flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
89.117.188.25301 Moved Permanently 707 B URL HTTP/1.1 flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
IP 89.117.188.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw== HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sat, 04 Feb 2023 06:29:33 GMT
server: LiteSpeed
location: https://flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
platform: hostinger
content-security-policy: upgrade-insecure-requests
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11834
Expires: Sat, 04 Feb 2023 09:46:47 GMT
Date: Sat, 04 Feb 2023 06:29:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4006
Expires: Sat, 04 Feb 2023 07:36:19 GMT
Date: Sat, 04 Feb 2023 06:29:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 05:36:14 GMT
content-type: application/json
age: 3199
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2462
Expires: Sat, 04 Feb 2023 07:10:35 GMT
Date: Sat, 04 Feb 2023 06:29:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PXMi4+yBvKCYSBaAsMrakRvkxrwJ8gxdRtJf3zx0R3r7/GW7I/e/YQcYvGqSSyGXNLDr0bJ2jYY=
x-amz-request-id: 51W20BGX53AEX19C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 05:52:43 GMT
age: 2210
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 06:29:33 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 06:07:19 GMT
age: 1335
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16829
Expires: Sat, 04 Feb 2023 11:10:03 GMT
Date: Sat, 04 Feb 2023 06:29:34 GMT
Connection: keep-alive
flowerdaleschool.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
89.117.188.25200 OK 11 kB URL HTTP/2 flowerdaleschool.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 89.117.188.25:0
File type ASCII text, with very long lines (47826)
Hash ba5eac37229008eef8a48bb9c12da241
95a3100a0d65a7bd0ebeba66a7ef01146cf96a24
60a4012feb8a3fb3b7f5d411ee9241e12c9ef0e5b33f249aea1b1ad103a71c0f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:29:34 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 20:29:38 GMT
etag: "172a9-637bdfb2-c4940b4e9bb83c84;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11353
date: Sat, 04 Feb 2023 06:29:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
flowerdaleschool.com/wp-includes/css/classic-themes.min.css?ver=1
89.117.188.25200 OK 217 B URL HTTP/2 flowerdaleschool.com/wp-includes/css/classic-themes.min.css?ver=1
IP 89.117.188.25:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:29:34 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 20:29:38 GMT
etag: "d9-637bdfb2-7b3e3c9630444e9d;;;"
accept-ranges: bytes
content-length: 217
date: Sat, 04 Feb 2023 06:29:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
flowerdaleschool.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
89.117.188.25200 OK 869 B URL HTTP/2 flowerdaleschool.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
IP 89.117.188.25:0
Hash 6288d6d52253c18598b740ee1169d4f1
dc364cb90c2b1b076bea4e347554d3bd9fd8a475
8d7330cc7b18dc516b54c96d17296a3d4d475bacc165078441d7aad844b12621
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2 HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:29:34 GMT
content-type: text/css
last-modified: Mon, 02 Jan 2023 20:55:21 GMT
etag: "af3-63b344b9-79d9ac909cd9f176;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 869
date: Sat, 04 Feb 2023 06:29:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
flowerdaleschool.com/wp-content/fonts/0abbcee7b40c7d7bb2efebc4dcb2fc39.css
89.117.188.25200 OK 722 B URL HTTP/2 flowerdaleschool.com/wp-content/fonts/0abbcee7b40c7d7bb2efebc4dcb2fc39.css
IP 89.117.188.25:0
Hash 9ccd69116cfe7977123dc244458d11fc
0de571dc0ea85206b7b0d9ec5f0a036b8bfd0ae5
03371b727038b8af52ab835c835ff348b8aa60ec67e8ca9fc8ae49b230fc07cb
GET /wp-content/fonts/0abbcee7b40c7d7bb2efebc4dcb2fc39.css HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:29:34 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 20:28:13 GMT
etag: "4f1f-637bdf5d-f63d858792d98ad8;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 722
date: Sat, 04 Feb 2023 06:29:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
flowerdaleschool.com/wp-content/themes/play-school-kindergarten/assets/css/bootstrap.css?ver=6.1.1
89.117.188.25200 OK 20 kB URL HTTP/2 flowerdaleschool.com/wp-content/themes/play-school-kindergarten/assets/css/bootstrap.css?ver=6.1.1
IP 89.117.188.25:0
File type ASCII text, with very long lines (683), with CRLF line terminators
Hash ab747687f500dcfebdf2455803dd020b
bcf9991611fdf4ae8805d58ef09c0ed4e4b34176
cab3fb9ab5cd630cedc64b0627cfd2e8b788619e7203d6c8450227b425a5994e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/play-school-kindergarten/assets/css/bootstrap.css?ver=6.1.1 HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:29:34 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 20:27:59 GMT
etag: "31136-637bdf4f-78828b74aa0c5266;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 19591
date: Sat, 04 Feb 2023 06:29:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
flowerdaleschool.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.9.2
89.117.188.25200 OK 587 B URL HTTP/2 flowerdaleschool.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.9.2
IP 89.117.188.25:0
File type ASCII text, with very long lines (9895)
Hash d61cb6d6c0e5df9a7c96bf2186c6967c
c2c642b05f62040cc1a6cb11d9e55433d7337077
f08dd7f11b2368cd351a9bc5b9c615eebd71aef38825a305048e99425fef3c1a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.9.2 HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:29:34 GMT
content-type: text/css
last-modified: Mon, 02 Jan 2023 20:54:52 GMT
etag: "26ce-63b3449c-fc29fe0bcfe550f2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 587
date: Sat, 04 Feb 2023 06:29:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
flowerdaleschool.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.5.2
89.117.188.25200 OK 724 B URL HTTP/2 flowerdaleschool.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.5.2
IP 89.117.188.25:0
File type ASCII text, with very long lines (3508)
Hash 1a25f9a00de0acbe1750b464badb4a68
290223483c93391f2c3cff81a9de74b53af12d06
6c09058c3dc67c6810173c9990f1909f08328e3f3ea05347b6cb1b568d1f812c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.5.2 HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:29:34 GMT
content-type: text/css
last-modified: Mon, 02 Jan 2023 20:55:11 GMT
etag: "db5-63b344af-da0077b13930e8bd;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 724
date: Sat, 04 Feb 2023 06:29:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
flowerdaleschool.com/wp-content/themes/play-school-kindergarten/style.css?ver=6.1.1
89.117.188.25200 OK 12 kB URL HTTP/2 flowerdaleschool.com/wp-content/themes/play-school-kindergarten/style.css?ver=6.1.1
IP 89.117.188.25:0
File type assembler source, ASCII text, with very long lines (1440)
Hash ed024618623c1e989df05516ad9c2473
bf6b19836fae183d63334cdd536c77e3edb5814c
200040169fd6efd01899ec10f8c12996ca319aa8d2fe9d01cf61daa8da1b01dd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/play-school-kindergarten/style.css?ver=6.1.1 HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:29:34 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 20:43:37 GMT
etag: "ed10-637be2f9-e83478f737b729a1;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12162
date: Sat, 04 Feb 2023 06:29:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
flowerdaleschool.com/wp-content/themes/play-school-kindergarten/assets/css/fontawesome-all.css?ver=6.1.1
89.117.188.25200 OK 7.6 kB URL HTTP/2 flowerdaleschool.com/wp-content/themes/play-school-kindergarten/assets/css/fontawesome-all.css?ver=6.1.1
IP 89.117.188.25:0
File type ASCII text, with very long lines (317), with CRLF line terminators
Hash 549b58d871db43edeb686fd965553d1e
b0aa40fa2b325f35fc0416dcd8d1a407711d83a8
0c3c0d4abf5d776464b6f6a38659e95a1bd14aa7712efbe192fa7e76588e9931
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/play-school-kindergarten/assets/css/fontawesome-all.css?ver=6.1.1 HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:29:34 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 20:27:59 GMT
etag: "b350-637bdf4f-eb9c0ac77009308c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7642
date: Sat, 04 Feb 2023 06:29:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
89.117.188.25404 Not Found 26 kB URL HTTP/2 flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
IP 89.117.188.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators
Hash 6a8d9b665b729c816c2b82577317ace6
a2533d6ab0e4fc0741bdf2c096d4dd79bfe0f830
378ca2c4106cae2f701ec32da1bbf78edaa4eabaaaef26f7ff49c5d167bad403
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw== HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://flowerdaleschool.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 Feb 2023 06:29:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.215.56.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.56.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 22lgX/oq4ZusUIeGPKv5qw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZDTt9en8CpnSxa312B4SgmEqA0o=
flowerdaleschool.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
89.117.188.25200 OK 4.0 kB URL HTTP/2 flowerdaleschool.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 89.117.188.25:0
File type ASCII text, with very long lines (11126)
Hash 4116c2be947ecf205a0c7fc117ca55f0
0cd8efc9fe349d67a86b49d1e5582a9b21d05add
6b1970b536b88a18b0eb4fe138e677b9736294057660676507fabee57cb0462c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:29:34 GMT
content-type: application/x-javascript
last-modified: Mon, 21 Nov 2022 20:29:38 GMT
etag: "2bd8-637bdfb2-62a62cdbdf0c04d4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3984
date: Sat, 04 Feb 2023 06:29:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
flowerdaleschool.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
89.117.188.25200 OK 2.9 kB URL HTTP/2 flowerdaleschool.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
IP 89.117.188.25:0
File type ASCII text, with very long lines (10565), with no line terminators
Hash 26308da90821868735e3981674b3cb5a
a31e9fc36e3560191a08581e66f0d6ba985ddf69
980e60d92951ef0cb5acf9e92919573e20387eef2d14bbfc35e2d9f99b12ab6c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2 HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:29:34 GMT
content-type: application/x-javascript
last-modified: Mon, 02 Jan 2023 20:55:21 GMT
etag: "2945-63b344b9-a120d09bb5000ba5;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2898
date: Sat, 04 Feb 2023 06:29:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
flowerdaleschool.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
89.117.188.25200 OK 3.8 kB URL HTTP/2 flowerdaleschool.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
IP 89.117.188.25:0
File type HTML document, ASCII text, with very long lines (12652), with no line terminators
Hash cd0eced22a64629c058f64561017e982
26e5dbbc20363b23f616b2a80a4f6b65d83d9df7
0e0e6912cb42930a5802fd0fc9b37f93d1f55bbb18b9e482e11a1808bdc0328b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2 HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:29:34 GMT
content-type: application/x-javascript
last-modified: Mon, 02 Jan 2023 20:55:21 GMT
etag: "316c-63b344b9-af32f9c88ff81d33;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3819
date: Sat, 04 Feb 2023 06:29:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
flowerdaleschool.com/wp-content/themes/play-school-kindergarten/assets/js/navigation.js?ver=2.1.2
89.117.188.25200 OK 1.2 kB URL HTTP/2 flowerdaleschool.com/wp-content/themes/play-school-kindergarten/assets/js/navigation.js?ver=2.1.2
IP 89.117.188.25:0
File type ASCII text, with CRLF line terminators
Hash 1150899c4c269c0035a976992347a099
0a35b11ed1d5ce144a7955019bb8ec007e0180e8
7e00b8ecee12b7e9b66268f136217f1373105d29e9dee30ca689f849d987f41d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/play-school-kindergarten/assets/js/navigation.js?ver=2.1.2 HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:29:34 GMT
content-type: application/x-javascript
last-modified: Mon, 21 Nov 2022 20:27:59 GMT
etag: "ee8-637bdf4f-e921f8174a28145e;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1177
date: Sat, 04 Feb 2023 06:29:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
flowerdaleschool.com/wp-content/themes/play-school-kindergarten/assets/js/jquery.superfish.js?ver=6.1.1
89.117.188.25200 OK 2.2 kB URL HTTP/2 flowerdaleschool.com/wp-content/themes/play-school-kindergarten/assets/js/jquery.superfish.js?ver=6.1.1
IP 89.117.188.25:0
Hash c2e9382baa2b8a767e1e90cbe6b061ab
923d614195509673d10da9b649480477689b6af2
be43ae41b0b1648cffff821a3b15823f063203f99de876c5737877b2abc97049
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/play-school-kindergarten/assets/js/jquery.superfish.js?ver=6.1.1 HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:29:34 GMT
content-type: application/x-javascript
last-modified: Mon, 21 Nov 2022 20:27:59 GMT
etag: "1cff-637bdf4f-3b28feaa9549d67;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2177
date: Sat, 04 Feb 2023 06:29:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
flowerdaleschool.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.5.2
89.117.188.25200 OK 2.9 kB URL HTTP/2 flowerdaleschool.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.5.2
IP 89.117.188.25:0
File type ASCII text, with very long lines (8741), with no line terminators
Hash 1b7754e6b71728a8c714b74f9b80b367
1fd82826e82ad5995cb3326a456566da0a55f1cf
7eb7c9e57c6741a888e7a09c6874d83dbffacd63d9179eae95d2620d3356fe4c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.5.2 HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:29:34 GMT
content-type: application/x-javascript
last-modified: Mon, 02 Jan 2023 20:55:12 GMT
etag: "2225-63b344b0-c43ba27de720022d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2915
date: Sat, 04 Feb 2023 06:29:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
flowerdaleschool.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
89.117.188.25200 OK 30 kB URL HTTP/2 flowerdaleschool.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 89.117.188.25:0
File type ASCII text, with very long lines (65447)
Hash cdbbc979b5a5de31a3ac8296e0ef489e
b83000eb74956c3404fb58c87e95aed5bab2ed19
48a6489945365cddb4c75af60f1e6a8a15d6598a1596ef18eb1b4aaad33e96f3
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:29:34 GMT
content-type: application/x-javascript
last-modified: Mon, 21 Nov 2022 20:29:38 GMT
etag: "15e54-637bdfb2-65461d38d1cf08f;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30075
date: Sat, 04 Feb 2023 06:29:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
flowerdaleschool.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
89.117.188.25200 OK 4.6 kB URL HTTP/2 flowerdaleschool.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 89.117.188.25:0
File type ASCII text, with very long lines (15660)
Hash 4402e98c197d70e9bc78b1da062e658a
b1d2477c6b1dfa9283d79a0a3944098dde573f68
4e646c55a8c057d08458aed4f913f5ae713e1351aadc0bcdf947bc48fb6a73ed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:29:34 GMT
content-type: application/x-javascript
last-modified: Mon, 21 Nov 2022 20:29:38 GMT
etag: "48b9-637bdfb2-1258d01756a4875b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4572
date: Sat, 04 Feb 2023 06:29:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
flowerdaleschool.com/wp-content/themes/play-school-kindergarten/assets/js/bootstrap.js?ver=1.0
89.117.188.25200 OK 19 kB URL HTTP/2 flowerdaleschool.com/wp-content/themes/play-school-kindergarten/assets/js/bootstrap.js?ver=1.0
IP 89.117.188.25:0
File type ASCII text, with very long lines (315), with CRLF line terminators
Hash 01051fe837ab6969d131c5c4600fc392
ac179213f58a9b1f2be7d39cb614e72853a928e8
90c7118786e31a81b1ac15661e5ff09d5238999d2966e20971e4a43d7f674b4b
GET /wp-content/themes/play-school-kindergarten/assets/js/bootstrap.js?ver=1.0 HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:29:34 GMT
content-type: application/x-javascript
last-modified: Mon, 21 Nov 2022 20:27:59 GMT
etag: "1d09e-637bdf4f-e6de7d8ee38ebab3;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18735
date: Sat, 04 Feb 2023 06:29:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
flowerdaleschool.com/wp-content/uploads/2020/03/cropped-logo.png
89.117.188.25200 OK 117 kB URL HTTP/2 flowerdaleschool.com/wp-content/uploads/2020/03/cropped-logo.png
IP 89.117.188.25:0
File type PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 117 kB (116619 bytes)
Hash afb106017cfac15d4e342c795da30ef1
0923f68ed329d005211b714c802ab587699f4912
4ff7a59f03034b42819ca17d7107da0c1c615beba05caf0fa7d27f10a0c4c7a6
GET /wp-content/uploads/2020/03/cropped-logo.png HTTP/1.1
Host: flowerdaleschool.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flowerdaleschool.com/wp-admin/Bank/Chase.com/signin/credit_verify.php?MTY2NzA1NTQ5MDE3OGQyMGY1MGRkZjYzNDYwN2EyODEwODVjZTc5ZTE2NDRlMTFhNmQwMjcyMWNjYjRhMTRkNmYxMjUwMzk0M2Y2NDFlZjQzNw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:29:34 GMT
content-type: image/png
last-modified: Mon, 21 Nov 2022 20:12:00 GMT
etag: "1c78b-637bdb90-b722f80ce7ee60e7;;;"
accept-ranges: bytes
content-length: 116619
date: Sat, 04 Feb 2023 06:29:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:29:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d3442.9263198086974!2d78.0218872349644!3d30.353043829567227!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x81330cb4f41c6409!2sFlowerdale%20School!5e0!3m2!1sen!2sin!4v1583195396772!5m2!1sen!2sin
216.58.211.4200 OK 1.4 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d3442.9263198086974!2d78.0218872349644!3d30.353043829567227!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x81330cb4f41c6409!2sFlowerdale%20School!5e0!3m2!1sen!2sin!4v1583195396772!5m2!1sen!2sin
IP 216.58.211.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2382)
Hash 5adfcaeb42475fa151c6edc4d91e40cc
e3105d272ea22f63677cfade0890f9800578a460
244e69f8ddb4189ac5591419a915bb0548db73e9dd75f0e116e9b80d5c6bf6b7
GET /maps/embed?pb=!1m14!1m8!1m3!1d3442.9263198086974!2d78.0218872349644!3d30.353043829567227!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x81330cb4f41c6409!2sFlowerdale%20School!5e0!3m2!1sen!2sin!4v1583195396772!5m2!1sen!2sin HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flowerdaleschool.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, must-revalidate
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-S99xREXHAqAeGm_yzOz5bw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-type: text/html; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 04 Feb 2023 06:29:35 GMT
server: scaffolding on HTTPServer2
content-length: 1369
x-xss-protection: 0
x-content-type-options: nosniff
server-timing: gfet4t7; dur=189
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:29:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:29:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=in&callback=onApiLoad
142.250.74.42200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=in&callback=onApiLoad
IP 142.250.74.42:0
File type ASCII text, with very long lines (2545)
Hash 5590c45ac914e153f463cab1e8088307
6a101a93287930913de5ec4976fd8f315208bb88
8c33426908e910c2a7d53851f9a435f3ffdde702e2ddd7b948b7a74f21b40e3e
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=in&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56426
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Sat, 04 Feb 2023 06:05:33 GMT
expires: Sat, 04 Feb 2023 06:35:33 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 1442
server-timing: gfet4t7; dur=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:29:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:29:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/maps-api-v3/embed/js/51/8/init_embed.js
142.250.74.99200 OK 227 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/8/init_embed.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (2599)
Size 227 kB (227161 bytes)
Hash e3fcdb3b625ae8f6058df005fbac1b91
9cd25835e9e08695c0114f57a5abf4d3437b1619
97fcf9ad8137f24c0f74e5450b2b4a01d87dfa70678130187fe13c1614ab419b
GET /maps-api-v3/embed/js/51/8/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 227161
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 19:04:02 GMT
expires: Thu, 01 Feb 2024 19:04:02 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 18:44:31 GMT
content-type: text/javascript
age: 213933
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:29:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11095
Expires: Sat, 04 Feb 2023 09:34:31 GMT
Date: Sat, 04 Feb 2023 06:29:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11095
Expires: Sat, 04 Feb 2023 09:34:31 GMT
Date: Sat, 04 Feb 2023 06:29:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11095
Expires: Sat, 04 Feb 2023 09:34:31 GMT
Date: Sat, 04 Feb 2023 06:29:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11045
Expires: Sat, 04 Feb 2023 09:33:41 GMT
Date: Sat, 04 Feb 2023 06:29:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11095
Expires: Sat, 04 Feb 2023 09:34:31 GMT
Date: Sat, 04 Feb 2023 06:29:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:44 GMT
age: 30232
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65cd12302c9ca5468dbc9a98155970e0
a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1
8463155faca74f13ec4500fed98289d8bfbdc4a989d1cb7580736018eadf1000
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7992
x-amzn-requestid: ba4f95d9-6081-4b34-955c-bbe8e7b2335c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEEjGsdIAMF84w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8083-7666baa66ccdec9b5fec8736;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A3c6sSs_b8KkREPa26a8X9NTEZpHGDjElR9hT-NXwg6dYpeuRNZXfA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 29955
etag: "a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83ac46e378ad452aeb212d709ab70232
7514ed93fd2f256e5aad386fdd0ebc723785291b
e199498691268526a6ecfe58abb88ced8661272cd7ad8270811c84fb15dbb547
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14221
x-amzn-requestid: a74ee3d4-6163-4dec-ab62-97279cf52282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3ERhIAMFh1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-3e5d4b3d39919497215866df;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3TIbnpwYk9CIeoXeW4T-ouwV7X1y-LgKV7wB4XJwFKSKx248jIJyBQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:08:39 GMT
age: 30057
etag: "7514ed93fd2f256e5aad386fdd0ebc723785291b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:00:26 GMT
age: 30550
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99bf0073acf75f9e04b52a96bf47797b
fa68da2c92fa89ed3dafe9915e064fca022af21f
961b77616486483e5767f214d2417275b9c995614128acab3521b6cd2f8866e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8267
x-amzn-requestid: 8bf1f9c3-4508-489e-9f45-3ce50df74b0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW0HM6IAMFXog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f8-2e7c768d54981cf1634830db;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ThTL_OlFd4yMELCmSzH4ziqxa8gdYgAAbxLY9VZPVaIldOUkvFVF_Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:12:43 GMT
age: 29813
etag: "fa68da2c92fa89ed3dafe9915e064fca022af21f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b7r7phj8i49RMSuWufxF1L34K9udWa0mJ4dY12izM9ofwAuCFBGEZQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:47:06 GMT
age: 31350
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 462456
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 07:51:59 GMT
expires: Thu, 01 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 254257
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2