1a1b30b1d51:0"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 02 Feb 2023 07:43:33 GMT
last-modified: Thu, 12 Dec 2019 21:07:04 GMT
server: Microsoft-IIS/10.0
vary: accept-encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-powered-by: ASP.NET
etag: W/"89c1a1b30b1d51:0"
age: 10520892
X-Firefox-Spdy: h2
cdn.yoshki.com/yoshki-library.js
8.247.219.122304 Not Modified 0 B URL HTTP/2 cdn.yoshki.com/yoshki-library.js
IP 8.247.219.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /yoshki-library.js HTTP/1.1
Host: cdn.yoshki.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.yoshki.com/iframe/55851r.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 20 Apr 2021 10:08:45 GMT
If-None-Match: W/"401c2026cd35d71:0"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 02 Feb 2023 07:43:33 GMT
last-modified: Tue, 20 Apr 2021 10:08:45 GMT
server: Microsoft-IIS/10.0
vary: accept-encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-powered-by: ASP.NET
etag: W/"401c2026cd35d71:0"
age: 10520933
X-Firefox-Spdy: h2
www.mdlaw-cardiff.co.uk/sites/default/files/Will3.png
95.172.86.104200 OK 3.1 MB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/Will3.png
IP 95.172.86.104:0
File type PNG image data, 2000 x 1414, 8-bit/color RGBA, non-interlaced\012- data
Size 3.1 MB (3080938 bytes)
Hash 10cb193ed877768b6f91c4d568c41fcf
52536e43f371d45da92adb3ba36f59cf99d9f1ba
37cf2d819961ff8cb83716093203f883d6f27d5c0920347cfa98dbe73ca5d11a
GET /sites/default/files/Will3.png HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:33 GMT
Content-Type: image/png
Content-Length: 3080938
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Wed, 13 Nov 2019 16:51:35 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:33 GMT
Accept-Ranges: bytes
cdn.yoshki.com/SRA/EnglishColour/275/0/_Default.png
8.247.219.122200 OK 303 B URL HTTP/2 cdn.yoshki.com/SRA/EnglishColour/275/0/_Default.png
IP 8.247.219.122:0
File type PNG image data, 275 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c0f57365cd4f64e9dfc056b5b6b00d2
159a395b182d8eb5eadf5bf49f0e43028f6be92c
f33a29217ed3d9b61368e4a69fa485109cc6324bcbdf9c64b533072acc79dd35
GET /SRA/EnglishColour/275/0/_Default.png HTTP/1.1
Host: cdn.yoshki.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.yoshki.com/iframe/55845r.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:33 GMT
content-type: image/png
content-length: 303
cache-control: public
etag: "RDpcaW5ldHB1Ylx5b3Noa2l3ZWJcU1JBXEVuZ2xpc2hDb2xvdXJcMjc1XDBcX0RlZmF1bHQucG5n 06/04/2021 11:54:04"
expires: Fri, 03 Feb 2023 00:00:00 GMT
last-modified: Tue, 06 Apr 2021 10:54:04 GMT
server: Microsoft-IIS/10.0
vary: accept-encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
age: 27812
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 02 Feb 2023 05:44:08 GMT
expires: Thu, 02 Feb 2023 07:44:08 GMT
cache-control: public, max-age=7200
age: 7165
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.mdlaw-cardiff.co.uk/sites/default/files/mdlaw%20copy.ico
95.172.86.104200 OK 21 kB URL HTTP/1.1 www.mdlaw-cardiff.co.uk/sites/default/files/mdlaw%20copy.ico
IP 95.172.86.104:0
File type PNG image data, 208 x 208, 8-bit/color RGBA, non-interlaced\012- data
Hash 6de4dba333f6755dedff7c444ea0527c
ef77a8ad31c2d976a11808acaf1fafcdc04dbefc
1c68121b21c31575291979d217bae434a376b2a78f706d263644338f1cf34bea
Analyzer Verdict Alert fortinet Phishing
GET /sites/default/files/mdlaw%20copy.ico HTTP/1.1
Host: www.mdlaw-cardiff.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 07:43:33 GMT
Content-Type: image/x-icon
Content-Length: 20608
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 28 Nov 2019 11:23:12 GMT
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 07:43:33 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes
cdn.yoshki.com/SRA/WelshColour/275/0/Default.png
8.247.219.122200 OK 36 kB URL HTTP/2 cdn.yoshki.com/SRA/WelshColour/275/0/Default.png
IP 8.247.219.122:0
File type PNG image data, 275 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash a4e72200c1943d435ce6de0b35d62cf1
2a608042a5f2df9d600d7b7b30a52064253c017f
f1ff8f7dc1b58278b63b76de2daa637927d6213b2526ccd3cea6fce9620e6c54
GET /SRA/WelshColour/275/0/Default.png HTTP/1.1
Host: cdn.yoshki.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.yoshki.com/iframe/55851r.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:33 GMT
content-type: image/png
content-length: 35938
cache-control: public
etag: "RDpcaW5ldHB1Ylx5b3Noa2l3ZWJcU1JBXFdlbHNoQ29sb3VyXDI3NVwwXERlZmF1bHQucG5n 29/05/2020 12:45:08"
expires: Fri, 03 Feb 2023 00:00:00 GMT
last-modified: Fri, 29 May 2020 11:45:08 GMT
server: Microsoft-IIS/10.0
vary: accept-encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
age: 11412
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.yoshki.com/SRA/EnglishColour/275/0/=Default.png?a=121*012801280128@550=801090=701060128@5401$0106012301090=40=10=1@5501$012@05501260=6
8.247.219.122200 OK 18 kB URL HTTP/2 cdn.yoshki.com/SRA/EnglishColour/275/0/=Default.png?a=121*012801280128@550=801090=701060128@5401$0106012301090=40=10=1@5501$012@05501260=6
IP 8.247.219.122:0
File type PNG image data, 275 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash 453ba33697b81c8336cc7e5db0b7ca3b
64897ad5b0749b103a07f05554c0ea3159bf0a7f
67f298865308de7ff4491a5f6f706c026c300e823bf4205491a668e22597a8d6
GET /SRA/EnglishColour/275/0/=Default.png?a=121*012801280128@550=801090=701060128@5401$0106012301090=40=10=1@5501$012@05501260=6 HTTP/1.1
Host: cdn.yoshki.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.yoshki.com/iframe/55845r.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:33 GMT
content-type: image/png
content-length: 18417
cache-control: public
etag: "RDpcaW5ldHB1Ylx5b3Noa2l3ZWJcU1JBXEVuZ2xpc2hDb2xvdXJcMjc1XDBcPVllcy5wbmc= 02/02/2023 00:00:00"
expires: Fri, 03 Feb 2023 00:00:00 GMT
last-modified: Thu, 02 Feb 2023 00:00:00 GMT
server: Microsoft-IIS/10.0
vary: accept-encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.yoshki.com/SRA/EnglishColour/275/0/-Default.png?a=121*012801280128@550=801090=701060128@5401$0106012301090=40=10=1@5501$012@05501260=6
8.247.219.122200 OK 12 kB URL HTTP/2 cdn.yoshki.com/SRA/EnglishColour/275/0/-Default.png?a=121*012801280128@550=801090=701060128@5401$0106012301090=40=10=1@5501$012@05501260=6
IP 8.247.219.122:0
File type PNG image data, 275 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash 27d3f4e9e7f80c3498d6acdead8ea842
bdaa3e487f5c24cba34f4f4489647f3c8564fcf9
eda8542677901da39287d9735e32d6d556a209c84a80e3e28f547b8f8395e5aa
GET /SRA/EnglishColour/275/0/-Default.png?a=121*012801280128@550=801090=701060128@5401$0106012301090=40=10=1@5501$012@05501260=6 HTTP/1.1
Host: cdn.yoshki.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.yoshki.com/iframe/55845r.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:33 GMT
content-type: image/png
content-length: 11625
cache-control: public
etag: "RDpcaW5ldHB1Ylx5b3Noa2l3ZWJcU1JBXEVuZ2xpc2hDb2xvdXJcMjc1XDBcLVllcy5wbmc= 02/02/2023 00:00:00"
expires: Fri, 03 Feb 2023 00:00:00 GMT
last-modified: Thu, 02 Feb 2023 00:00:00 GMT
server: Microsoft-IIS/10.0
vary: accept-encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.yoshki.com/SRA/WelshColour/275/0/_Default.png
8.247.219.122200 OK 303 B URL HTTP/2 cdn.yoshki.com/SRA/WelshColour/275/0/_Default.png
IP 8.247.219.122:0
File type PNG image data, 275 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c0f57365cd4f64e9dfc056b5b6b00d2
159a395b182d8eb5eadf5bf49f0e43028f6be92c
f33a29217ed3d9b61368e4a69fa485109cc6324bcbdf9c64b533072acc79dd35
GET /SRA/WelshColour/275/0/_Default.png HTTP/1.1
Host: cdn.yoshki.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.yoshki.com/iframe/55851r.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:33 GMT
content-type: image/png
content-length: 303
cache-control: public
etag: "RDpcaW5ldHB1Ylx5b3Noa2l3ZWJcU1JBXFdlbHNoQ29sb3VyXDI3NVwwXF9EZWZhdWx0LnBuZw== 29/05/2020 14:29:22"
expires: Fri, 03 Feb 2023 00:00:00 GMT
last-modified: Fri, 29 May 2020 13:29:22 GMT
server: Microsoft-IIS/10.0
vary: accept-encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.yoshki.com/SRA/WelshColour/275/0/-Default.png?a=121*012801280128@550=801090=701060128@5401$0106012301090=40=10=1@5501$012@05501260=6
8.247.219.122200 OK 12 kB URL HTTP/2 cdn.yoshki.com/SRA/WelshColour/275/0/-Default.png?a=121*012801280128@550=801090=701060128@5401$0106012301090=40=10=1@5501$012@05501260=6
IP 8.247.219.122:0
File type PNG image data, 275 x 157, 8-bit/color RGBA, non-interlaced\012- data
Hash f286826aceeb4ac3b7025a2364a48dee
7b17ddf412b08e8beb29fa360d5cc3b2a2712330
1eebc7eb558dd750a515b913d30309699e6292cd6297373580cf54535fc51142
GET /SRA/WelshColour/275/0/-Default.png?a=121*012801280128@550=801090=701060128@5401$0106012301090=40=10=1@5501$012@05501260=6 HTTP/1.1
Host: cdn.yoshki.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.yoshki.com/iframe/55851r.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:34 GMT
content-type: image/png
content-length: 11826
cache-control: public
etag: "RDpcaW5ldHB1Ylx5b3Noa2l3ZWJcU1JBXFdlbHNoQ29sb3VyXDI3NVwwXC1ZZXMucG5n 02/02/2023 00:12:35"
expires: Fri, 03 Feb 2023 00:00:00 GMT
last-modified: Thu, 02 Feb 2023 00:12:35 GMT
server: Microsoft-IIS/10.0
vary: accept-encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
age: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.yoshki.com/SRA/WelshColour/275/0/=Default.png?a=121*012801280128@550=801090=701060128@5401$0106012301090=40=10=1@5501$012@05501260=6
8.247.219.122200 OK 19 kB URL HTTP/2 cdn.yoshki.com/SRA/WelshColour/275/0/=Default.png?a=121*012801280128@550=801090=701060128@5401$0106012301090=40=10=1@5501$012@05501260=6
IP 8.247.219.122:0
File type PNG image data, 275 x 157, 8-bit/color RGBA, non-interlaced\012- data
Hash 22efb5d5677e9bf0feab1ac145582750
3609da3086c7df9f4ce52bd03f6f2cf6a197538c
68a2bdc815cb663a8e2305b1643a8d903afaa057d6e1141236e7f5360731cb8e
GET /SRA/WelshColour/275/0/=Default.png?a=121*012801280128@550=801090=701060128@5401$0106012301090=40=10=1@5501$012@05501260=6 HTTP/1.1
Host: cdn.yoshki.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.yoshki.com/iframe/55851r.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:34 GMT
content-type: image/png
content-length: 19251
cache-control: public
etag: "RDpcaW5ldHB1Ylx5b3Noa2l3ZWJcU1JBXFdlbHNoQ29sb3VyXDI3NVwwXD1ZZXMucG5n 02/02/2023 00:12:35"
expires: Fri, 03 Feb 2023 00:00:00 GMT
last-modified: Thu, 02 Feb 2023 00:12:35 GMT
server: Microsoft-IIS/10.0
vary: accept-encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
age: 2
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f8f48de864235d5d8b3d5be17a4e1ad3
62d79f5b3d9dd4d95876f2561c4a669bf8eac4a0
f587dbb5c019311f277e23e5fc6557d66cafd355fea2b9993f9f011e63ef3402
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3306
Cache-Control: max-age=124936
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 07:43:34 GMT
Etag: "63daa1c4-117"
Expires: Fri, 03 Feb 2023 18:25:50 GMT
Last-Modified: Wed, 01 Feb 2023 17:30:44 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a7f7aaefea5c7c65dc3c2e83b2032919
492d09014cebce118c2ae4adb38d97637016e629
bd41dab63041d1b61138918350b5616ec031ffab572ed6e37113be12efa112e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5488
Cache-Control: max-age=160621
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 07:43:34 GMT
Etag: "63db24a3-116"
Expires: Sat, 04 Feb 2023 04:20:35 GMT
Last-Modified: Thu, 02 Feb 2023 02:49:07 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 278
public.powrcdn.com/latest/assets/packs/style_packs/views-f890adcb91c0e3b848b7.css
188.114.96.1200 OK 39 kB URL HTTP/2 public.powrcdn.com/latest/assets/packs/style_packs/views-f890adcb91c0e3b848b7.css
IP 188.114.96.1:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4c167b2fdf403cf680fd07616704338b
a092710774ad39b127696eb708072a4163df3c61
6862b19c75452032328ebd7df4485b1910e1ec8ab2ad7ab3ec7e8b75f6c463db
GET /latest/assets/packs/style_packs/views-f890adcb91c0e3b848b7.css HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:34 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=464360
etag: W/"ea8930a5b861b46e28d626d7ca532c38"
last-modified: Thu, 26 Jan 2023 16:32:56 GMT
x-amz-id-2: f90DRP7yefgPHXVfuNQIcsGC+zFjo5tlgg3CW4U34e+6S+T14Y7b4hUIj6mTYffObNJPC6X/bRY=
x-amz-request-id: HM0WD3M0GC14FYKV
x-amz-version-id: PjrcFXHlwXk79R7JtJ.pf4vUgkRfMFgI
cache-control: max-age=2073600
cf-cache-status: HIT
age: 3203
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlQX8ynXyLEhGAFMjypP37R%2FDrlYwNje4T2F%2FXZQcb8m0C97n%2B4YG7vpJNurPMBU8IFWpVQkBIKrH4MQ7CW3DOA%2BrKRkljpfIZCt8EUqwgay3jxa6gop9a8K5cuL4W1H8Dcxh%2F0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79314bf0dec20b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a7f7aaefea5c7c65dc3c2e83b2032919
492d09014cebce118c2ae4adb38d97637016e629
bd41dab63041d1b61138918350b5616ec031ffab572ed6e37113be12efa112e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5488
Cache-Control: max-age=160621
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 07:43:34 GMT
Etag: "63db24a3-116"
Expires: Sat, 04 Feb 2023 04:20:35 GMT
Last-Modified: Thu, 02 Feb 2023 02:49:07 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 278
cdn.jsdelivr.net/npm/jquery@1.11.2/dist/jquery.min.js
104.16.85.20200 OK 35 kB URL HTTP/2 cdn.jsdelivr.net/npm/jquery@1.11.2/dist/jquery.min.js
IP 104.16.85.20:0
File type ASCII text, with very long lines (32047)
Hash b31cd2410066e0150a8e310b11316675
7cd7a6cf0553a3b313d90ea1b195b641ff30a8be
788bea56fb8bb22e003eac1a06dd26867ee8a778f035550f013723beebc81668
GET /npm/jquery@1.11.2/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:34 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.11.2
x-jsd-version-type: version
etag: W/"176de-sz7jtCuYju+dTWJJW25U4j3WQv0"
x-served-by: cache-fra19175-FRA, cache-bma1653-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 27469304
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwMsZkH22YeTFFYze9j3s%2B6Gs%2FMrh5rKVAt4sJYarwYpbuyjLqAC8g4XHMDCItHyQ1Hha6C9oLheBQk4qm5TzgAWHBCpZO8gIIDpHekChcxYzxnOolqUNMK4D%2FXHDvz7YHE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79314bf0cd72fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=14579ba48d
104.18.22.52200 OK 4.2 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=14579ba48d
IP 104.18.22.52:0
File type ASCII text, with very long lines (26366)
Hash 7fd743485fa194e25e2a207bff6c258a
97c999d752b95ee1ed6271a29aa58109dc17281e
dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc
GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=14579ba48d HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powr.io/
Origin: https://www.powr.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:34 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 5563270
accept-ranges: bytes
server: cloudflare
cf-ray: 79314bf1fef31c02-OSL
X-Firefox-Spdy: h2
kit.fontawesome.com/14579ba48d.js
104.18.23.52200 OK 6.6 kB URL HTTP/2 kit.fontawesome.com/14579ba48d.js
IP 104.18.23.52:0
File type ASCII text, with very long lines (27832)
Hash 12c4fe0c99585b76b0740a349def68e8
9e0c85c4a5f7d4143282ccb83d4d9d0594746be1
544c1ebb65d9c1f890f64191bee706eb74fba6ede6e340a319ddb69f66b07cbb
GET /14579ba48d.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:34 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: Fuu_NKRKzsFcWtfaTAAi
cf-cache-status: HIT
age: 8
server: cloudflare
cf-ray: 79314bf1291bb517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=14579ba48d
104.18.22.52200 OK 54 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=14579ba48d
IP 104.18.22.52:0
File type ASCII text, with very long lines (65397)
Hash dc9270247a97f75913a5d8934c24de03
ed9b0fa01b552571f99d529ed355b2ba91cfc48d
847cc3ab1ea736cbbaac34833596335471fc7a888089b501b3c83a323566f0b8
GET /releases/v5.15.4/css/pro.min.css?token=14579ba48d HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powr.io/
Origin: https://www.powr.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:34 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 20767894
accept-ranges: bytes
server: cloudflare
cf-ray: 79314bf1feeb1c02-OSL
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-1184.min.js
151.101.130.137200 OK 11 kB URL HTTP/2 js-agent.newrelic.com/nr-1184.min.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (27995), with no line terminators
Hash 43e0aec0456ae54841a52fe989abb1ec
d9e080d86beada72e9e42092bede868db3d4aee4
9d7ecd792af230cea192e0786491921415d809686321da7414b3df85d875de07
GET /nr-1184.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: iWjtNMXBGfJ6yMmPEIV69W2ITwgZ71tckgLSro5uMolKfuaiEMRFE9TLDtYPVtYNCFEhAvpoWxc=
x-amz-request-id: QF0QFY0VY18YYT0E
last-modified: Mon, 28 Sep 2020 16:34:45 GMT
etag: "3d7f312be60d08a2568e311e4762f3af"
x-amz-version-id: null
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 07:43:35 GMT
via: 1.1 varnish
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 37
x-timer: S1675323815.289613,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 10624
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9cc68e933a703ab17858b65432c675f7
8ba7f07b32b4c3fdeb40aaf9bb47126c86010cd3
35479672fb8118dfee89e1ba4c16fdee728920bdd349854b39e090ef6a8d2354
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4036
Cache-Control: max-age=145108
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 07:43:35 GMT
Etag: "63daedb7-1d7"
Expires: Sat, 04 Feb 2023 00:02:03 GMT
Last-Modified: Wed, 01 Feb 2023 22:54:47 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 07:43:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bam.nr-data.net/1/4474f5c124?a=77339425&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=1444&ck=1&ref=https://www.powr.io/social-feed/u/beb9af2c_1583413614&be=786&fe=1292&dc=1204&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1675323839038,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:1,%22ce%22:1,%22rq%22:60,%22rp%22:557,%22rpe%22:558,%22dl%22:562,%22di%22:1128,%22ds%22:1180,%22de%22:1204,%22dc%22:1291,%22l%22:1291,%22le%22:1293%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
162.247.241.14200 OK 73 B URL HTTP/1.1 bam.nr-data.net/1/4474f5c124?a=77339425&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=1444&ck=1&ref=https://www.powr.io/social-feed/u/beb9af2c_1583413614&be=786&fe=1292&dc=1204&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1675323839038,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:1,%22ce%22:1,%22rq%22:60,%22rp%22:557,%22rpe%22:558,%22dl%22:562,%22di%22:1128,%22ds%22:1180,%22de%22:1204,%22dc%22:1291,%22l%22:1291,%22le%22:1293%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 516a128bb6000ca8154792678f4333fb
41d0257bea96afd36c6f3e40fcfdc9ca247f8e01
9fa62b52f24b87a40410fe842cb9be494abed114a2eac2eb406c8b4a4d372d10
GET /1/4474f5c124?a=77339425&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=1444&ck=1&ref=https://www.powr.io/social-feed/u/beb9af2c_1583413614&be=786&fe=1292&dc=1204&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1675323839038,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:1,%22ce%22:1,%22rq%22:60,%22rp%22:557,%22rpe%22:558,%22dl%22:562,%22di%22:1128,%22ds%22:1180,%22de%22:1204,%22dc%22:1291,%22l%22:1291,%22le%22:1293%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 07:43:35 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 79314bf6bcd4b4ed-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=bc9df7c5bfab1fe3; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.6 kB IP 142.250.74.131:0
Hash 5823db47635be8718e28f5057478e7ca
9cc2a14502fd3b3c005fa728e430a2a87517e6c1
26f2c0100a103775ed43b969d07a19d1366307d89ecd387fe1a31bf4cffb6ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 07:43:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/pathwaygothicone/v14/MwQrbgD32-KAvjkYGNUUxAtW7pEBwx-tS1Zf.woff2
216.58.207.227200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/pathwaygothicone/v14/MwQrbgD32-KAvjkYGNUUxAtW7pEBwx-tS1Zf.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7664, version 1.0\012- data
Hash ddb86a7e867f626554dab8539dcc5a3f
063a49f80334a98eed3aa66c60700f83feae7e4f
96bf4d70d0fcf69ce33ed735e720a716dab9a1232995a24882ec242323db467b
GET /s/pathwaygothicone/v14/MwQrbgD32-KAvjkYGNUUxAtW7pEBwx-tS1Zf.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.powr.io
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7664
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 02:09:52 GMT
expires: Sat, 27 Jan 2024 02:09:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 18:44:31 GMT
content-type: font/woff2
age: 538423
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
public.powrcdn.com/latest/assets/packs/apps-view-c96307bead7cda2aeb27.js
188.114.96.1200 OK 341 kB URL HTTP/2 public.powrcdn.com/latest/assets/packs/apps-view-c96307bead7cda2aeb27.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (7985)
Size 341 kB (340743 bytes)
Hash 77b76083f98b13a2431c3d8f5cefd0f8
a9cdee685f44a27e8b7ad96ed85736c118d852dd
f874e46c98ff12ab72df43e77069e36256f4153527fb15107071f2b8e5352c2e
GET /latest/assets/packs/apps-view-c96307bead7cda2aeb27.js HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:34 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1448495
etag: W/"a80d2fd82b16f302dbe8c75b97e24acb"
last-modified: Mon, 30 Jan 2023 16:43:15 GMT
x-amz-id-2: 8RtXZFiatTnc5SRQXIQKbtm/pncDRb7MZKIno9gqq79u3dd9wkeAhVFhmG+Om0uYl7MwN9y2u3s=
x-amz-request-id: Y9FKR5B3PWDGZ56Y
x-amz-version-id: QgXyU7SMPHeaTTgBV5q9M4quTCoeXrzF
cache-control: max-age=2073600
cf-cache-status: HIT
age: 2969
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XebpXm7d%2BBGsVs8E7Jkd2gxcgmM5FCoqWwI2ZkW9plMlDF5KhIutjk6hQg1vku6K32ZWOxotJNL5MIjXZPVipxdcpQa0B3ivYANZDC%2B7ryBbLMN6vQLphgaM1xsBXkmLzkFkro%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79314bf0eece0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
216.58.207.227200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11016, version 1.0\012- data
Hash 15fa3062f8929bd3b05fdca5259db412
6ff06a34f68ad0324ddec1bbe4d453c959178b36
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
GET /s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.powr.io
Connection: keep-alive
Referer: https://public.powrcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11016
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:57:39 GMT
expires: Fri, 02 Feb 2024 00:57:39 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
content-type: font/woff2
age: 24356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
outlet.powr.io/social-feed?data%5B0%5D%5Btype%5D=twitter&data%5B0%5D%5Bfollowing%5D=mdlaw_cardiff&data%5B0%5D%5BfacebookFeedType%5D=&data%5B0%5D%5BfacebookPageId%5D=&data%5B0%5D%5BusernameOrHashtag%5D=%40&data%5B0%5D%5BpageName%5D=%40mdlaw_cardiff&data%5B0%5D%5BmaxPosts%5D=4&premium=pro&app_id=23210244&refreshRate=10800
172.67.5.146204 No Content 18 kB URL HTTP/2 outlet.powr.io/social-feed?data%5B0%5D%5Btype%5D=twitter&data%5B0%5D%5Bfollowing%5D=mdlaw_cardiff&data%5B0%5D%5BfacebookFeedType%5D=&data%5B0%5D%5BfacebookPageId%5D=&data%5B0%5D%5BusernameOrHashtag%5D=%40&data%5B0%5D%5BpageName%5D=%40mdlaw_cardiff&data%5B0%5D%5BmaxPosts%5D=4&premium=pro&app_id=23210244&refreshRate=10800
IP 172.67.5.146:0
Hash 7070a0f74b138ed803a9e7930c9dff60
41541a43d8dbb404968e396a93daff3ec61aadbe
b872b6de2cc29e7a54ef95e541613d4956743fa4846cbfaa12d82015fa00740b
OPTIONS /social-feed?data%5B0%5D%5Btype%5D=twitter&data%5B0%5D%5Bfollowing%5D=mdlaw_cardiff&data%5B0%5D%5BfacebookFeedType%5D=&data%5B0%5D%5BfacebookPageId%5D=&data%5B0%5D%5BusernameOrHashtag%5D=%40&data%5B0%5D%5BpageName%5D=%40mdlaw_cardiff&data%5B0%5D%5BmaxPosts%5D=4&premium=pro&app_id=23210244&refreshRate=10800 HTTP/1.1
Host: outlet.powr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-csrf-token
Referer: https://www.powr.io/
Origin: https://www.powr.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 07:43:35 GMT
content-length: 0
x-powered-by: Express
access-control-allow-origin: https://www.powr.io
vary: Origin, Access-Control-Request-Headers
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: x-csrf-token
via: 1.1 vegur
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79314bf79bfdb4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash f84e6dddacaac399ff7f0d27ba55919a
256136c50304aaa2ad4f2c2ccc9e8dcc4fb1f76a
53108989bc544b447c5e0fb0add5f25235575cd2b34744f0010cb59601685bab
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=135013
Date: Thu, 02 Feb 2023 07:43:36 GMT
Etag: "63dac376-1d7"
Expires: Fri, 03 Feb 2023 21:13:49 GMT
Last-Modified: Wed, 01 Feb 2023 19:54:30 GMT
Server: ECS (nyb/1D0E)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: In2DRPgmIEEJVAMQVGzYtg8f0uY2Te77ZW80Of1SOmrR8UW3E1gGzQ==
Age: 4759
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash f84e6dddacaac399ff7f0d27ba55919a
256136c50304aaa2ad4f2c2ccc9e8dcc4fb1f76a
53108989bc544b447c5e0fb0add5f25235575cd2b34744f0010cb59601685bab
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 02 Feb 2023 07:43:36 GMT
Last-Modified: Thu, 02 Feb 2023 06:11:33 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hQ14tKks3x58ASEtCmJwHAs5joYJYuDCBqRdsJfN8Wit1_yOA0e9Kg==
Age: 5523
powr-counter.herokuapp.com/23210244
54.208.186.182200 OK 0 B URL HTTP/1.1 powr-counter.herokuapp.com/23210244
IP 54.208.186.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /23210244 HTTP/1.1
Host: powr-counter.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.powr.io/
Origin: https://www.powr.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Date: Thu, 02 Feb 2023 07:43:36 GMT
Connection: keep-alive
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.powr.io
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
Access-Control-Expose-Headers:
Access-Control-Max-Age: 1728000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Transfer-Encoding: chunked
Via: 1.1 vegur
outlet.powr.io/social-feed?data%5B0%5D%5Btype%5D=twitter&data%5B0%5D%5Bfollowing%5D=mdlaw_cardiff&data%5B0%5D%5BfacebookFeedType%5D=&data%5B0%5D%5BfacebookPageId%5D=&data%5B0%5D%5BusernameOrHashtag%5D=%40&data%5B0%5D%5BpageName%5D=%40mdlaw_cardiff&data%5B0%5D%5BmaxPosts%5D=4&premium=pro&app_id=23210244&refreshRate=10800
172.67.5.146200 OK 12 kB URL HTTP/2 outlet.powr.io/social-feed?data%5B0%5D%5Btype%5D=twitter&data%5B0%5D%5Bfollowing%5D=mdlaw_cardiff&data%5B0%5D%5BfacebookFeedType%5D=&data%5B0%5D%5BfacebookPageId%5D=&data%5B0%5D%5BusernameOrHashtag%5D=%40&data%5B0%5D%5BpageName%5D=%40mdlaw_cardiff&data%5B0%5D%5BmaxPosts%5D=4&premium=pro&app_id=23210244&refreshRate=10800
IP 172.67.5.146:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (44878), with no line terminators
Hash cd274abe5d02d1d20df754059e8bfc9a
e29e0ed96d67d479bdf5b62a901df809c66c0687
ed9829233ff4927dc65c162e22e9293866a84e2a31a4d969923562795f037553
GET /social-feed?data%5B0%5D%5Btype%5D=twitter&data%5B0%5D%5Bfollowing%5D=mdlaw_cardiff&data%5B0%5D%5BfacebookFeedType%5D=&data%5B0%5D%5BfacebookPageId%5D=&data%5B0%5D%5BusernameOrHashtag%5D=%40&data%5B0%5D%5BpageName%5D=%40mdlaw_cardiff&data%5B0%5D%5BmaxPosts%5D=4&premium=pro&app_id=23210244&refreshRate=10800 HTTP/1.1
Host: outlet.powr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-CSRF-Token: Cgm_zf2Hyl0dpLIABB19KqfGVFEhQ8q8g4ab-4WqD7ssC2xruACI_wib6gPPESJOJe3tbfOhu-J8V5hAZkum3Q
Origin: https://www.powr.io
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:36 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: https://www.powr.io
vary: Origin
cache-control: public, max-age=3600
via: 1.1 vegur
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79314bf9dfe3b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video.twimg.com/ext_tw_video/1526483883642036224/pu/vid/322x270/L3lLyFFyfOOexbpI.mp4?tag=12
192.229.220.133206 Partial Content 133 kB URL HTTP/2 video.twimg.com/ext_tw_video/1526483883642036224/pu/vid/322x270/L3lLyFFyfOOexbpI.mp4?tag=12
IP 192.229.220.133:0
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size 133 kB (132934 bytes)
Hash b5431ecb0c61d9ac149070c76ac9ad87
19ab3aa8fa26bcbcec059458cc6a56357a0bf4e5
90d2f4b89d8001a981f6d81544aa89206f962b2a32786c0aab8b5c67a912a919
GET /ext_tw_video/1526483883642036224/pu/vid/322x270/L3lLyFFyfOOexbpI.mp4?tag=12 HTTP/1.1
Host: video.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
age: 553532
cache-control: max-age=604800, must-revalidate
content-range: bytes 0-132933/132934
content-type: video/mp4
date: Thu, 02 Feb 2023 07:43:36 GMT
last-modified: Tue, 17 May 2022 08:42:53 GMT
perf: 7626143928
server: ECAcc (ska/F696)
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
surrogate-key: ext_tw_video ext_tw_video/bucket/3 ext_tw_video/1526483883642036224
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-cache: HIT
x-connection-hash: 3596ebee9e70b273c9710c6c4e5b005143fcc5edee6c75b8cf5a71e286fa12d9
x-content-type-options: nosniff
x-response-time: 85
x-transaction-id: 81db646d7adc0656
x-tw-cdn: VZ, VZ
content-length: 132934
X-Firefox-Spdy: h2
video.twimg.com/ext_tw_video/1518853504579870720/pu/vid/428x360/oD3Gdb499npN3wrK.mp4?tag=12
192.229.220.133206 Partial Content 98 kB URL HTTP/2 video.twimg.com/ext_tw_video/1518853504579870720/pu/vid/428x360/oD3Gdb499npN3wrK.mp4?tag=12
IP 192.229.220.133:0
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Hash a6419a6fedc69da221cb5d6f02db40f8
ecd97e36fe7dac9e048cfeb29f4ea8a2a448b42a
7605013b42185404ff0b6ba13e33231c6674673ee4a5616d0261ae22df766cc7
GET /ext_tw_video/1518853504579870720/pu/vid/428x360/oD3Gdb499npN3wrK.mp4?tag=12 HTTP/1.1
Host: video.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
age: 494542
cache-control: max-age=604800, must-revalidate
content-range: bytes 0-97521/97522
content-type: video/mp4
date: Thu, 02 Feb 2023 07:43:36 GMT
last-modified: Tue, 26 Apr 2022 07:22:29 GMT
perf: 7626143928
server: ECAcc (ska/F6D0)
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
surrogate-key: ext_tw_video ext_tw_video/bucket/7 ext_tw_video/1518853504579870720
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-cache: HIT
x-connection-hash: b8c6da43689bfebfafc657667f3b257222474b6b12314ed957eb38be8c0ef39b
x-content-type-options: nosniff
x-response-time: 82
x-transaction-id: 4e142ae6dae9d050
x-tw-cdn: VZ, VZ, VZ
content-length: 97522
X-Firefox-Spdy: h2
video.twimg.com/ext_tw_video/1515967828641431555/pu/vid/858x720/uykVX34DbyKNoPH0.mp4?tag=12
192.229.220.133206 Partial Content 463 kB URL HTTP/2 video.twimg.com/ext_tw_video/1515967828641431555/pu/vid/858x720/uykVX34DbyKNoPH0.mp4?tag=12
IP 192.229.220.133:0
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size 463 kB (463090 bytes)
Hash 54056fb29d16170781ace23e7886ad54
fbdca622ce27c5e11bd5b03cbd5afb147890b793
7a843914f909c4f26c9695cd79e60172ae4292115d38a535363b64b8b33b743c
GET /ext_tw_video/1515967828641431555/pu/vid/858x720/uykVX34DbyKNoPH0.mp4?tag=12 HTTP/1.1
Host: video.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
age: 553532
cache-control: max-age=604800, must-revalidate
content-range: bytes 0-463089/463090
content-type: video/mp4
date: Thu, 02 Feb 2023 07:43:36 GMT
last-modified: Mon, 18 Apr 2022 08:15:50 GMT
perf: 7626143928
server: ECAcc (ska/F759)
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
surrogate-key: ext_tw_video ext_tw_video/bucket/0 ext_tw_video/1515967828641431555
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-cache: HIT
x-connection-hash: 32237fd782b43a88c10da30f5b7eaf0df2898560bb75ec1de4d5898d3942b2c3
x-content-type-options: nosniff
x-response-time: 101
x-transaction-id: 8368b62cf051073a
x-tw-cdn: VZ, VZ
content-length: 463090
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 07:43:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-86251018-1&cid=1382927142.1675323842&jid=1788213282&gjid=1512449107&_gid=2065334276.1675323842&_u=IEBAAEAAAAAAACAAICB~&z=143621280
64.233.162.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-86251018-1&cid=1382927142.1675323842&jid=1788213282&gjid=1512449107&_gid=2065334276.1675323842&_u=IEBAAEAAAAAAACAAICB~&z=143621280
IP 64.233.162.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-86251018-1&cid=1382927142.1675323842&jid=1788213282&gjid=1512449107&_gid=2065334276.1675323842&_u=IEBAAEAAAAAAACAAICB~&z=143621280 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.powr.io
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.powr.io
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Feb 2023 07:43:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 07:43:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
public.powrcdn.com/latest/assets/packs/style_packs/ie9-overrides-799c4152677f8b712c94.css
188.114.96.1200 OK 112 kB URL HTTP/2 public.powrcdn.com/latest/assets/packs/style_packs/ie9-overrides-799c4152677f8b712c94.css
IP 188.114.96.1:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 112 kB (111906 bytes)
Hash af4281be25f8f05473073134334c6bcc
153095639a884df345b3ebc6bd3f6095a402ef7e
5c7b3d9c4b3c0e60ffa5175daaa9221c506075e18a8922d90f1540b0b0901cc5
GET /latest/assets/packs/style_packs/ie9-overrides-799c4152677f8b712c94.css HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:34 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=97779
etag: W/"8569d08b93b65be6f73bca7e48e87a62"
last-modified: Thu, 26 Jan 2023 16:32:56 GMT
x-amz-id-2: eg9Eg5AXORkLTb+krRUMZQSYrT2xR/MNK+iMjQRFRTM8Xh12PJMhAIAFKNVCqXlAWc2DztaSrGk=
x-amz-request-id: HM0NS95MTJZZ8XNQ
x-amz-version-id: 5lUiGpMSNuzXDZsfxkskNataAGzF.pOK
cache-control: max-age=2073600
cf-cache-status: HIT
age: 3203
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fu7RYhr5firCnN97ShDjJndTBP%2FFFcEa%2B4uCTM13Eh5iv0DMP36DvgIpnj6sw4BmaR%2Bi48b10gjfRGxU1tifd%2BEO3arG8WVHpjVX4Wwb%2F%2BhI1TKQ0N4BbWQX%2FI2W2133LPwfWiA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79314bf0dec40b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3cca56-2e75-4efc-8090-c33c65a99f80.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3cca56-2e75-4efc-8090-c33c65a99f80.jpeg
IP 34.120.237.76:0
Hash 8bb5aac43e1b64a11100aacbe6ee2d5a
fde6f524cb2c0e878f4dd6dae764499551941781
f82c390d75e18740a6e375363cb2875175bf834d83e8dda08e28a0f56a1e2cd0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3cca56-2e75-4efc-8090-c33c65a99f80.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8944
x-amzn-requestid: 07495184-ede8-485c-94e8-5302ec348ea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: freiLHRPoAMFYbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dade0d-275437a54eceb40e302a7f55;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:47:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: e0zaXjoBKOmsY4fPEbl1SWCBxetMssmszZug0-epLq-X5rGb5zKHZw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:59:36 GMT
age: 35043
etag: "e3bb3d4950f7c0267f4476eef21872da332831aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,700
IP 142.250.74.106:0
GET /css?family=Roboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 07:43:32 GMT
date: Thu, 02 Feb 2023 07:43:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
public.powrcdn.com/fonts/gordita/gordita-regular-webfont-woff.woff
188.114.96.1200 OK 0 B URL HTTP/2 public.powrcdn.com/fonts/gordita/gordita-regular-webfont-woff.woff
IP 188.114.96.1:0
GET /fonts/gordita/gordita-regular-webfont-woff.woff HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.powr.io
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:34 GMT
content-type: application/font-woff
x-amz-id-2: t10sQm9A3jU/kuAJD12HUUl9s79V8O++OqAzm+6ER9LDBRmwbKxE+081Gj1ph+ud6lu5LydnmOY=
x-amz-request-id: C0F9MF1N5NH4TFKX
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 31 May 2021 12:44:51 GMT
x-amz-version-id: hx7AXNg7K1e1RTazyN_0DpBGtio5OElw
etag: W/"951cf61fb8b08593af1d6466359e32fe"
cache-control: max-age=2073600
cf-cache-status: HIT
age: 4159
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpvMuXVpaFTdLX1ScExk61WLYf34aGB6n8ogZnzKp2apWzlrgY9F%2BeBxfZ15huv%2Fr5gM5P9Fz7Sme6HJ2XvJZhfKq3Rak8x2072lmpb8qiOo4UTvM9WAFnZi8xSp4%2F7EOoe5GRE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79314bf0dfd4b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.powrcdn.com/images/svgs/logo/powr-logo.svg
104.21.43.36200 OK 0 B URL HTTP/2 www.powrcdn.com/images/svgs/logo/powr-logo.svg
IP 104.21.43.36:0
GET /images/svgs/logo/powr-logo.svg HTTP/1.1
Host: www.powrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:35 GMT
content-type: image/svg+xml
x-amz-id-2: 6jsdeM2E7FHg6qHUvZOE+mBye6vj7X0K5mtQK2Suht5NuUZh2N/anN8f/VSXKM7BSMGxivn+IA8=
x-amz-request-id: X4DASWGHWX93NRYM
last-modified: Fri, 26 Mar 2021 06:20:16 GMT
x-amz-version-id: tPOfPRlwyUlA2MMIF2d70UQ32pgiXz8o
etag: W/"237728599b40c05c7dcbe278e72918f3"
cache-control: max-age=2073600
cf-cache-status: HIT
age: 818790
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPqjmoCU%2B1QSNMTyD1ko4272k3yee4Qh49fHpgUTmyvFyLpBSOVPV2Hhaj%2FAjo9EakIAeditjp9aDpWNhwc2%2F7M8cyOf1oKqJh9GFjb030r43QQKrLi7Gw2wo%2BvZvoc6wH4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79314bf71e1db529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
public.powrcdn.com/latest/assets/packs/apps/socialFeed-28ade40b3a104b478f00.js
188.114.96.1200 OK 0 B URL HTTP/2 public.powrcdn.com/latest/assets/packs/apps/socialFeed-28ade40b3a104b478f00.js
IP 188.114.96.1:0
GET /latest/assets/packs/apps/socialFeed-28ade40b3a104b478f00.js HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:34 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2758685
etag: W/"b6533bdda23e38bf9f610e35443038fd"
last-modified: Mon, 30 Jan 2023 16:43:15 GMT
x-amz-id-2: jZSu7yQpkxlg/RiBFGR+Vs2GVAZHyUTgRG/8GBW+Za0O+ZB9eqlpfmfqfXBJh+7qpIJ2GZuaIaE=
x-amz-request-id: F0KEJK692KETG9PY
x-amz-version-id: bhK5Mho3EZgK2woSh_Q8K9grO4X6HjQh
cache-control: max-age=2073600
cf-cache-status: HIT
age: 1945
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noGw8OPPY%2B2NTN%2FQqQHyl%2FArsO0Ox6SBcRY6NQma6bzOPtGAPfs8dNycXa7o86%2B3qOlEdOd6dzhHiV9SGRbNTue83kcYR4sd%2F9Z5gTquEQwIlFX4Nna6NaAvvLzsFfVHXU1hliw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79314bf0debb0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
public.powrcdn.com/latest/assets/packs/apps/views/socialFeed-8201c40d934d775b801b.css
188.114.96.1200 OK 0 B URL HTTP/2 public.powrcdn.com/latest/assets/packs/apps/views/socialFeed-8201c40d934d775b801b.css
IP 188.114.96.1:0
GET /latest/assets/packs/apps/views/socialFeed-8201c40d934d775b801b.css HTTP/1.1
Host: public.powrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:34 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=288687
etag: W/"7a2661cc4386ae32522acce3802d66ed"
last-modified: Fri, 27 Jan 2023 21:33:20 GMT
x-amz-id-2: xOyOG/1w1zjAcvFcd76X1toWpJCiQxmqvc94lWkN6e4wERPHva8F2guxjdjuaubjbljuZkqT94c=
x-amz-request-id: GCXQSDZCB4VAJWW1
x-amz-version-id: 9EhHTncrywGj9LS_TJU1Pj16DT71pYXZ
cache-control: max-age=2073600
cf-cache-status: HIT
age: 5814
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLMCUAZ06jgNfFx0qhrKDYoXs2%2B5Ciel%2BfX%2B%2BK88MKjZIX2ICAHE5c2cYEIhEfMHN4IdhQHC4m0apNf0pwvKDGP9AS86vH2pka%2F%2FZbrDiSgg1c%2FVt0V87W8%2FgiplOiI1CoEW%2BBE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79314bf0eed00b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
216.58.207.206200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api
IP 216.58.207.206:0
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Thu, 02 Feb 2023 07:43:35 GMT
date: Thu, 02 Feb 2023 07:43:35 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=EbhVTtn1qPQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=3TYReQxDawQ; Domain=.youtube.com; Expires=Tue, 01-Aug-2023 07:43:35 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TlRRMk1EazVOVGd5TVRjek1qVTFNQT09EKfT7Z4GGKfT7Z4G; Domain=.youtube.com; Expires=Tue, 01-Aug-2023 07:43:35 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+621; expires=Sat, 01-Feb-2025 07:43:35 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.yoshki.com/iframe/55851r.html
8.247.219.122200 OK 0 B URL HTTP/2 cdn.yoshki.com/iframe/55851r.html
IP 8.247.219.122:0
GET /iframe/55851r.html HTTP/1.1
Host: cdn.yoshki.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mdlaw-cardiff.co.uk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:33 GMT
content-type: text/html
last-modified: Tue, 30 Apr 2019 14:31:51 GMT
server: Microsoft-IIS/10.0
vary: accept-encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-powered-by: ASP.NET
content-encoding: gzip
etag: W/"e7f2bc7361ffd41:0"
age: 0
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.min.css
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.min.css
IP 104.18.11.207:0
GET /bootstrap/3.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powr.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 07:43:34 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:03:55 GMT
cdn-cachedat: 11/04/2021 22:40:16
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.0
cdn-requestid: a0669b23f8a3a4d2d54e12d18ef5c3e0
cdn-cache: HIT
cf-cache-status: HIT
age: 27541725
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 79314bf0dd7db50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2