r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10245
Expires: Tue, 06 Dec 2022 09:28:36 GMT
Date: Tue, 06 Dec 2022 06:37:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5149
Cache-Control: max-age=105557
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:51 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:57:08 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11026
Expires: Tue, 06 Dec 2022 09:41:37 GMT
Date: Tue, 06 Dec 2022 06:37:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 06:18:36 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1155
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PtR2+jMO9AXcrqJ0QQHoW44FVnFcfN0DxRAdZFQ+oCbOYa4Q5CyyzZ4+gBEugnaH3hG7QBUWda4=
x-amz-request-id: BDCM85JVJBF3AYHR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 05:46:59 GMT
age: 3052
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.woodsbagot.com/
141.193.213.10301 Moved Permanently 162 B IP 141.193.213.10:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET / HTTP/1.1
Host: www.woodsbagot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Dec 2022 06:37:51 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.woodsbagot.com/
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUA455OMyNMx9%2BpxyGNiiXFeNM8Qyi1Pc%2BD43ilKHWgvw8q3H464hH%2F6Opvl3jkAY5xzUQYbLVkVzQ9OwVeN73eTcBiCSpIhWNkRqG28baDFgHtUElJVsZ0yLEhkWnDvFJlQgw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775303ebaba5b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 06:37:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a2bc94368fa65554131795fadfe2f318
7620c1177f7ba527e068602710d8dcc710701ddb
82f87361b2192f25460f4d64ffdf3499ed42e91ba9aa6f63660852f11e89fb6e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=99321
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:51 GMT
Etag: "638dc438-117"
Expires: Wed, 07 Dec 2022 10:13:12 GMT
Last-Modified: Mon, 05 Dec 2022 10:13:12 GMT
Server: nginx
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 06:11:20 GMT
cache-control: public,max-age=3600
age: 1592
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5138
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:52 GMT
Last-Modified: Tue, 06 Dec 2022 05:12:14 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.39.96.8101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.96.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zHgEEntD4M+dmkNnUu7QBA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: akaWSct/K3Bydv/RJm69ZqlQa1o=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a2bc94368fa65554131795fadfe2f318
7620c1177f7ba527e068602710d8dcc710701ddb
82f87361b2192f25460f4d64ffdf3499ed42e91ba9aa6f63660852f11e89fb6e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=99321
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:52 GMT
Etag: "638dc438-117"
Expires: Wed, 07 Dec 2022 10:13:13 GMT
Last-Modified: Mon, 05 Dec 2022 10:13:12 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3915ae99bed676bba76e42bc6c9ccf63
2d74879010a8d654ee64b500c67b579d50ad432e
a67b5a12caf98cdad4dae24ea209c7596f2c2fbce144858340a57c00a79de174
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3790
Cache-Control: max-age=125798
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:52 GMT
Etag: "638e1cd8-117"
Expires: Wed, 07 Dec 2022 17:34:30 GMT
Last-Modified: Mon, 05 Dec 2022 16:31:20 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
player.vimeo.com/api/player.js?ver=6.1.1
162.159.128.61200 OK 6.3 kB URL HTTP/1.1 player.vimeo.com/api/player.js?ver=6.1.1
IP 162.159.128.61:0
File type Unicode text, UTF-8 text, with very long lines (21087)
Hash be35514553399a516ec9a8a782341d76
cc471c8a2ad4a645656f72e0833a3cd1a9131b63
ab060007b859a933f8fb7bbc505c9c0a06eef5813ab909d9f09f9656c2d53505
GET /api/player.js?ver=6.1.1 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 06:37:52 GMT
Content-Type: application/javascript;charset=utf-8
Content-Length: 6272
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Tue, 06 Dec 2022 06:58:14 GMT
x-host: player-8c6fcccfc-8qkwg
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-varnish-0
x-backend-proxy: playproxy1
x-bapp-server: player-8c6fcccfc-8qkwg
Accept-Ranges: bytes
Age: 578
X-Served-By: cache-bma1643-BMA
X-Cache: HIT
X-Cache-Hits: 670
X-Timer: S1670308673.799807,VS0,VE0
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=u15aHJwb7pVT4pkp7AnTyUCcnc4qCYvcXVgDwYf5xcQ-1670308672-0-AeRFLOeitlFOc8tuWle3sxe39VObwGlHspGD92FkyO9hQHzFjcPhK4zo8DoXuhmZ0i2+lzbMADToQ0cPSNMPHsg=; path=/; expires=Tue, 06-Dec-22 07:07:52 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 775303f4efef1bfa-OSL
code.jquery.com/jquery-3.5.1.min.js?ver=3.5.1
69.16.175.42200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.5.1.min.js?ver=3.5.1
IP 69.16.175.42:0
File type ASCII text, with very long lines (65451)
Hash 3700d0b271343804b9b9aa1c13efa521
3d6b03dbd74872ca3dfbb0529f6c80943788f918
fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e
GET /jquery-3.5.1.min.js?ver=3.5.1 HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 06:37:52 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670308672.dop024.sk1.t,1670308672.cds248.sk1.hn,1670308672.cds208.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/pzZNM49FZ1A
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/pzZNM49FZ1A
IP 142.250.74.131:0
Hash e5d9e8f08e122f9b3426bcc708728a57
f19e0c5128509524ed1ac078dc8e2bf42e719022
0aae21a33cb2f4c0e25010bc3ecdd206cbcaa9827598dac49a91adabd61a2a5e
POST /s/gts1d4/pzZNM49FZ1A HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-64818128-2
172.217.21.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-64818128-2
IP 172.217.21.168:0
File type ASCII text, with very long lines (1921)
Hash 85fb342c48453c68dfa2cc71c5a70a4d
37d5708b6137f04faa2f64f619842cb1157afe9f
e6497c7f5c24e19a681e78f8ca29d5c355b21205501178aa04354af8bea531fb
GET /gtag/js?id=UA-64818128-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 06:37:52 GMT
expires: Tue, 06 Dec 2022 06:37:52 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44711
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
app-script.monsido.com/v2/monsido-script.js
34.98.105.146200 OK 2.5 kB URL HTTP/2 app-script.monsido.com/v2/monsido-script.js
IP 34.98.105.146:0
File type ASCII text, with very long lines (8090), with no line terminators
Hash a80e2547c40cdaad2be73a1abd926abf
23a2548f1f036b9c0da5e1e1be556792820a77c7
c044f95966c7bf597cb449e259c0b9dc2ae7694d6cb632539c9276cf63ec74e5
GET /v2/monsido-script.js HTTP/1.1
Host: app-script.monsido.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdv6ww12mV5x3QfLRV9m-jfBWuXNmlaTae7Tl0AU9zWbGdO8pXvoJNz_GbcPUJjxCntXbvJpC_GGNawRLt6L6OdtmC3Ls4Im
x-goog-generation: 1665567669349666
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 2498
content-encoding: gzip
x-goog-hash: crc32c=aLsepA==, md5=qA4lR8QM2q0r5zoavZJqvw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2498
server: UploadServer
date: Tue, 06 Dec 2022 06:33:00 GMT
expires: Tue, 06 Dec 2022 06:38:00 GMT
cache-control: public, max-age=300
age: 292
last-modified: Wed, 12 Oct 2022 09:41:09 GMT
etag: "a80e2547c40cdaad2be73a1abd926abf"
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/pzZNM49FZ1A
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/pzZNM49FZ1A
IP 142.250.74.131:0
Hash e5d9e8f08e122f9b3426bcc708728a57
f19e0c5128509524ed1ac078dc8e2bf42e719022
0aae21a33cb2f4c0e25010bc3ecdd206cbcaa9827598dac49a91adabd61a2a5e
POST /s/gts1d4/pzZNM49FZ1A HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d58aad9fee091378272e55efc283d678
43905efca654ca230b89a4a8e683620a629d43ed
e52f6ed6eecc3a2f340ef90e0c2014e9ecb086e37fc22c8312dd7a06d02cece1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3497
Cache-Control: max-age=94171
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:53 GMT
Etag: "638da273-1d7"
Expires: Wed, 07 Dec 2022 08:47:24 GMT
Last-Modified: Mon, 05 Dec 2022 07:49:07 GMT
Server: ECS (amb/6BBA)
X-Cache: HIT
Content-Length: 471
player.vimeo.com/video/776795863?h=005571152b&dnt=1&app_id=122963&playsinline=1&controls=0&autoplay=1&loop=1&byline=0&title=0&muted=1&api=1
162.159.128.61200 OK 5.9 kB URL HTTP/1.1 player.vimeo.com/video/776795863?h=005571152b&dnt=1&app_id=122963&playsinline=1&controls=0&autoplay=1&loop=1&byline=0&title=0&muted=1&api=1
IP 162.159.128.61:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18846), with no line terminators
Hash ad131a810102b354ee4ffa2eb9328a90
68b35a54bc160352b7f7728127eea6115648c382
0887cd846618b20d82009b9d8c3eef3b1147aa5fe85f339314fa9d7abf9e5d26
GET /video/776795863?h=005571152b&dnt=1&app_id=122963&playsinline=1&controls=0&autoplay=1&loop=1&byline=0&title=0&muted=1&api=1 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 06:37:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Tue, 06 Dec 2022 06:47:28 GMT
x-host: player-8c6fcccfc-gplm9
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 1
x-vserver: playproxy-rollout-prod-varnish-6
x-backend-proxy: playproxy7
x-bapp-server: player-8c6fcccfc-gplm9
Age: 0
X-Served-By: cache-bma1643-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1670308673.023745,VS0,VE129
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=pOGPuJ5ddekR7McYP3R5CcBRjggQNrBlr2HtMSWs1yA-1670308673-0-ASU087yWE3WuHOrbJOM/Gv9gIzu2vF0sMBbWYdrLBvnEif54+e0Foz1J6njnf2pAGwhpJPGNojVi5k0yGH+jJ90=; path=/; expires=Tue, 06-Dec-22 07:07:53 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 775303f658a81bfa-OSL
Content-Encoding: gzip
player.vimeo.com/video/507339496?h=94a7a1af4d&dnt=1&app_id=122963&playsinline=1&controls=0&autoplay=1&loop=1&byline=0&title=0&muted=1&api=1
162.159.128.61200 OK 6.3 kB URL HTTP/1.1 player.vimeo.com/video/507339496?h=94a7a1af4d&dnt=1&app_id=122963&playsinline=1&controls=0&autoplay=1&loop=1&byline=0&title=0&muted=1&api=1
IP 162.159.128.61:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (20808), with no line terminators
Hash 20a42d9e11158b9a5a1505240464879b
025a01383c39fd11bed5493a537036d7fc95bd2b
20a17a231486c512299b6ff5caffe7614c1c250786d0ac2fb9200f3903197b59
GET /video/507339496?h=94a7a1af4d&dnt=1&app_id=122963&playsinline=1&controls=0&autoplay=1&loop=1&byline=0&title=0&muted=1&api=1 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 06:37:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Tue, 06 Dec 2022 06:47:53 GMT
x-host: player-8c6fcccfc-x6vg2
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-varnish-3
x-backend-proxy: playproxy4
x-bapp-server: player-8c6fcccfc-x6vg2
Age: 0
X-Served-By: cache-bma1626-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1670308673.040428,VS0,VE250
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=HDpVSUnaNofT3zTtBuxvTpD4w5WTnq1KgUxj441tKjo-1670308673-0-AVDPGL0BqO7r2hZ7CuVupHA7fM8Bj0HjypttRibhvVa6IH8fg2rQAmKKZ9bPi5dr9lZQXOKn0a0bO1AD21wgbX8=; path=/; expires=Tue, 06-Dec-22 07:07:53 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 775303f669aab51d-OSL
Content-Encoding: gzip
f.vimeocdn.com/p/4.15.0/css/player.css
151.101.246.109200 OK 21 kB URL HTTP/2 f.vimeocdn.com/p/4.15.0/css/player.css
IP 151.101.246.109:0
File type ASCII text, with very long lines (65495)
Hash a3356aaf136d7161fd55f10f76552bd2
67d2d6a4c6ac5891fc613b2840c9b582fe8ca178
7b3fb287e463827aa07d1d10b45f48581caace0b0261cbbbf84ca7823fd7ec96
GET /p/4.15.0/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Dec 2022 06:37:53 GMT
age: 312346
x-served-by: cache-iad-kcgs7200087-IAD, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 33, 163490
x-timer: S1670308673.298574,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20766
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.15.0/js/player.module.js
151.101.246.109200 OK 117 kB URL HTTP/2 f.vimeocdn.com/p/4.15.0/js/player.module.js
IP 151.101.246.109:0
File type Unicode text, UTF-8 text, with very long lines (65445)
Size 117 kB (116677 bytes)
Hash 97e15950b5afa29600bd6ae9b2dab4ce
be1299de0da9ac8897f245bf84e35fd35cc34989
f956a3aa6edcf78176620eca3cedd8cb697d696ea170f5c840a48b1c5c5ed4e6
GET /p/4.15.0/js/player.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Dec 2022 06:37:53 GMT
age: 312346
x-served-by: cache-iad-kiad7000044-IAD, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 25, 121648
x-timer: S1670308673.375393,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 116677
X-Firefox-Spdy: h2
static.addtoany.com/menu/page.js
172.67.39.148200 OK 1.9 kB URL HTTP/2 static.addtoany.com/menu/page.js
IP 172.67.39.148:0
File type ASCII text, with very long lines (3076), with no line terminators
Hash f949bd6bf0a2758e0f9a97e42f919c9a
cfa9d82d49ce7282d833c82cf7446350b34e7251
5d6e45d813401f520311f471ee22e82ba86750c810600f63a03c08320046f809
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 06:37:52 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-bgj: minify
access-control-allow-origin: *
age: 167300
etag: W/"c04-5ee0ab04c6251"
last-modified: Tue, 22 Nov 2022 08:09:18 GMT
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775303f4dead0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.15.0/js/vendor.module.js
151.101.246.109200 OK 116 kB URL HTTP/2 f.vimeocdn.com/p/4.15.0/js/vendor.module.js
IP 151.101.246.109:0
File type ASCII text, with very long lines (318), with no line terminators
Size 116 kB (116117 bytes)
Hash ede816e824df1e700539dc7cf07b1916
67aeb726f806ca67b7318cdc759ea891d6cecf0e
66215ca7df9d1f8ce40338dbcd774106579b7d2325dbc3793e915e91d76c0a8d
GET /p/4.15.0/js/vendor.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Dec 2022 06:37:53 GMT
age: 312347
x-served-by: cache-iad-kjyo7100126-IAD, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 34, 158002
x-timer: S1670308674.535028,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 115907
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11762
Expires: Tue, 06 Dec 2022 09:53:55 GMT
Date: Tue, 06 Dec 2022 06:37:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11762
Expires: Tue, 06 Dec 2022 09:53:55 GMT
Date: Tue, 06 Dec 2022 06:37:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11762
Expires: Tue, 06 Dec 2022 09:53:55 GMT
Date: Tue, 06 Dec 2022 06:37:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73b9f329cd3a39d0756de62dd5f190b7
0f1c7567b89cc3de60196e47e37879296359bc78
e15711efe27a3d302a9869cf01d27fd65bd0beca9d03a19d93bbf11e28f3e1d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4827
x-amzn-requestid: 26ac5a48-3e41-4638-88d6-c94ba8b7a6c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csS3nFxPoAMFcpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64fd-28f8cb92130706e3652eb971;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:39:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YUk1Nt1XioDColWXDiEZsL8BmFpyWaV5tRbsbmAiR6A2psM_Gx3j_A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:49 GMT
age: 32164
etag: "0f1c7567b89cc3de60196e47e37879296359bc78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17c7b7e3a4e6f3ad9ccf7f42c400749c
76432db96e8280e24da56670fba8f8f80a95ab31
f67d401ebc225c2a9dac5b4f98dc969e22f927455c2537df353ac86f046cc4c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4905
x-amzn-requestid: c1a43d09-3653-422d-99a2-fe6469bc4bcc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzsG7BoAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e4-27f51f1e5f786838157d1ee5;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VkYlpfFF-t9c_vWc14oqmL9Z6o6lA1_TqgXk4VUtZmHTkZwuMT5C6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:06 GMT
age: 31847
etag: "76432db96e8280e24da56670fba8f8f80a95ab31"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tsL8hmcWaBeKYVG2b4g7ebl-sQ0Z5jZaexEfvldfzq9COcOdzqLhUA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:49 GMT
age: 31744
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 30505
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9fda84db003d0cfc70d73dcb6a3763dd
5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4
f00aa6b88dd85164d8f6ee685937a3ca8039b98b442a2e6aede1c4c421b4fc4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8997
x-amzn-requestid: 54d7ed8c-119c-4583-929c-fd053524814c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csT_8F78IAMFY6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66cc-3d9816725e7e0b1b3404bc4a;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:46:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ScASzeq_stezoHeSOmqluKJimg3R6YD6yd6guTD2d5Mjl8F_vQP0rg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:06 GMT
age: 31847
etag: "5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4193f05dfd1de8bf795f433d4387243
b76ea6ae9df756f131ec16b01cdc7ab19b2d01be
b56231f3c788519751528b849a442d5c7ed828ea4ce3321fd629ca27440ea6e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6920
x-amzn-requestid: 05ec2698-a5ee-4046-be77-0036755f2946
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwaEd-IAMF_-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64cf-783b236b79b1e9ba22098cb2;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:23 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RF_AmYN7VQghDpDX6kEyBEBZtvR8dfLpwuqk75bGpn8q2OMc46lVgA==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:31 GMT
age: 31762
etag: "b76ea6ae9df756f131ec16b01cdc7ab19b2d01be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-SR0MQ1KGBX>m=2oebu0&_p=945711050&cid=409309821.1670308670&ul=en-us&sr=1280x1024&_s=1&sid=1670308670&sct=1&seg=0&dl=https%3A%2F%2Fwww.woodsbagot.com%2F&dt=Woods%20Bagot&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-SR0MQ1KGBX>m=2oebu0&_p=945711050&cid=409309821.1670308670&ul=en-us&sr=1280x1024&_s=1&sid=1670308670&sct=1&seg=0&dl=https%3A%2F%2Fwww.woodsbagot.com%2F&dt=Woods%20Bagot&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-SR0MQ1KGBX>m=2oebu0&_p=945711050&cid=409309821.1670308670&ul=en-us&sr=1280x1024&_s=1&sid=1670308670&sct=1&seg=0&dl=https%3A%2F%2Fwww.woodsbagot.com%2F&dt=Woods%20Bagot&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Origin: https://www.woodsbagot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.woodsbagot.com
date: Tue, 06 Dec 2022 06:37:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.vimeocdn.com/video/1050051725-feac81f4a4209531e4afd496aa46cc56a09040c1a8c13c5473dd45c8a167305a-d?mw=1600&mh=900
151.101.246.109200 OK 138 kB URL HTTP/2 i.vimeocdn.com/video/1050051725-feac81f4a4209531e4afd496aa46cc56a09040c1a8c13c5473dd45c8a167305a-d?mw=1600&mh=900
IP 151.101.246.109:0
File type ISO Media, AVIF Image\012- data
Size 138 kB (137605 bytes)
Hash 0227c18f00b134e4a92fecfd4223690e
adb06d73e08f308051eb54acc0e519be32155021
4e57888ef073cf2f353cd607c60161f7aa3d0941a75ba1185cb35571a28b3724
GET /video/1050051725-feac81f4a4209531e4afd496aa46cc56a09040c1a8c13c5473dd45c8a167305a-d?mw=1600&mh=900 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 0227c18f00b134e4a92fecfd4223690e
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-8qcg
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Tue, 06 Dec 2022 06:37:53 GMT
age: 2157663
x-served-by: cache-dfw-kdfw8210076-DFW, cache-hel1410031-HEL
x-cache: miss, HIT, HIT
x-cache-hits: 30, 1
x-timer: S1670308674.828130,VS0,VE2
vary: Accept
content-length: 137605
X-Firefox-Spdy: h2
i.vimeocdn.com/video/1558694871-d9cf28312164cacbd16aeb34b2d22801b6423b5a8769a42c808fd210279ff17a-d?mw=1600&mh=900
151.101.246.109200 OK 65 kB URL HTTP/2 i.vimeocdn.com/video/1558694871-d9cf28312164cacbd16aeb34b2d22801b6423b5a8769a42c808fd210279ff17a-d?mw=1600&mh=900
IP 151.101.246.109:0
File type ISO Media, AVIF Image\012- data
Hash b19c9aca717e665f015fe07dfc9044a2
9770674373bcbfeae370aa9c9ee40000b3fca540
b6d7d8af1799505368babb3253999a469430892cbcf600c3018843b293887e01
GET /video/1558694871-d9cf28312164cacbd16aeb34b2d22801b6423b5a8769a42c808fd210279ff17a-d?mw=1600&mh=900 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: b19c9aca717e665f015fe07dfc9044a2
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-z359
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Tue, 06 Dec 2022 06:37:53 GMT
age: 457141
x-served-by: cache-dfw-kdfw8210099-DFW, cache-hel1410031-HEL
x-cache: miss, HIT, MISS
x-cache-hits: 52, 0
x-timer: S1670308674.694286,VS0,VE139
vary: Accept
content-length: 64586
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.15.0/js/sentry.module.js
151.101.246.109200 OK 16 kB URL HTTP/2 f.vimeocdn.com/p/4.15.0/js/sentry.module.js
IP 151.101.246.109:0
File type ASCII text, with very long lines (59742)
Hash 3d692fd9de246b46d79f35db17bd92d1
6959e282759fa1fee7603a10617a2ff85ac9e110
613858d2663a2b9b0dec7a14e833cc69443d05eaf92e66855a5073b9c4f7ca01
GET /p/4.15.0/js/sentry.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Dec 2022 06:37:53 GMT
age: 312345
x-served-by: cache-iad-kjyo7100101-IAD, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 29, 17885
x-timer: S1670308674.877473,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 16249
X-Firefox-Spdy: h2
woodsbagotcom.mpeasylink.com/mpel/mpel?href=https%3A%2F%2Fwww.woodsbagot.com%2F&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US
44.198.48.12200 OK 1.0 kB URL HTTP/2 woodsbagotcom.mpeasylink.com/mpel/mpel?href=https%3A%2F%2Fwww.woodsbagot.com%2F&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US
IP 44.198.48.12:0
File type ASCII text, with very long lines (1046), with no line terminators
Hash 80253fee2549b86d9ab306623c603895
e7002bb16b0808e1d939444d4779629ddb4440a6
fbfeaf6d1934e9c0ddf080795cd191f6f7f39547d0da172180963af1e461167a
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel?href=https%3A%2F%2Fwww.woodsbagot.com%2F&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US HTTP/1.1
Host: woodsbagotcom.mpeasylink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 06:37:53 GMT
content-type: text/javascript;charset=UTF-8
content-length: 1046
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa OUR IND COM NAV INT STA"
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
X-Firefox-Spdy: h2
148vod-adaptive.akamaized.net/exp=1670312573~acl=%2F3e99c177-18b0-4252-8eb2-cab6f40e2af3%2F%2A~hmac=a39ba58cbdbf5ec3de3cd3ca3fa61d6b9684571c4cc83bbe12e5ebaa5e12a31f/3e99c177-18b0-4252-8eb2-cab6f40e2af3/sep/video/8aa92762,3d53b536,faa808b9,da5a0f14,6117ec8b,2e46afc2,83d39c8e/audio/1ec7f220,d102a3e3,29e2841c/master.json?query_string_ranges=1&base64_init=1
23.36.76.144200 OK 5.3 kB URL HTTP/1.1 148vod-adaptive.akamaized.net/exp=1670312573~acl=%2F3e99c177-18b0-4252-8eb2-cab6f40e2af3%2F%2A~hmac=a39ba58cbdbf5ec3de3cd3ca3fa61d6b9684571c4cc83bbe12e5ebaa5e12a31f/3e99c177-18b0-4252-8eb2-cab6f40e2af3/sep/video/8aa92762,3d53b536,faa808b9,da5a0f14,6117ec8b,2e46afc2,83d39c8e/audio/1ec7f220,d102a3e3,29e2841c/master.json?query_string_ranges=1&base64_init=1
IP 23.36.76.144:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with very long lines (30060)
Hash 06e1513aea1238855829445ce6af1921
2d638c2f9efdcdf8858ffb3228d9a3ee83400f29
3b35561b638cdb290a391b99e382de64515879acd18e64e2627d47cf1a5f9cb2
GET /exp=1670312573~acl=%2F3e99c177-18b0-4252-8eb2-cab6f40e2af3%2F%2A~hmac=a39ba58cbdbf5ec3de3cd3ca3fa61d6b9684571c4cc83bbe12e5ebaa5e12a31f/3e99c177-18b0-4252-8eb2-cab6f40e2af3/sep/video/8aa92762,3d53b536,faa808b9,da5a0f14,6117ec8b,2e46afc2,83d39c8e/audio/1ec7f220,d102a3e3,29e2841c/master.json?query_string_ranges=1&base64_init=1 HTTP/1.1
Host: 148vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: application/json
ETag: W/"523048e7f5ca9550505f2d8ea6d587e7"
origin-retrieved-hour: 1670108400
Access-Control-Max-Age: 86400
timing-allow-origin: *
Content-Length: 5318
Aka-c-hit: cache-hit
Cache-Control: max-age=31336378
Date: Tue, 06 Dec 2022 06:37:54 GMT
Connection: keep-alive
Vary: Accept-Encoding
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
AK-REFERENCE-ID: 0.8c4c2417.1670308674.9b30a8c
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.144
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
56vod-adaptive.akamaized.net/exp=1670312573~acl=%2F2aea39d5-6229-40c0-95a0-478f43b925f7%2F%2A~hmac=711bfd74d267e80eb48304c810e325d20ba76f227a4a8290000c80c9b388562c/2aea39d5-6229-40c0-95a0-478f43b925f7/sep/video/c38a6824,37f91920,60eebd62,d2ce9a52,ac4bb5f9,14917f5d,708f4517/master.json?base64_init=1
23.36.76.98200 OK 2.1 kB URL HTTP/1.1 56vod-adaptive.akamaized.net/exp=1670312573~acl=%2F2aea39d5-6229-40c0-95a0-478f43b925f7%2F%2A~hmac=711bfd74d267e80eb48304c810e325d20ba76f227a4a8290000c80c9b388562c/2aea39d5-6229-40c0-95a0-478f43b925f7/sep/video/c38a6824,37f91920,60eebd62,d2ce9a52,ac4bb5f9,14917f5d,708f4517/master.json?base64_init=1
IP 23.36.76.98:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with very long lines (11813)
Hash 963fbc17da6cc7a625792fb230580588
0d5e41e82e8766c0a4dfd8413e34840913e57a6f
be77691d9445a9f4bd129a2e0844738f3a1eb9a15aeab5a3685c488d59bb7812
GET /exp=1670312573~acl=%2F2aea39d5-6229-40c0-95a0-478f43b925f7%2F%2A~hmac=711bfd74d267e80eb48304c810e325d20ba76f227a4a8290000c80c9b388562c/2aea39d5-6229-40c0-95a0-478f43b925f7/sep/video/c38a6824,37f91920,60eebd62,d2ce9a52,ac4bb5f9,14917f5d,708f4517/master.json?base64_init=1 HTTP/1.1
Host: 56vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
origin-retrieved-hour: 1658912400
Access-Control-Max-Age: 86400
timing-allow-origin: *
Content-Encoding: gzip
Content-Length: 2098
Aka-c-hit: cache-hit
Cache-Control: max-age=28732842
Date: Tue, 06 Dec 2022 06:37:54 GMT
Connection: keep-alive
Vary: Accept-Encoding
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
AK-REFERENCE-ID: 0.5e4c2417.1670308674.475cc28
X-VIM-CACHEBC: EP:H11,E:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.98
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
wpassets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/2020/09/24103539/qrcode_for_gh_70e0e921396d_860.jpg
3.5.164.11200 OK 49 kB URL HTTP/1.1 wpassets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/2020/09/24103539/qrcode_for_gh_70e0e921396d_860.jpg
IP 3.5.164.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 860x860, components 3\012- data
Hash 76d981958723ef1f17b31ce68e639e74
87c702d67768560d81c8293204737fadb4faafb3
ca8f0c9e11caaf710f89867df3538b9a566682ea60e6789030f88ad368a4b06a
GET /wp-content/uploads/2020/09/24103539/qrcode_for_gh_70e0e921396d_860.jpg HTTP/1.1
Host: wpassets.s3.ap-southeast-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 0cKz9SsXNaP/b48nukeH95GMcjydlTBtNXlx9xlOOZqwPNXvnXLOJyOO2dAIdLO8Bd2z/DRUElIbyVZTjqRSSA==
x-amz-request-id: VYGFPTMD4FMZ03CW
Date: Tue, 06 Dec 2022 06:37:54 GMT
Last-Modified: Thu, 24 Nov 2022 10:35:41 GMT
ETag: "76d981958723ef1f17b31ce68e639e74"
Cache-Control: max-age=31536000
x-amz-version-id: Bbz0b3KXdN9iL6dijXqnEzpj6ECtpD7V
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 49224
56vod-adaptive.akamaized.net/exp=1670312573~acl=%2F2aea39d5-6229-40c0-95a0-478f43b925f7%2F%2A~hmac=711bfd74d267e80eb48304c810e325d20ba76f227a4a8290000c80c9b388562c/2aea39d5-6229-40c0-95a0-478f43b925f7/sep/video/c38a6824/chop/segment-1.m4s?r=dXM%3D
23.36.76.98200 OK 228 kB URL HTTP/1.1 56vod-adaptive.akamaized.net/exp=1670312573~acl=%2F2aea39d5-6229-40c0-95a0-478f43b925f7%2F%2A~hmac=711bfd74d267e80eb48304c810e325d20ba76f227a4a8290000c80c9b388562c/2aea39d5-6229-40c0-95a0-478f43b925f7/sep/video/c38a6824/chop/segment-1.m4s?r=dXM%3D
IP 23.36.76.98:0
ASN #20940 Akamai International B.V.
Size 228 kB (228360 bytes)
Hash 878b9da50d95b2fb45fe0921071e1e8a
58ecbdd0bdd60e80ca15f96b5a95e4928c0dd5f3
e953ce86049bedd742f681ed88100bb17e334e157a7abfcf322d79fcd43685e8
GET /exp=1670312573~acl=%2F2aea39d5-6229-40c0-95a0-478f43b925f7%2F%2A~hmac=711bfd74d267e80eb48304c810e325d20ba76f227a4a8290000c80c9b388562c/2aea39d5-6229-40c0-95a0-478f43b925f7/sep/video/c38a6824/chop/segment-1.m4s?r=dXM%3D HTTP/1.1
Host: 56vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 228360
using-starlord: true
origin-retrieved-hour: 1656608400
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=29144861
Date: Tue, 06 Dec 2022 06:37:54 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.5e4c2417.1670308674.475cc29
X-VIM-CACHEBC: EP:H11,E:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.98
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
148vod-adaptive.akamaized.net/exp=1670312573~acl=%2F3e99c177-18b0-4252-8eb2-cab6f40e2af3%2F%2A~hmac=a39ba58cbdbf5ec3de3cd3ca3fa61d6b9684571c4cc83bbe12e5ebaa5e12a31f/3e99c177-18b0-4252-8eb2-cab6f40e2af3/parcel/audio/29e2841c.mp4?r=dXM%3D&range=922-144051
23.36.76.144200 OK 143 kB URL HTTP/1.1 148vod-adaptive.akamaized.net/exp=1670312573~acl=%2F3e99c177-18b0-4252-8eb2-cab6f40e2af3%2F%2A~hmac=a39ba58cbdbf5ec3de3cd3ca3fa61d6b9684571c4cc83bbe12e5ebaa5e12a31f/3e99c177-18b0-4252-8eb2-cab6f40e2af3/parcel/audio/29e2841c.mp4?r=dXM%3D&range=922-144051
IP 23.36.76.144:0
ASN #20940 Akamai International B.V.
Size 143 kB (143130 bytes)
Hash c2b7d9487c9a8938b351a52f3a95d08f
b6a1f8a1e4110a93862d1b1aa5178cedaf4507e8
ce48a0473a2c57a4398020e537c0d9f2ed5f23d9dc992750a385159641409c6c
GET /exp=1670312573~acl=%2F3e99c177-18b0-4252-8eb2-cab6f40e2af3%2F%2A~hmac=a39ba58cbdbf5ec3de3cd3ca3fa61d6b9684571c4cc83bbe12e5ebaa5e12a31f/3e99c177-18b0-4252-8eb2-cab6f40e2af3/parcel/audio/29e2841c.mp4?r=dXM%3D&range=922-144051 HTTP/1.1
Host: 148vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 143130
ETag: "-CP2E2d+D1/sCEAE="
Last-Modified: Wed, 30 Nov 2022 23:12:10 GMT
Server: parcel
origin-retrieved-hour: 1669849200
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31078819
Date: Tue, 06 Dec 2022 06:37:54 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.8c4c2417.1670308674.9b30a99
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.144
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:23.36.76.144~requestid:9b30a99~time:1670308674~ghostforwardip:23.62.3.65~edgecache:cache-miss~rtt:1~region:NO-; path=/; domain=.akamaized.net;
woodsbagotcom.mpeasylink.com/mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.woodsbagot.com%2F&siteurl=www.woodsbagot.com&lang=en&country=®ion=&sitelist=www.woodsbagot.com,woodsbagot.com,woodsbagotdev.wpengine.com,new.woodsbagot.com;www.woodsbagot.com.cn,zswoodsbagot.convertlanguage.com¤cy=&nonMP=false&mode=&uuid=920b4b41e228408ea62afe9931b3f2e8
44.198.48.12200 OK 8.8 MB URL HTTP/2 woodsbagotcom.mpeasylink.com/mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.woodsbagot.com%2F&siteurl=www.woodsbagot.com&lang=en&country=®ion=&sitelist=www.woodsbagot.com,woodsbagot.com,woodsbagotdev.wpengine.com,new.woodsbagot.com;www.woodsbagot.com.cn,zswoodsbagot.convertlanguage.com¤cy=&nonMP=false&mode=&uuid=920b4b41e228408ea62afe9931b3f2e8
IP 44.198.48.12:0
Size 8.8 MB (8766403 bytes)
Hash c9b5d87366f4d1872134e069c84fa2e7
ed39a9caddc5d5708a67fba02df65087a880e753
b6c631a6a7640802398ddf70df7736a1ce9e1208898a07c43463a33990501503
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.woodsbagot.com%2F&siteurl=www.woodsbagot.com&lang=en&country=®ion=&sitelist=www.woodsbagot.com,woodsbagot.com,woodsbagotdev.wpengine.com,new.woodsbagot.com;www.woodsbagot.com.cn,zswoodsbagot.convertlanguage.com¤cy=&nonMP=false&mode=&uuid=920b4b41e228408ea62afe9931b3f2e8 HTTP/1.1
Host: woodsbagotcom.mpeasylink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 06:37:54 GMT
content-type: text/html
accept-ranges: bytes
etag: W/"2759-1594310432000"
last-modified: Thu, 09 Jul 2020 16:00:32 GMT
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
148vod-adaptive.akamaized.net/exp=1670312573~acl=%2F3e99c177-18b0-4252-8eb2-cab6f40e2af3%2F%2A~hmac=a39ba58cbdbf5ec3de3cd3ca3fa61d6b9684571c4cc83bbe12e5ebaa5e12a31f/3e99c177-18b0-4252-8eb2-cab6f40e2af3/parcel/video/8aa92762.mp4?r=dXMtZWFzdDE%3D&range=1046-129802
23.36.76.144200 OK 129 kB URL HTTP/1.1 148vod-adaptive.akamaized.net/exp=1670312573~acl=%2F3e99c177-18b0-4252-8eb2-cab6f40e2af3%2F%2A~hmac=a39ba58cbdbf5ec3de3cd3ca3fa61d6b9684571c4cc83bbe12e5ebaa5e12a31f/3e99c177-18b0-4252-8eb2-cab6f40e2af3/parcel/video/8aa92762.mp4?r=dXMtZWFzdDE%3D&range=1046-129802
IP 23.36.76.144:0
ASN #20940 Akamai International B.V.
Size 129 kB (128757 bytes)
Hash 4fa10a26e80552bb3a29d1e76c683529
ce8a3c5a603db879626904b50da0b505f2807abc
b143a8b7debc2dcf4787d42981501750f959ec8d7c258b6308ee7d5f65599371
GET /exp=1670312573~acl=%2F3e99c177-18b0-4252-8eb2-cab6f40e2af3%2F%2A~hmac=a39ba58cbdbf5ec3de3cd3ca3fa61d6b9684571c4cc83bbe12e5ebaa5e12a31f/3e99c177-18b0-4252-8eb2-cab6f40e2af3/parcel/video/8aa92762.mp4?r=dXMtZWFzdDE%3D&range=1046-129802 HTTP/1.1
Host: 148vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 128757
ETag: "-CO+cpYiE1/sCEAE="
Last-Modified: Wed, 30 Nov 2022 23:13:36 GMT
Server: parcel
origin-retrieved-hour: 1669849200
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31077919
Date: Tue, 06 Dec 2022 06:37:54 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.8c4c2417.1670308674.9b30aa3
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.144
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:23.36.76.144~requestid:9b30aa3~time:1670308674~ghostforwardip:23.62.3.65~edgecache:cache-miss~rtt:1~region:NO-; path=/; domain=.akamaized.net;
wpassets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/2018/07/24063719/3_30_1190_80_Collins_N252_screen4k-1536x1152.jpg
3.5.164.11200 OK 442 kB URL HTTP/1.1 wpassets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/2018/07/24063719/3_30_1190_80_Collins_N252_screen4k-1536x1152.jpg
IP 3.5.164.11:0
Size 442 kB (442024 bytes)
Hash 86f2e9d872b4c034741b09f739376179
0c2ce5de0a48d5d043edeb47902feb245c24c93f
49b96cf8cf6a8512836306b9dcb77b3d89706d0b3f701e318fc423c7bdc7dc3c
GET /wp-content/uploads/2018/07/24063719/3_30_1190_80_Collins_N252_screen4k-1536x1152.jpg HTTP/1.1
Host: wpassets.s3.ap-southeast-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: rUfZsB/tMCynsVch5LlRCkRDKNFVHjUa1yXp8U3xffJPJ5a6zC+PHD1GBSf+0gpeUqdntrgcNd8LaIG1sA2P4A==
x-amz-request-id: E3EPCQ8J3K6KKK8V
Date: Tue, 06 Dec 2022 06:37:55 GMT
Last-Modified: Thu, 24 Nov 2022 06:37:25 GMT
ETag: "c50a84061b2881b0412fdd7f87517d98"
Cache-Control: max-age=31536000
x-amz-version-id: tfJPKIeY8MlJVZIz5fTWzPpZBsFv_C2l
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 409335
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cca46e20609909b7f92d2b2bc6c2fe65
f9c512b98108746f30ad7ff618bd2b93c863dac7
b60746036654c0602c3c727fe63ea25a7c35e3feda06cbb32d396edd48d1bd08
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4663
Cache-Control: max-age=154363
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:55 GMT
Etag: "638e8907-1d7"
Expires: Thu, 08 Dec 2022 01:30:38 GMT
Last-Modified: Tue, 06 Dec 2022 00:12:55 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
56vod-adaptive.akamaized.net/exp=1670312573~acl=%2F2aea39d5-6229-40c0-95a0-478f43b925f7%2F%2A~hmac=711bfd74d267e80eb48304c810e325d20ba76f227a4a8290000c80c9b388562c/2aea39d5-6229-40c0-95a0-478f43b925f7/sep/video/14917f5d/chop/segment-2.m4s?r=dXM%3D
23.36.76.98200 OK 8.5 MB URL HTTP/1.1 56vod-adaptive.akamaized.net/exp=1670312573~acl=%2F2aea39d5-6229-40c0-95a0-478f43b925f7%2F%2A~hmac=711bfd74d267e80eb48304c810e325d20ba76f227a4a8290000c80c9b388562c/2aea39d5-6229-40c0-95a0-478f43b925f7/sep/video/14917f5d/chop/segment-2.m4s?r=dXM%3D
IP 23.36.76.98:0
ASN #20940 Akamai International B.V.
Size 8.5 MB (8528032 bytes)
Hash 5a1a0332e79c68d56a96e3eae3954c9c
352f54c6e8264c8c1e22d32cccc7d6d15acc7067
b12edec896b2a6774dd464749997546283bbd8617a8650d8ea88b6c1a598f37b
GET /exp=1670312573~acl=%2F2aea39d5-6229-40c0-95a0-478f43b925f7%2F%2A~hmac=711bfd74d267e80eb48304c810e325d20ba76f227a4a8290000c80c9b388562c/2aea39d5-6229-40c0-95a0-478f43b925f7/sep/video/14917f5d/chop/segment-2.m4s?r=dXM%3D HTTP/1.1
Host: 56vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 8528032
using-starlord: true
origin-retrieved-hour: 1656597600
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=30422742
Date: Tue, 06 Dec 2022 06:37:55 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.5e4c2417.1670308675.475cc33
X-VIM-CACHEBC: EP:H11,E:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.98
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
wpassets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/2022/11/01065529/ezgif.com-gif-maker-4-1.gif
3.5.164.11200 OK 123 kB URL HTTP/1.1 wpassets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/2022/11/01065529/ezgif.com-gif-maker-4-1.gif
IP 3.5.164.11:0
Size 123 kB (123192 bytes)
Hash 1c5b85144d171f5a9e9ff088641da7be
0c9427a731cee48926d1206c5401956f5a473f72
0305ddebc2a09fac1d66b1150bed9674e7b604451001f2db2c43be0b1f402dd8
GET /wp-content/uploads/2022/11/01065529/ezgif.com-gif-maker-4-1.gif HTTP/1.1
Host: wpassets.s3.ap-southeast-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: zePe6MaP1hTiFZaYkZ7Npf/gDxCiO3lrba9m6Tj8ZxTsCStY7q4UvHzqVUmcxmLG2rUwHDL/IhMyV+eLKjGWhA==
x-amz-request-id: E3EZBW5Y87HB0KKE
Date: Tue, 06 Dec 2022 06:37:55 GMT
Last-Modified: Thu, 01 Dec 2022 06:55:32 GMT
ETag: "1c7159a9cad060fbcb7a83884720f1a4"
Cache-Control: max-age=31536000
x-amz-version-id: uMuEaMy_fermcIm0HYb6VOLeWDNLYfTa
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 122511
148vod-adaptive.akamaized.net/exp=1670312573~acl=%2F3e99c177-18b0-4252-8eb2-cab6f40e2af3%2F%2A~hmac=a39ba58cbdbf5ec3de3cd3ca3fa61d6b9684571c4cc83bbe12e5ebaa5e12a31f/3e99c177-18b0-4252-8eb2-cab6f40e2af3/parcel/video/83d39c8e.mp4?r=dXMtZWFzdDE%3D&range=1043-867639
23.36.76.144200 OK 867 kB URL HTTP/1.1 148vod-adaptive.akamaized.net/exp=1670312573~acl=%2F3e99c177-18b0-4252-8eb2-cab6f40e2af3%2F%2A~hmac=a39ba58cbdbf5ec3de3cd3ca3fa61d6b9684571c4cc83bbe12e5ebaa5e12a31f/3e99c177-18b0-4252-8eb2-cab6f40e2af3/parcel/video/83d39c8e.mp4?r=dXMtZWFzdDE%3D&range=1043-867639
IP 23.36.76.144:0
ASN #20940 Akamai International B.V.
Size 867 kB (866597 bytes)
Hash da2aaafb655ad14dc60746d8bc5e85c5
535358e107f702d7f4ea497015e3978b22dd9949
5bf1c9aff3e5c3a0ac968f997466d5a991830053824a3e10a03afb6ac171c1c4
GET /exp=1670312573~acl=%2F3e99c177-18b0-4252-8eb2-cab6f40e2af3%2F%2A~hmac=a39ba58cbdbf5ec3de3cd3ca3fa61d6b9684571c4cc83bbe12e5ebaa5e12a31f/3e99c177-18b0-4252-8eb2-cab6f40e2af3/parcel/video/83d39c8e.mp4?r=dXMtZWFzdDE%3D&range=1043-867639 HTTP/1.1
Host: 148vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 866597
ETag: "-CKDd5oyE1/sCEAE="
Last-Modified: Wed, 30 Nov 2022 23:13:45 GMT
Server: parcel
origin-retrieved-hour: 1669849200
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31079390
Date: Tue, 06 Dec 2022 06:37:55 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.8c4c2417.1670308675.9b30ab0
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,PE:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.144
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:23.36.76.144~requestid:9b30ab0~time:1670308675~ghostforwardip:23.62.3.65~edgecache:cache-miss~rtt:1~region:NO-; path=/; domain=.akamaized.net;
wpassets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/2020/08/24111900/COLLINS-BACKGROUND-1536x858.jpg
3.5.164.11200 OK 284 kB URL HTTP/1.1 wpassets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/2020/08/24111900/COLLINS-BACKGROUND-1536x858.jpg
IP 3.5.164.11:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=2116, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=3790], baseline, precision 8, 1536x858, components 3\012- data
Size 284 kB (284527 bytes)
Hash 0be2be2d372aa4ec372b3c039304392e
cabeef8ec605b5e4e7b68c5b3d11896a18c7e734
a171b9856832f107e38e02190d27af224be23e8230e6a705a9d86d9c075896ce
GET /wp-content/uploads/2020/08/24111900/COLLINS-BACKGROUND-1536x858.jpg HTTP/1.1
Host: wpassets.s3.ap-southeast-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 0sUVJNYnhEXQmTojmL8TNSZRSHCVv5+KHFtnr7SpAjNXnslf1SPkn5O2TNxkHQ46mnL7D9yiHYNhCOZxNAfBHQ==
x-amz-request-id: E3EX62Y662XPMST6
Date: Tue, 06 Dec 2022 06:37:55 GMT
Last-Modified: Thu, 24 Nov 2022 11:19:11 GMT
ETag: "0be2be2d372aa4ec372b3c039304392e"
Cache-Control: max-age=31536000
x-amz-version-id: 16JC0rwMXEYXMv8TO3nqALRA_b08O8.t
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 284527
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4626
Cache-Control: max-age=118687
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:56 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 15:36:03 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 06 Dec 2022 04:41:08 GMT
expires: Tue, 06 Dec 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 7008
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
56vod-adaptive.akamaized.net/exp=1670312573~acl=%2F2aea39d5-6229-40c0-95a0-478f43b925f7%2F%2A~hmac=711bfd74d267e80eb48304c810e325d20ba76f227a4a8290000c80c9b388562c/2aea39d5-6229-40c0-95a0-478f43b925f7/sep/video/14917f5d/chop/segment-3.m4s?r=dXM%3D
23.36.76.98200 OK 8.2 MB URL HTTP/1.1 56vod-adaptive.akamaized.net/exp=1670312573~acl=%2F2aea39d5-6229-40c0-95a0-478f43b925f7%2F%2A~hmac=711bfd74d267e80eb48304c810e325d20ba76f227a4a8290000c80c9b388562c/2aea39d5-6229-40c0-95a0-478f43b925f7/sep/video/14917f5d/chop/segment-3.m4s?r=dXM%3D
IP 23.36.76.98:0
ASN #20940 Akamai International B.V.
Size 8.2 MB (8197361 bytes)
Hash 866d7cd056ff60fa427d897f8ed4a7a7
48284716ef1d35a7beee7a6f25a1d2e3aefb479d
d1df95609bdd2211fbcaab90825eb0d8fb6def3f10acde2f4c239321bdd00d1d
GET /exp=1670312573~acl=%2F2aea39d5-6229-40c0-95a0-478f43b925f7%2F%2A~hmac=711bfd74d267e80eb48304c810e325d20ba76f227a4a8290000c80c9b388562c/2aea39d5-6229-40c0-95a0-478f43b925f7/sep/video/14917f5d/chop/segment-3.m4s?r=dXM%3D HTTP/1.1
Host: 56vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 8197361
using-starlord: true
origin-retrieved-hour: 1656597600
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=29696597
Date: Tue, 06 Dec 2022 06:37:56 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.5e4c2417.1670308676.475cc6b
X-VIM-CACHEBC: EP:H11,E:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.98
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
analytics.convertlanguage.com/el3.gif?ea=none&er=def&d_lang=&d_country=&d_curr=&hn=www.woodsbagot.com&i_lang=en&i_country=&i_curr=&s_bl=en&s_ref=&s_rl=&s_ll=no&s_geo=no&s_nl=en-US&c_lang=&alg_sig=00000&uuid=920b4b41e228408ea62afe9931b3f2e8&ua=na&et=1&f_lang=&f_country=&f_curr=&hist=&tpl=e_T1L1_v3.4.1.0.2&url=https%3A%2F%2Fwww.woodsbagot.com%2F&
3.131.8.238200 OK 35 B URL HTTP/2 analytics.convertlanguage.com/el3.gif?ea=none&er=def&d_lang=&d_country=&d_curr=&hn=www.woodsbagot.com&i_lang=en&i_country=&i_curr=&s_bl=en&s_ref=&s_rl=&s_ll=no&s_geo=no&s_nl=en-US&c_lang=&alg_sig=00000&uuid=920b4b41e228408ea62afe9931b3f2e8&ua=na&et=1&f_lang=&f_country=&f_curr=&hist=&tpl=e_T1L1_v3.4.1.0.2&url=https%3A%2F%2Fwww.woodsbagot.com%2F&
IP 3.131.8.238:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /el3.gif?ea=none&er=def&d_lang=&d_country=&d_curr=&hn=www.woodsbagot.com&i_lang=en&i_country=&i_curr=&s_bl=en&s_ref=&s_rl=&s_ll=no&s_geo=no&s_nl=en-US&c_lang=&alg_sig=00000&uuid=920b4b41e228408ea62afe9931b3f2e8&ua=na&et=1&f_lang=&f_country=&f_curr=&hist=&tpl=e_T1L1_v3.4.1.0.2&url=https%3A%2F%2Fwww.woodsbagot.com%2F& HTTP/1.1
Host: analytics.convertlanguage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 06:37:56 GMT
content-type: image/gif
content-length: 35
server: Apache
last-modified: Tue, 14 May 2019 17:36:29 GMT
etag: "23-588dc79153f13"
accept-ranges: bytes
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: AY/sTYIv4H69CFlhxCGFrufKxAJKdacpY2rkkeREznlfFwevR5Wfpyj0noQfY+t4AYIdow6WBgakS/YL4Ef9lA==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 06:37:56 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=945711050&t=pageview&_s=1&dl=https%3A%2F%2Fwww.woodsbagot.com%2F&ul=en-us&de=UTF-8&dt=Woods%20Bagot&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=54285262&gjid=23424901&cid=409309821.1670308670&tid=UA-64818128-2&_gid=1798877472.1670308673&_r=1>m=2oubu0&z=1495974900
142.250.74.110200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=945711050&t=pageview&_s=1&dl=https%3A%2F%2Fwww.woodsbagot.com%2F&ul=en-us&de=UTF-8&dt=Woods%20Bagot&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=54285262&gjid=23424901&cid=409309821.1670308670&tid=UA-64818128-2&_gid=1798877472.1670308673&_r=1>m=2oubu0&z=1495974900
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j98&a=945711050&t=pageview&_s=1&dl=https%3A%2F%2Fwww.woodsbagot.com%2F&ul=en-us&de=UTF-8&dt=Woods%20Bagot&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=54285262&gjid=23424901&cid=409309821.1670308670&tid=UA-64818128-2&_gid=1798877472.1670308673&_r=1>m=2oubu0&z=1495974900 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.woodsbagot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.woodsbagot.com
date: Tue, 06 Dec 2022 06:37:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-64818128-2&cid=409309821.1670308670&jid=54285262&gjid=23424901&_gid=1798877472.1670308673&_u=YADAAUAAAAAAACAAI~&z=658666471
108.177.14.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-64818128-2&cid=409309821.1670308670&jid=54285262&gjid=23424901&_gid=1798877472.1670308673&_u=YADAAUAAAAAAACAAI~&z=658666471
IP 108.177.14.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-64818128-2&cid=409309821.1670308670&jid=54285262&gjid=23424901&_gid=1798877472.1670308673&_u=YADAAUAAAAAAACAAI~&z=658666471 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.woodsbagot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.woodsbagot.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Dec 2022 06:37:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5006b8e985c5838b7fd2f2b558a65bc4
183ff15e0faedf346305fd6fe1c70c9c7a1eef4a
fcbfec9f5fd0e10d44778c1df64d8612281cd39881cdfd0aa8ca30d13655655a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-64818128-2&cid=409309821.1670308670&jid=54285262&_u=YADAAUAAAAAAACAAI~&z=1674614077
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-64818128-2&cid=409309821.1670308670&jid=54285262&_u=YADAAUAAAAAAACAAI~&z=1674614077
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-64818128-2&cid=409309821.1670308670&jid=54285262&_u=YADAAUAAAAAAACAAI~&z=1674614077 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 06:37:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-64818128-2&cid=409309821.1670308670&jid=54285262&_u=YADAAUAAAAAAACAAI~&z=1674614077
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-64818128-2&cid=409309821.1670308670&jid=54285262&_u=YADAAUAAAAAAACAAI~&z=1674614077
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-64818128-2&cid=409309821.1670308670&jid=54285262&_u=YADAAUAAAAAAACAAI~&z=1674614077 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 06:37:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=445842016725096&ev=PageView&dl=https%3A%2F%2Fwww.woodsbagot.com%2F&rl=&if=false&ts=1670308674133&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670308674132.73897203&it=1670308673920&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=445842016725096&ev=PageView&dl=https%3A%2F%2Fwww.woodsbagot.com%2F&rl=&if=false&ts=1670308674133&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670308674132.73897203&it=1670308673920&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=445842016725096&ev=PageView&dl=https%3A%2F%2Fwww.woodsbagot.com%2F&rl=&if=false&ts=1670308674133&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670308674132.73897203&it=1670308673920&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 06 Dec 2022 06:37:57 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/lQKFsJu7pj0
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/lQKFsJu7pj0
IP 142.250.74.131:0
Hash 717ade608ed32eccdb61da458520ad06
31186c41ba6d0825e0988944fa8c948c88c6eaa3
33565716d5c8c5d9d7d703d57cd8e067b08b2dd33bcc8685a180a67dd4924592
POST /s/gts1d4/lQKFsJu7pj0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/ei-WjvkJ4Js
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/ei-WjvkJ4Js
IP 142.250.74.131:0
Hash 2ae4cbbb9934c6dd1710457797a4d0be
aa4aa36183e33a4a4ce14b84b4a6308c077c7beb
99b9ba2ded49155aa5d8df22b7eeb5d518dc61249150128073f672a46ce4ee73
POST /s/gts1d4/ei-WjvkJ4Js HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
heatmaps.monsido.com/v1/heatmaps.js
34.98.91.45200 OK 89 kB URL HTTP/2 heatmaps.monsido.com/v1/heatmaps.js
IP 34.98.91.45:0
File type ASCII text, with very long lines (64471)
Hash 684c59b5830c72de15a426101c790d79
c6ce77a15ea8c68718f666f937b6783504b6e412
00fb0488b990353fe47ddd92d60658cf47d6974a0a7dedd8593c4d9238ce9a9c
GET /v1/heatmaps.js HTTP/1.1
Host: heatmaps.monsido.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsqJCDkqX5KfJLAevFDIj9ArPP7Y1q9kjRIuiqJDByKZqDP5DBlx9y9nFbm8LCReMBUtoUehFpgHccf8upNbPRNMw
x-goog-generation: 1634205562543833
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 2790
content-encoding: gzip
x-goog-hash: crc32c=68LgNw==, md5=LPf+RvRRsuuw/+oZwq6K1g==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2790
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
date: Tue, 06 Dec 2022 06:33:58 GMT
expires: Tue, 06 Dec 2022 06:38:58 GMT
cache-control: public, max-age=300
age: 239
last-modified: Thu, 14 Oct 2021 09:59:22 GMT
etag: "2cf7fe46f451b2ebb0ffea19c2ae8ad6"
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tracking.monsido.com/?a=OA6DlJ56Q760VHaFLnIkJA&b=https%3A%2F%2Fwww.woodsbagot.com%2F&c=6E11670308674334&d=1280x1024&f=A751670308674335&h=2
35.190.93.146200 OK 43 B URL HTTP/2 tracking.monsido.com/?a=OA6DlJ56Q760VHaFLnIkJA&b=https%3A%2F%2Fwww.woodsbagot.com%2F&c=6E11670308674334&d=1280x1024&f=A751670308674335&h=2
IP 35.190.93.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /?a=OA6DlJ56Q760VHaFLnIkJA&b=https%3A%2F%2Fwww.woodsbagot.com%2F&c=6E11670308674334&d=1280x1024&f=A751670308674335&h=2 HTTP/1.1
Host: tracking.monsido.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private, no-store, max-age=0
content-type: image/gif
expires: 2022-12-06T06:37:57Z
date: Tue, 06 Dec 2022 06:37:57 GMT
content-length: 43
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/lQKFsJu7pj0
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/lQKFsJu7pj0
IP 142.250.74.131:0
Hash 717ade608ed32eccdb61da458520ad06
31186c41ba6d0825e0988944fa8c948c88c6eaa3
33565716d5c8c5d9d7d703d57cd8e067b08b2dd33bcc8685a180a67dd4924592
POST /s/gts1d4/lQKFsJu7pj0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/ei-WjvkJ4Js
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/ei-WjvkJ4Js
IP 142.250.74.131:0
Hash 2ae4cbbb9934c6dd1710457797a4d0be
aa4aa36183e33a4a4ce14b84b4a6308c077c7beb
99b9ba2ded49155aa5d8df22b7eeb5d518dc61249150128073f672a46ce4ee73
POST /s/gts1d4/ei-WjvkJ4Js HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 06:37:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
heatmaps.monsido.com/v1/settings/OA6DlJ56Q760VHaFLnIkJA.json
34.98.91.45200 OK 142 B URL HTTP/2 heatmaps.monsido.com/v1/settings/OA6DlJ56Q760VHaFLnIkJA.json
IP 34.98.91.45:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 35ef6b1ed292542e7ece08e3c2064383
b79aeeccc6394f4ac2581e49ce36be050f6f738f
a55127826a4c14ffb8a20ab1ca899737dd02f65c2a8c3c566f50a88a23437f13
GET /v1/settings/OA6DlJ56Q760VHaFLnIkJA.json HTTP/1.1
Host: heatmaps.monsido.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Origin: https://www.woodsbagot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsEcQoW08AfcoSI1zNZ__by8BD2ZWxsPUc9NUWtETm2iqqmQC1w7gEobgeqqHhGfbvx4f39etsLbugh6ApO3fPqJA
x-goog-generation: 1644878829958334
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 142
x-goog-hash: crc32c=d8Ml1Q==, md5=Ne9rHtKSVC5+zgjjwgZDgw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 142
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Tue, 06 Dec 2022 06:37:57 GMT
expires: Tue, 06 Dec 2022 06:42:57 GMT
cache-control: public, max-age=300
last-modified: Mon, 14 Feb 2022 22:47:10 GMT
etag: "35ef6b1ed292542e7ece08e3c2064383"
content-type: application/json
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.woodsbagot.com/
141.193.213.11200 OK 0 B IP 141.193.213.11:0
ASN #209242 Cloudflare London, LLC
GET / HTTP/1.1
Host: www.woodsbagot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 06 Dec 2022 06:37:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
content-security-policy: report-uri https://woodsbagot.com
x-xss-protection: 1
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: default-src 'self'; img-src *; media-src * data:;
x-content-type-options: nosniff
referrer-policy: origin
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin-allow-popups; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(self), autoplay=(self), camera=(self), fullscreen=(self), geolocation=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self)
feature-policy: display-capture 'self'
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=63072000; includeSubDomains; preload
link: <https://www.woodsbagot.com/wp-json/>; rel="https://api.w.org/"
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 16
x-cache-group: normal
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvJeIT%2BIpVIEjmdjZBKRhU1Nc4uozJWcr59CkOzllRkNP7hFuSXVIJFjNuicn5PQ9rnphC9Y2iGIOnkNYjsbUBg0VfDWuQ%2FPvatJjcWKGakQncsG8vlNituxN2EyaU0hscq2AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775303efff22b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
woodsbagotcom.mpeasylink.com/mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.woodsbagot.com%2F
44.198.48.12200 OK 0 B URL HTTP/2 woodsbagotcom.mpeasylink.com/mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.woodsbagot.com%2F
IP 44.198.48.12:0
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.woodsbagot.com%2F HTTP/1.1
Host: woodsbagotcom.mpeasylink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 06:37:53 GMT
content-type: text/html
accept-ranges: bytes
etag: W/"2759-1594310432000"
last-modified: Thu, 09 Jul 2020 16:00:32 GMT
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
woodsbagotcom.mpeasylink.com/mpel/mpel_ssd.js
44.198.48.12200 OK 0 B URL HTTP/2 woodsbagotcom.mpeasylink.com/mpel/mpel_ssd.js
IP 44.198.48.12:0
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_ssd.js HTTP/1.1
Host: woodsbagotcom.mpeasylink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 06:37:54 GMT
content-type: application/javascript
accept-ranges: bytes
etag: W/"3207-1594310432000"
last-modified: Thu, 09 Jul 2020 16:00:32 GMT
cache-control: max-age=86400
expires: Wed, 07 Dec 2022 06:37:54 GMT
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
woodsbagotcom.mpeasylink.com/mpel/mpel.js
44.198.48.12200 OK 0 B URL HTTP/2 woodsbagotcom.mpeasylink.com/mpel/mpel.js
IP 44.198.48.12:0
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel.js HTTP/1.1
Host: woodsbagotcom.mpeasylink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.woodsbagot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 06:37:53 GMT
content-type: application/javascript
accept-ranges: bytes
etag: W/"4957-1594310432000"
last-modified: Thu, 09 Jul 2020 16:00:32 GMT
cache-control: max-age=86400
expires: Wed, 07 Dec 2022 06:37:53 GMT
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2