Overview

URLthirsty.agency/
IP 151.101.194.159 (United States)
ASN#54113 FASTLY
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-30 13:24:09 UTC
StatusLoading report..
IDS alerts0
Blocklist alert25
urlquery alerts No alerts detected
Tags None

Domain Summary (15)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
r3.o.lencr.org (6) 344 No data No data 23.36.77.32
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-30 04:06:17 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
ocsp.pki.goog (2) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 216.58.211.3
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.42.74.230
unpkg.com (2) 11693 2016-01-07 23:26:01 UTC 2022-11-30 04:08:09 UTC 104.16.123.175
thirsty.agency (36) 0 2016-01-23 08:20:05 UTC 2022-11-30 11:55:15 UTC 151.101.194.159 Unknown ranking
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-30 05:03:07 UTC 142.250.74.110
ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
ocsp.sectigo.com (2) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-30 04:53:34 UTC 142.250.74.168
cdnjs.cloudflare.com (2) 235 2015-04-17 20:46:33 UTC 2022-11-30 04:07:56 UTC 104.17.25.14
ajew8ag5yp-flywheel.netdna-ssl.com (3) 0 2018-08-06 12:19:36 UTC 2019-05-22 01:28:00 UTC 108.161.188.132 Domain (netdna-ssl.com) ranked at: 6636
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-30 04:06:04 UTC 34.117.237.239

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-30 2 thirsty.agency/ Phishing
2022-11-30 2 thirsty.agency/ Phishing
2022-11-30 2 thirsty.agency/wp-content/plugins/loftloader-pro/assets/css/loftloader.min. (...) Phishing
2022-11-30 2 thirsty.agency/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 Phishing
2022-11-30 2 thirsty.agency/wp-content/plugins/the-grid/frontend/assets/css/the-grid.min (...) Phishing
2022-11-30 2 thirsty.agency/wp-content/themes/thirsty/js/custom-fonts.js Phishing
2022-11-30 2 thirsty.agency/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Phishing
2022-11-30 2 thirsty.agency/wp-content/plugins/nextend-smart-slider3-pro/Public/SmartSli (...) Phishing
2022-11-30 2 thirsty.agency/wp-content/uploads/2020/09/t-dot-white.svg Phishing
2022-11-30 2 thirsty.agency/wp-includes/js/imagesloaded.min.js?ver=4.1.4 Phishing
2022-11-30 2 thirsty.agency/wp-content/themes/thirsty/js/vendor/flickity.pkgd.min.js Phishing
2022-11-30 2 thirsty.agency/wp-content/themes/thirsty/js/vendor/isotope.pkgd.min.js Phishing
2022-11-30 2 thirsty.agency/wp-content/themes/thirsty/js/vendor/jquery.fancybox.pack.js Phishing
2022-11-30 2 thirsty.agency/wp-content/themes/thirsty/js/vendor/lazysizes.min.js Phishing
2022-11-30 2 thirsty.agency/wp-content/themes/thirsty/js/vendor/packery-mode.pkgd.min.js Phishing
2022-11-30 2 thirsty.agency/wp-content/themes/thirsty/js/vendor/hammer.min.js Phishing
2022-11-30 2 thirsty.agency/wp-content/uploads/2020/09/full-white.svg Phishing
2022-11-30 2 thirsty.agency/wp-content/plugins/loftloader-pro/assets/js/loftloader.min.j (...) Phishing
2022-11-30 2 thirsty.agency/wp-content/themes/thirsty/js/main-build.js Phishing
2022-11-30 2 thirsty.agency/wp-content/themes/thirsty-child/js/demo.js Phishing
2022-11-30 2 thirsty.agency/wp-content/themes/thirsty-child/fonts/Albra-Black.woff2 Phishing
2022-11-30 2 thirsty.agency/wp-content/themes/thirsty-child/fonts/Pragmatica.woff2 Phishing
2022-11-30 2 thirsty.agency/wp-content/themes/thirsty-child/fonts/MADE%20Outer%20Sans%20 (...) Phishing
2022-11-30 2 thirsty.agency/false Phishing
2022-11-30 2 thirsty.agency/wp-content/plugins/nextend-smart-slider3-pro/Public/SmartSli (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 151.101.194.159
Date UQ / IDS / BL URL IP
2023-02-06 09:10:47 +0000 0 - 0 - 2 byochange.org/wp-admin/css/colors/light/wlsh0 (...) 151.101.194.159
2023-02-06 08:41:18 +0000 0 - 0 - 2 byochange.org/wp-admin/css/colors/light/wlsh0 (...) 151.101.194.159
2023-02-06 08:40:26 +0000 0 - 0 - 2 byochange.org/wp-admin/css/colors/light/wlsh0 (...) 151.101.194.159
2023-02-06 05:20:37 +0000 0 - 0 - 2 byochange.org/wp-admin/css/colors/light/wlsh0 (...) 151.101.194.159
2023-02-06 05:04:59 +0000 0 - 0 - 2 byochange.org/wp-admin/css/colors/light/wlsh0 (...) 151.101.194.159


Last 5 reports on ASN: FASTLY
Date UQ / IDS / BL URL IP
2023-02-06 18:58:44 +0000 0 - 0 - 2 jonchris00011.firebaseapp.com/ 199.36.158.100
2023-02-06 18:23:39 +0000 3 - 1 - 35 dev-homeelectronicaitau-py.pantheonsite.io/ 23.185.0.2
2023-02-06 18:04:26 +0000 0 - 2 - 0 unfpa.org/webdav/site/global/shared/documents (...) 23.185.0.3
2023-02-06 17:24:47 +0000 0 - 0 - 1 raw.githubusercontent.com/rxflxction/rubeus/m (...) 185.199.108.133
2023-02-06 17:24:08 +0000 0 - 0 - 1 raw.githubusercontent.com/Chelloxy/Do-not-Try (...) 185.199.110.133


Last 3 reports on domain: thirsty.agency
Date UQ / IDS / BL URL IP
2022-12-01 08:26:07 +0000 0 - 0 - 23 thirsty.agency/ 151.101.194.159
2022-11-30 13:24:09 +0000 0 - 0 - 25 thirsty.agency/ 151.101.194.159
2022-11-30 13:23:50 +0000 0 - 0 - 27 thirsty.agency/ 151.101.194.159


No other reports with similar screenshot

JavaScript

Executed Scripts (37)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (69)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         151.101.194.159
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Connection: keep-alive
Content-Length: 162
Location: https://thirsty.agency/
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-FW-Server: Flywheel/5.1.0
X-FW-Hash: ri0siomphr
X-FW-Version: 5.0.0
Server: Flywheel/5.1.0
Accept-Ranges: bytes
Date: Wed, 30 Nov 2022 13:23:58 GMT
X-Served-By: cache-bma1674-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1669814638.429037,VS0,VE2
Vary: Authorization
X-FW-Serve: TRUE
X-FW-Static: NO
X-FW-Type: VISIT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18314
Expires: Wed, 30 Nov 2022 18:29:12 GMT
Date: Wed, 30 Nov 2022 13:23:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6123
Cache-Control: max-age=168564
Date: Wed, 30 Nov 2022 13:23:58 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 12:13:22 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 13:19:41 GMT
cache-control: public,max-age=3600
age: 257
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5721
Expires: Wed, 30 Nov 2022 14:59:19 GMT
Date: Wed, 30 Nov 2022 13:23:58 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: HSiL06uxjYKxUVq2F2azUB0vg6igRkg3mSOLEKHs2ZtNN2DcISusGU+IWKENGvujg2gOJzIVdac=
x-amz-request-id: Q47MMNNY82SS25HF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 12:45:14 GMT
age: 2324
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 30 Nov 2022 13:23:58 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FFD84AD52553414FE9575F4E33AB1F7463251C31692594983D2ADE47392545DD"
Last-Modified: Wed, 30 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 30 Nov 2022 19:23:58 GMT
Date: Wed, 30 Nov 2022 13:23:58 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 13:08:56 GMT
cache-control: public,max-age=3600
age: 903
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
cache-control: no-cache, must-revalidate, max-age=0
link: <https://thirsty.agency/wp-json/>; rel="https://api.w.org/", <https://thirsty.agency/wp-json/wp/v2/pages/8327>; rel="alternate"; type="application/json", <https://thirsty.agency/>; rel=shortlink
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: ri0siomphr
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: NO:Not Cacheable
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669814639.889018,VS0,VE364
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 18445
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9381)
Size:   18445
Md5:    c97f7752c1625c2da277e62f27c59c51
Sha1:   c0b621986711f614fd7830535d0446104fa031f2
Sha256: 895e201c33aacdde9e0f7565178e4c300c7410900de5dde5cc432c40721168ef

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/loftloader-pro/assets/css/loftloader.min.css?ver=2020081201 HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 01 Aug 2022 02:22:17 GMT
etag: W/"62e738d9-fbba"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.461420,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 8022
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64442), with no line terminators
Size:   8022
Md5:    a5e4528e72ebeb0f443240c8c1b1900d
Sha1:   42e66cdea9e2f2918b72a11a476357394ed44c17
Sha256: bcd12cb5379379131c5cb55183f80a5584e1616e23ab1363fbad179ec19f97da

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-172a9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ri0siomphr
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.462044,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 14912
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47826)
Size:   14912
Md5:    494d5da4270464f0f04720e2d2274891
Sha1:   aa632853200ab33d1ac163033782a89b35ab74a5
Sha256: 4db474d81bc40165336350d9d3de98277cc7c49aa4d9096d451255749e99595b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-d9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ri0siomphr
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.462491,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 189
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   189
Md5:    5a18e16eb01cbaa862eb32e6b77bedb2
Sha1:   3abf9b913cc9f558f02cba7c9b822f8d1812cb96
Sha256: d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
                                        
                                            GET /wp-content/themes/thirsty-child/style.css?ver=1.1.8 HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 15 Aug 2022 19:43:30 GMT
etag: W/"62faa1e2-515e"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.463756,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4386
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3048)
Size:   4386
Md5:    f4a12fcec416b7088ef6e8778dcb4f7d
Sha1:   0c33ebecf7193bc7aeeddb6e22c90c4d35598213
Sha256: 3d6c0a788d5f238269903fd6713619ffba7f6d2609b2e6621c7c99995b12cbf3
                                        
                                            GET /wp-content/themes/thirsty/style.css?ver=6.1.1 HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 01 Aug 2022 02:22:45 GMT
etag: W/"62e738f5-57906"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.463293,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 64794
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (1357)
Size:   64794
Md5:    cc4b190eb093f30cf99de4d1cce40f77
Sha1:   f650d25bb7e6fbc2e128230f2e676f2a87c462a0
Sha256: 738f4d79e9c7208097be39de30b45aea67ba9cea9bc61a532cf3b03bed91a67e
                                        
                                            GET /wp-content/themes/thirsty-child/style.css?ver=6.1.1 HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 15 Aug 2022 19:43:30 GMT
etag: W/"62faa1e2-515e"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.465268,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4386
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3048)
Size:   4386
Md5:    f4a12fcec416b7088ef6e8778dcb4f7d
Sha1:   0c33ebecf7193bc7aeeddb6e22c90c4d35598213
Sha256: 3d6c0a788d5f238269903fd6713619ffba7f6d2609b2e6621c7c99995b12cbf3
                                        
                                            GET /wp-content/plugins/the-grid/frontend/assets/css/the-grid.min.css?ver=2.7.9.1 HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 01 Aug 2022 02:22:27 GMT
etag: W/"62e738e3-ab5a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.466647,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 8701
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (43866), with no line terminators
Size:   8701
Md5:    5fee19ec75ac9dde2cac5dee80028748
Sha1:   357b5da0584fe3ae090df9fa7b5d13db13910f16
Sha256: b3f9250126439ee6f6e52d33cf2acce2c510393b3865adadcea7a8cb4cee7dfa

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/thirsty-child/fonts/fonts.css?ver=6.1.1 HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 01 Aug 2022 02:22:45 GMT
etag: W/"62e738f5-13b3"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.465913,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 625
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   625
Md5:    8ef9f7a763a99e2ad6672ad6e6c0e044
Sha1:   85f377280b1ff0b7de38eb2869e4fa30086e5988
Sha256: 666f6cf3484963924ecfc7fbbb41311c33cb2a360e30e09972f5aee2979dd79f
                                        
                                            GET /wp-content/themes/thirsty/js/custom-fonts.js HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 01 Aug 2022 02:22:48 GMT
etag: W/"62e738f8-2f2"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.471157,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 308
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   308
Md5:    98731c3f32f42a00a12af7e99f4ee2f0
Sha1:   5b96ed2ce0be267b430bba596d9d629ba1f02da6
Sha256: 208bca7e516355181eea23b5a9bcb6280ce5931702bda89ae4ea3959c6b3d473

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-15e54"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ri0siomphr
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.471264,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 34161
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   34161
Md5:    0f9984c60ff89c58395cad7c309f7baf
Sha1:   5f44ff87ee19e1427a7dfcfb079ab88273e2af1f
Sha256: 0dddffc97ab66c2cf2dd615f7f6ca217b8f8eadaa4e8224c2c7d4447878444e7
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-2bd8"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ri0siomphr
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.471237,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4405
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4405
Md5:    24957bc8161f979c6e661f46fdc3974f
Sha1:   fa1237ffe8b3745baa78ac481239038e133fcc17
Sha256: 46acf87c90961d413ac24eace25b77a8d5236daf38799fec2daf0bc350cc6ebe

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6116
Cache-Control: max-age=163488
Date: Wed, 30 Nov 2022 13:23:59 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:48:47 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-content/plugins/nextend-smart-slider3-pro/Public/SmartSlider3/Application/Frontend/Assets/dist/nextend-gsap.min.js?ver=a96b01e9 HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 01 Aug 2022 02:22:16 GMT
etag: W/"62e738d8-184cb"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.471998,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 37922
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   37922
Md5:    76d9730df0b9149e166f50e9aeeb0329
Sha1:   2f343b7a25694127c8b45395b324291cda407e3e
Sha256: a06e11a9034354f2d8f535519a90e6d33cb612adbdea6169e07f85690899e89b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2020/09/t-dot-white.svg HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Mon, 01 Aug 2022 02:22:57 GMT
etag: W/"62e73901-458"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.475232,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 535
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text
Size:   535
Md5:    945e729213a8c2c477022356225e03c9
Sha1:   187c20fd01e79c68df6d826f56ca65a0f39c8ea6
Sha256: 7169fb25258bfcd4c0f4b40a08b1cf8179e01110429bd3fa4b374772dd65a1c6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-15fd"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ri0siomphr
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.476413,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1946
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5477)
Size:   1946
Md5:    fcf12c7d3f5778470877aff26bdb3040
Sha1:   b8cc6b30eb49ef014651e6f22e4a33b74a3fde1e
Sha256: 2b6a1c6d97acd8b8f1460d8e4acbac8f911aa950c482ab794888f40c63fb2d6f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ajax/libs/Flowtype.js/1.1.0/flowtype.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thirsty.agency/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 30 Nov 2022 13:23:59 GMT
content-length: 202
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cee-184"
last-modified: Mon, 04 May 2020 16:03:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15260632
expires: Mon, 20 Nov 2023 13:23:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFu4KcxraTpsXXKfdgP1UaDkZli8ossLLSrzfGjkfKsAgHk18gUtV4w7z3I%2F9FYUFAvAuzzIO%2BZRvOK0CS0yenaXtQMjG8dM7IdEaRTYiq%2F%2FT9P7PEKCYirvpXfyq4WuKVlHKIPK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7723e699587bb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (388), with no line terminators
Size:   202
Md5:    ca4204899eafbc313e7fa63d80208eee
Sha1:   2ed2a146a2ff1642eab25086d37621a2835444eb
Sha256: ca56ab758207e7658ad1bdb2ab320d0411052d4b5ab3f9125f9a408f114c0685
                                        
                                            GET /wp-content/themes/thirsty/js/vendor/flickity.pkgd.min.js HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 01 Aug 2022 02:22:48 GMT
etag: W/"62e738f8-d7c9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.476519,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 15688
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32020)
Size:   15688
Md5:    a6d07891867bf514c60ec8a62b37bec9
Sha1:   b2976119f17e469e869c0cf94446eab89e63b01d
Sha256: 4dd972150875fdf5505c2105e44ce72a2f517191bbd2f51e260e952e097c896c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/thirsty/js/vendor/isotope.pkgd.min.js HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 01 Aug 2022 02:22:48 GMT
etag: W/"62e738f8-8a75"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.476679,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 10930
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32019)
Size:   10930
Md5:    4b2f760bebb24a292e7e0c45fd5e65ee
Sha1:   05d124f4ac49b475a0d8409324e3cbf7579b8144
Sha256: f5333b88b9f08cca909b344b34019fa0dd311a3feb8da5fd8709737286eeb25e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/thirsty/js/vendor/jquery.fancybox.pack.js HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 01 Aug 2022 02:22:48 GMT
etag: W/"62e738f8-b1ce"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.476888,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 16175
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (32085)
Size:   16175
Md5:    c31bd4b6121be5c94cf841faba06b803
Sha1:   1343d4321a62cbd9d694c16177728550159543c3
Sha256: b2ec5bf6f7d484f8f04a77b469cab206bd57d6e33b2ca34b0a3d89461fe39e61

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/thirsty/js/vendor/lazysizes.min.js HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 01 Aug 2022 02:22:48 GMT
etag: W/"62e738f8-30d4"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.477631,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 5478
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6649)
Size:   5478
Md5:    d44e44b9dff05e059732bf535b4750c2
Sha1:   7db7d3f581ce53c9e3ccfc91951356eb96771527
Sha256: 9d95d8e4955609eb0613afe7d7aaa53f266558a8cb83b9eb16d3e03527f4985c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ajax/libs/gsap/3.5.1/gsap.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thirsty.agency/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 30 Nov 2022 13:23:59 GMT
content-length: 21845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f46ecc0-eeae"
last-modified: Wed, 26 Aug 2020 23:14:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9743515
expires: Mon, 20 Nov 2023 13:23:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbSB4FbnY5Qy4woV8MV%2Fj6m8Tdlek6ceS4zRtK7ZwslJkPH1Qgp%2BVFfQUTa7W8GhAb4WYd4xcL35%2BDo4cUuRr%2FMVs0FftpM5FJgf7T1uYp%2B1UkpZSGcpeibKmgUdAffPgnhYbDFk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7723e6996890b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (60805)
Size:   21845
Md5:    3a9ac5b693abccb6ff1f7cbc1cdb3e7a
Sha1:   f3d0b8e789ff9600708834a210e90ad51cceb4dd
Sha256: ebb6e07ed703530e814c3288cb93b60da2a03a040edef85edc88789cc175aac2
                                        
                                            GET /wp-content/themes/thirsty/js/vendor/packery-mode.pkgd.min.js HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 01 Aug 2022 02:22:48 GMT
etag: W/"62e738f8-3539"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.478418,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4459
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13554)
Size:   4459
Md5:    d93e0482f807bc7435077fb21dad74ac
Sha1:   51744b3c2ecffe93772c4db6add968e6f6b9dc8d
Sha256: 4906d9e7c0239ed962c7fa8a66f4ac1492b032904e4421f1476bc58f0664eda3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/thirsty/js/vendor/hammer.min.js HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 01 Aug 2022 02:22:48 GMT
etag: W/"62e738f8-54d3"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.479302,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 8163
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (20581)
Size:   8163
Md5:    6131286c1113467547de88af990ce62f
Sha1:   c956b3adbbcb7a630314b55d874f55ae54611d2a
Sha256: 074cf3c5ba6bc9c1bf15f21ea214bacb12ac76b6cd5fab8938e0fa865800c6d2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6160
Cache-Control: max-age=98025
Date: Wed, 30 Nov 2022 13:23:59 GMT
Etag: "63861d48-117"
Expires: Thu, 01 Dec 2022 16:37:44 GMT
Last-Modified: Tue, 29 Nov 2022 14:55:04 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /wp-content/uploads/2020/09/full-white.svg HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Mon, 01 Aug 2022 02:22:55 GMT
etag: W/"62e738ff-d33"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.474326,VS0,VE7
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 1326
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (965)
Size:   1326
Md5:    eea1122da7d3314b63424d7634d54b21
Sha1:   f7cb7be2d0b1f934daef920cff09a5da71d492c1
Sha256: 4ac38760e62939c631cd535925dc2a875c98f1be44aa0c7bedd08dc3105fd5a7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/loftloader-pro/assets/js/loftloader.min.js?ver=2020081201 HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 01 Aug 2022 02:22:17 GMT
etag: W/"62e738d9-3047"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.488054,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3690
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (12359), with no line terminators
Size:   3690
Md5:    2d347de762dba86edf6bfde7a4746965
Sha1:   f5a0e0113e18bb7a15ac15a71adc88152549b3ea
Sha256: c786db1a80abf099e90c990975d0ee2b11e8610d062c8463703cfb72b1393e90

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/thirsty/js/main-build.js HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 01 Aug 2022 02:22:48 GMT
etag: W/"62e738f8-18c8d"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.488090,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 28805
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2659)
Size:   28805
Md5:    1cfe7cef70ec39d2f31abf9937cb3f70
Sha1:   96f3dd5fedaed45e8435e3a5687ce92b0a07f910
Sha256: 98f96c6a65fbcf8171ea40130d8fa767e3fc82e92c2747b4615edc43a369b7b0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/thirsty-child/js/demo.js HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 01 Aug 2022 02:22:45 GMT
etag: W/"62e738f5-4e4"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814640.506155,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 602
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   602
Md5:    aa80f43d1ac01ba1c28283921e152d2a
Sha1:   778f10f847aa4334b4e94fe5463745b075e14d7b
Sha256: e8d7f802a82ac509b48e7760013176dae5dd844d090cce55d3683cf979da8aed

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 13:23:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/the-grid/frontend/assets/js/the-grid.min.js?ver=2.7.9.1 HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 01 Aug 2022 02:22:27 GMT
etag: W/"62e738e3-17c78"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814640.506065,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 32042
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65388), with CRLF line terminators
Size:   32042
Md5:    112734f4873861d012d66c6a20509138
Sha1:   e895a91ba02c1a0727795bc0510b7dc9cdecd9b1
Sha256: 8ee86d22170fde566d0deb159842eb7889e9ddb2b3404fdc82dce652074d8a8b
                                        
                                            GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.13.2 HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-43ba"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ri0siomphr
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814640.502945,VS0,VE5
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 6927
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15446)
Size:   6927
Md5:    4b3e098f506bd234c9da6fddadf83710
Sha1:   83a01a47bfc26c142c98543b892a4ea91767eadd
Sha256: 64e46fc3c0ea1d811d1f95b7ac5244bfa1640af11f77350c1b3c032d148848c4
                                        
                                            GET /gtag/js?id=UA-76423917-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thirsty.agency/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 13:23:59 GMT
expires: Wed, 30 Nov 2022 13:23:59 GMT
cache-control: private, max-age=900
last-modified: Wed, 30 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43549
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43549
Md5:    e8085e2d998eb7e8d1a718635d4fcab3
Sha1:   16f0516b36c22fd596b612eb20ae2aaadd7caeb5
Sha256: ee0de8885eae44441d76074affb1a279a46ef0bb935db02dd4dc6c12ab81d525
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 13:23:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/thirsty-child/fonts/Albra-Black.woff2 HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://thirsty.agency/wp-content/themes/thirsty-child/fonts/fonts.css?ver=6.1.1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: application/octet-stream
                                        
last-modified: Mon, 01 Aug 2022 02:22:44 GMT
etag: "62e738f4-5d8c"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814640.811093,VS0,VE1
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 23948
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23948, version 1.66\012- data
Size:   23948
Md5:    db8bfe867147bb073facc50b9d4e5c57
Sha1:   7e6c68034ede885f3597246bfff5e2fdbf6c7689
Sha256: 64361a871d02edd3b3798bcb67f7f3f29896e1c102692cb31f053e38628fc335

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/thirsty-child/fonts/Pragmatica.woff2 HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://thirsty.agency/wp-content/themes/thirsty-child/fonts/fonts.css?ver=6.1.1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: application/octet-stream
                                        
last-modified: Mon, 01 Aug 2022 02:22:44 GMT
etag: "62e738f4-4620"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814640.810238,VS0,VE2
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 17952
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17952, version 1.0\012- data
Size:   17952
Md5:    895ea343bd6b5189fe6cea687ecf1a9c
Sha1:   0601fc2e1ac58b81a4246a2b13b6930b1445b3b8
Sha256: b07d0b691109a512e4165829403a0c73a7a792240323e6bee7a5cc668f20c82b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/thirsty-child/fonts/MADE%20Outer%20Sans%20Black.woff2 HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://thirsty.agency/wp-content/themes/thirsty-child/fonts/fonts.css?ver=6.1.1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: application/octet-stream
                                        
last-modified: Mon, 01 Aug 2022 02:22:44 GMT
etag: "62e738f4-31b8"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814640.807002,VS0,VE6
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 12728
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12728, version 1.0\012- data
Size:   12728
Md5:    751c3a1d4e31a72978a1cd21926b4d66
Sha1:   0891a384d5f7bca744788da820df64477d080779
Sha256: 96fc7d51e98224ad5d62bc201b91a639d1be87b640b249ebac250263143873e2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UJTty41IZvmS4QBNQMw7/g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.42.74.230
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: T2lcIHf9fRV67ud3w2pp+vc58kQ=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 13:23:59 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 09:12:44 GMT
Expires: Sun, 04 Dec 2022 09:12:43 GMT
Etag: "bed94e880c8a0f621df2165d97d9081fb646b15d"
Cache-Control: max-age=329923,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7723e69a2af4b515-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 13:23:59 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 09:12:44 GMT
Expires: Sun, 04 Dec 2022 09:12:43 GMT
Etag: "bed94e880c8a0f621df2165d97d9081fb646b15d"
Cache-Control: max-age=329923,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7723e69a289a1bfe-OSL

                                        
                                            GET /false HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
cache-control: no-cache, must-revalidate, max-age=0
link: <https://thirsty.agency/wp-json/>; rel="https://api.w.org/"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: ri0siomphr
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: NO:Not Cacheable
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:24:00 GMT
x-served-by: cache-bma1662-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669814640.804965,VS0,VE281
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 12061
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Size:   12061
Md5:    811b355c87981b39d719fa8958f818e3
Sha1:   f9047a3ff28e7fbcc7b52bd6fff38c65d1e22dbf
Sha256: 3830dae4165d84bc00ef88de334fd03e15348d11f27b7a18db17ab2afeec9670

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/thirsty-child/toasty/toasty.css HTTP/1.1 
Host: ajew8ag5yp-flywheel.netdna-ssl.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thirsty.agency/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         108.161.188.132
HTTP/2 502 Bad Gateway
content-type: text/html
                                        
date: Wed, 30 Nov 2022 13:24:00 GMT
content-length: 166
server: NetDNA-cache/2.2
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   166
Md5:    261b1f079fa0a5c0c32d181e43440c05
Sha1:   300ee04911225728b015abd82d7ca5f43f999b79
Sha256: c79255f6cb550eaa07d6e90d859b8c1abe81658115ae8175e74b67ac22c7ed87
                                        
                                            GET /imagesloaded@4.1.4/imagesloaded.pkgd.min.js HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.123.175
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 30 Nov 2022 13:23:59 GMT
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Tue, 02 Jan 2018 16:53:35 GMT
etag: W/"15da-bT4RF04iZo5p3yNuXEVCFo98v+w"
via: 1.1 fly.io
fly-request-id: 01G4XKHAKMA0TM8SXBZFY8DNJK-fra
cf-cache-status: HIT
age: 15258761
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7723e69bab8c0b49-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5477)
Size:   13887
Md5:    b31e087639b5738e4c396fb7b5c1d132
Sha1:   ba69c8b87a0fdf536458b3758c02bcd1fe9f48b5
Sha256: f326f32fd0e7e7b5cdc6a3be65ee768c1338b5d86a8638ad2c2c10b8d1e368db
                                        
                                            GET /wp-content/themes/thirsty-child/toasty/jquery.toasty.js HTTP/1.1 
Host: ajew8ag5yp-flywheel.netdna-ssl.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thirsty.agency/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         108.161.188.132
HTTP/2 502 Bad Gateway
content-type: text/html
                                        
date: Wed, 30 Nov 2022 13:24:00 GMT
content-length: 166
server: NetDNA-cache/2.2
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   166
Md5:    261b1f079fa0a5c0c32d181e43440c05
Sha1:   300ee04911225728b015abd82d7ca5f43f999b79
Sha256: c79255f6cb550eaa07d6e90d859b8c1abe81658115ae8175e74b67ac22c7ed87
                                        
                                            GET /wp-content/themes/thirsty-child/toasty/toasty.css HTTP/1.1 
Host: ajew8ag5yp-flywheel.netdna-ssl.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thirsty.agency/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         108.161.188.132
HTTP/2 502 Bad Gateway
content-type: text/html
                                        
date: Wed, 30 Nov 2022 13:24:00 GMT
content-length: 166
server: NetDNA-cache/2.2
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   166
Md5:    261b1f079fa0a5c0c32d181e43440c05
Sha1:   300ee04911225728b015abd82d7ca5f43f999b79
Sha256: c79255f6cb550eaa07d6e90d859b8c1abe81658115ae8175e74b67ac22c7ed87
                                        
                                            GET /wp-content/uploads/2020/12/cropped-Tfavi-32x32.png HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Mon, 01 Aug 2022 02:22:50 GMT
etag: W/"62e738fa-1b0"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:24:00 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814640.301730,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 455
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   455
Md5:    6ea53029082a6c1dc2ce97b095b8387e
Sha1:   66bf8c4f5c2642d9cf06b5b53034e42b674d95b2
Sha256: d1f6c7d39cebfebfd6fc9f202ff6818667943f534ef32dfaa624ec2feb64b741
                                        
                                            GET /wp-content/uploads/2020/12/cropped-Tfavi-192x192.png HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Mon, 01 Aug 2022 02:22:53 GMT
etag: W/"62e738fd-807"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:24:00 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814640.301275,VS0,VE4
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1984
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   1984
Md5:    6bf7bbc70397ec1b7689eab97dc5a6c0
Sha1:   1b8e070c687eeaa7c264cd00d45a2c0d555288d7
Sha256: 1da570a1b2b92638a34bf7ae4e9c829ef2bf4e846391232afb958bffe1d1d5da
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thirsty.agency/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.110
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 30 Nov 2022 12:41:08 GMT
expires: Wed, 30 Nov 2022 14:41:08 GMT
cache-control: public, max-age=7200
age: 2572
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /wp-content/plugins/nextend-smart-slider3-pro/Public/SmartSlider3/Application/Frontend/Assets/dist/n2-j.min.js?ver=a96b01e9 HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 01 Aug 2022 02:22:16 GMT
etag: W/"62e738d8-1aba4"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:23:59 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814639.471172,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 40517
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, the_grid \012- data
Size:   17963
Md5:    8c1ff30238b4a219b2dd470a2c414296
Sha1:   c36d9884c6d83cd8df66daca2a46ee5830083976
Sha256: 1cf1af2f6a0741407a3978158d8e3502b62ac41c026187815e8677d04fa4b393

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5679
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 13:24:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5679
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 13:24:00 GMT
Connection: keep-alive

                                        
                                            GET /imagesloaded@4/imagesloaded.pkgd.min.js HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thirsty.agency/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.123.175
HTTP/2 302 Found
content-type: text/plain; charset=utf-8
                                        
date: Wed, 30 Nov 2022 13:23:59 GMT
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /imagesloaded@4.1.4/imagesloaded.pkgd.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GK4AT6AP3BSJ8PGRBT35EQ6S-fra
cf-cache-status: HIT
age: 541
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7723e699f9d90b49-OSL
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5679
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 13:24:00 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 04:55:46 GMT
age: 30494
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10176
Md5:    03014221d7f49b50ffc2d1b0a0e75457
Sha1:   772d86ad983042a728ee3490630a9cf1134ad0dd
Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IMaVlQblNnh9mFKwb2LG7hw7h_f1_nVYqO4aEUqY01a2HofnnQqcFQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:31 GMT
age: 56069
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9051
Md5:    05196ec43964cf559caa0c0279148d62
Sha1:   6170d6776615503e3e29f86783febc3e3e78ca66
Sha256: 47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
age: 54914
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5785
Md5:    59baec8db5ced0210ab766ea5636a5fd
Sha1:   f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
Sha256: 33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:00:54 GMT
age: 55386
etag: "2f3a39a528d3b759060203931de33c12303592e1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9330
Md5:    bbe350ea797a0fec5a19a450fc5de4b4
Sha1:   2f3a39a528d3b759060203931de33c12303592e1
Sha256: 4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8heT2eN5oLbO14R9qLq78Vma_TkteufTyKM5i3K2XoJYXfWNwLMEwQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 55655
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7298
Md5:    e00769bd1391b8f4f5b8ab128a825355
Sha1:   e4ddf955e8ac1986045ed55880c43c69e588a021
Sha256: 81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gCt9oHpZ68tLCYHIYpI1XLtADkScxwf12kDFnU0o5WoQIVSzWlqozw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:16:52 GMT
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
age: 54428
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10958
Md5:    777ce44582c70bf01a31da4cab366f36
Sha1:   57e1d34f146d5ccd9943aa97bcc3158f7103bb07
Sha256: fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
                                        
                                            GET /wp-content/uploads/2022/09/PATTYIMG00002.png HTTP/1.1 
Host: thirsty.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thirsty.agency/
Connection: keep-alive
Cookie: _ga=GA1.2.840432928.1669814639; _gid=GA1.2.187618990.1669814639; _gat_gtag_UA_76423917_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.194.159
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Fri, 02 Sep 2022 15:27:32 GMT
etag: W/"631220e4-53c07"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ri0siomphr
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 30 Nov 2022 13:24:01 GMT
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669814642.537194,VS0,VE9
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 340668
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 838 x 541, 8-bit/color RGBA, non-interlaced\012- data
Size:   340668
Md5:    b5deb5873e5968dbc3655d2ca16f3dd6
Sha1:   11dce4ac78e209fb09334a6e6d4a8380a0d0c64d
Sha256: d27e51c5e79d3e8855864fd7cc6718d56ed94018cc51af0f113c4443438c3efb