firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 19:04:06 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: x1V-AYlgl71vFehEJ_nYrF7j-G7S8X0tsUyxixHPBDzNfnRbOiUung==
Age: 2619
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6029
Expires: Thu, 22 Sep 2022 21:28:15 GMT
Date: Thu, 22 Sep 2022 19:47:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ym4zTga72YylXYrphYmPIeoN4wjOFGiknTJsZcJrri1tzBEwDE8bXg==
age: 54752
X-Firefox-Spdy: h2
businessfox.co.uk/how-to-recover-money-from-loan-scam/
192.9.240.77301 Moved Permanently 0 B URL HTTP/1.1 businessfox.co.uk/how-to-recover-money-from-loan-scam/
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /how-to-recover-money-from-loan-scam/ HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
date: Thu, 22 Sep 2022 19:47:46 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-litespeed-tag: f2f_HTTP.200,f2f_HTTP.301
x-redirect-by: WordPress
location: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
content-length: 0
content-type: text/html; charset=UTF-8
x-url: /how-to-recover-money-from-loan-scam/
x-host: businessfox.co.uk
x-powered-by: PHP/7.4.30
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 19:47:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 22 Sep 2022 19:03:22 GMT
Expires: Thu, 22 Sep 2022 19:15:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SovmcGXFF69juxvRUDsV4hEVavuyeL-B0bi17wPtWdzaKD3r0dSXXw==
Age: 2664
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a7262d796b03d6c0045875639536a241
d856f7f26412d4c0d0fcf92dc94c75385862d07b
be4f4132d8b4202b49b0103021b606eb5ae64075c822d9721f277b6d938ba7bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE4F4132D8B4202B49B0103021B606EB5AE64075C822D9721F277B6D938BA7BC"
Last-Modified: Wed, 21 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21583
Expires: Fri, 23 Sep 2022 01:47:29 GMT
Date: Thu, 22 Sep 2022 19:47:46 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4191
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:46 GMT
Last-Modified: Thu, 22 Sep 2022 18:37:55 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.215.91.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.91.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wFUbDDMIQc2Cp1SiW+SCwA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: l1H/NdV+QdTRvtc2wh/JO+Xh+6g=
businessfox.co.uk/how-to-recover-money-from-loan-scam/
192.9.240.77200 OK 23 kB URL HTTP/1.1 businessfox.co.uk/how-to-recover-money-from-loan-scam/
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (10967), with CRLF, LF line terminators
Hash 4e84d621e9f76ca5a9448353f2ddc9d3
56f6b9f78c161447e19d00f52cf5375d944382d4
607d9ecedcc29937ed77f07240f809593d7c37331a501730a9e9e0cad3ed27d7
GET /how-to-recover-money-from-loan-scam/ HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:46 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-litespeed-tag: f2f_HTTP.200
link: <https://businessfox.co.uk/wp-json/>; rel="https://api.w.org/", <https://businessfox.co.uk/wp-json/wp/v2/posts/1542>; rel="alternate"; type="application/json", <https://businessfox.co.uk/?p=1542>; rel=shortlink
content-type: text/html; charset=UTF-8
x-url: /how-to-recover-money-from-loan-scam/
x-host: businessfox.co.uk
accept-ranges: bytes
transfer-encoding: chunked
x-powered-by: PHP/7.4.30
content-encoding: gzip
vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
businessfox.co.uk/wp-includes/css/dist/block-library/style.min.css
192.9.240.77200 OK 15 kB URL HTTP/1.1 businessfox.co.uk/wp-includes/css/dist/block-library/style.min.css
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (43771)
Hash 03d18babded3cdf7fdacc35cb27a5306
0d74af928ed42928b8f1b055922cd45eb702c41c
b0b858b1c3ef20e6c44c4f66c8656633859612f3e90ab472e856ad49ac2c63ab
GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:47 GMT
last-modified: Wed, 13 Jul 2022 06:25:24 GMT
etag: W/"15b64-5e3a9d9a9ceff"
accept-ranges: bytes
content-type: text/css
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
www.bankrate.com/2019/05/12143758/9-ways-to-spot-personal-loan-scams.jpg?auto=webp&optimize=high&crop=16:9
151.101.85.132200 OK 31 kB URL HTTP/2 www.bankrate.com/2019/05/12143758/9-ways-to-spot-personal-loan-scams.jpg?auto=webp&optimize=high&crop=16:9
IP 151.101.85.132:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 73283725baf2cc36731de944f7ba2fda
ea6fdb8610e84a140acc25292071ac57c7090923
be0daa3ab87d5c95c59e2e1dd06d089686f659502508cc106dfb1629ff9aab3a
GET /2019/05/12143758/9-ways-to-spot-personal-loan-scams.jpg?auto=webp&optimize=high&crop=16:9 HTTP/1.1
Host: www.bankrate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/webp
etag: "RlFNexiR9d+QWf795ndDpEibIAP2Rzb06ntBB+cU0x4"
expires: Wed, 12 May 2021 18:37:58 GMT
fastly-io-info: ifsz=597618 idim=1280x720 ifmt=jpeg ofsz=31338 odim=1280x720 ofmt=webp
fastly-stats: io=1
server: AmazonS3
x-amz-id-2: uT374mTDSQd/cKMSv5gqBtOIje3mw/AyHffX9Lv7pBXOMlYX1/pY3fDlSHFmdMcHMp6s5FcVCiM=
x-amz-request-id: 82GA6CQNQS5D9H00
via: 1.1 varnish, 1.1 varnish
access-control-allow-credentials: True
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-Anonymous-ID
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
accept-ranges: bytes
date: Thu, 22 Sep 2022 19:47:47 GMT
age: 826641
x-served-by: cache-iad-kcgs7200049-IAD, cache-bma1670-BMA
x-cache: HIT, MISS
x-cache-hits: 667, 0
vary: Accept
strict-transport-security: max-age=300
content-length: 31338
X-Firefox-Spdy: h2
businessfox.co.uk/wp-content/themes/lifestyle-magazine-lite/style.css
192.9.240.77200 OK 782 B URL HTTP/1.1 businessfox.co.uk/wp-content/themes/lifestyle-magazine-lite/style.css
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (351)
Hash ec2ddcc70b5a01a220b85c88310310ed
7e08d33ed30832adc7c40735cb57951f009501c7
9b95bfc3b7fdfb9531e11cf53bf0f63ccb248caf3d3fafee0213934a9f8af99d
GET /wp-content/themes/lifestyle-magazine-lite/style.css HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:47 GMT
last-modified: Fri, 22 Jan 2021 11:43:02 GMT
etag: W/"58f-5b97bb0d6288d"
accept-ranges: bytes
content-type: text/css
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 04fcf7ddca845d2b087ec43ab5ff0d59
39060a9af77ba92e5db529ba7c79013d205c9423
1ae0d60b572f2075bddfe8ae2034ddd093150d0d18c72d967b3bb8c4abffb23e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/css/fontawesome/font-awesome.min.css
192.9.240.77200 OK 7.9 kB URL HTTP/1.1 businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/css/fontawesome/font-awesome.min.css
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (30837), with CRLF line terminators
Hash 2b41128d0224161aa2b68917b7ac9cca
89974dc8618f618da0bbdc71ee13ee32ba4f365e
0fa4fbd34335aa8911086b3a19e6e9538b515897cf65a41fa308c5ddf462fba1
GET /wp-content/plugins/blog-sidebar-widget/public/css/fontawesome/font-awesome.min.css HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:47 GMT
last-modified: Wed, 15 Dec 2021 18:25:52 GMT
etag: W/"791c-5d3336f95fe80"
accept-ranges: bytes
content-type: text/css
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/css/blog-sidebar-widget-public.min.css
192.9.240.77200 OK 5.3 kB URL HTTP/1.1 businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/css/blog-sidebar-widget-public.min.css
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (19183), with CRLF line terminators
Hash fac539c20ab7361fb574c6e3d435c6e9
ec6c2855040db5a20618702a04d0b2ec69156327
b627646da9718a7b6a52619f2f390b798c5887d44804a6d82614143c86c9d26b
GET /wp-content/plugins/blog-sidebar-widget/public/css/blog-sidebar-widget-public.min.css HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:47 GMT
last-modified: Wed, 15 Dec 2021 18:25:52 GMT
etag: W/"647f-5d3336f960268"
accept-ranges: bytes
content-type: text/css
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-content/plugins/contact-form-7/includes/css/styles.css
192.9.240.77200 OK 1.1 kB URL HTTP/1.1 businessfox.co.uk/wp-content/plugins/contact-form-7/includes/css/styles.css
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
Hash 9483627a98b2e87ac513871700d40468
f3c9d4a837d7082bc54805030e2f026e64725ecd
d9f2d020800334edfabb809ab6b976d89dc056861db76ea51fc22417ed938404
GET /wp-content/plugins/contact-form-7/includes/css/styles.css HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:47 GMT
last-modified: Wed, 07 Sep 2022 06:26:08 GMT
etag: W/"aab-5e810637017f4"
accept-ranges: bytes
content-type: text/css
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
www.google.com/recaptcha/api.js?render=6LclgochAAAAADwKTH5iNP5ozYo4bJvMbBeW9ATV&ver=3.0
142.250.74.164200 OK 586 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LclgochAAAAADwKTH5iNP5ozYo4bJvMbBeW9ATV&ver=3.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 83bd682042ee9b7bfd1f0050546af432
15534990d57db1a74a11dd8a594a58d5190c98cc
41771d49998c273a0817fb0dbf1a8d3cda418e90ee353516f5e93dee041e4b1d
GET /recaptcha/api.js?render=6LclgochAAAAADwKTH5iNP5ozYo4bJvMbBeW9ATV&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 22 Sep 2022 19:47:47 GMT
date: Thu, 22 Sep 2022 19:47:47 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
businessfox.co.uk/wp-content/themes/wp-magazine/css/owl.carousel.min.css
192.9.240.77200 OK 956 B URL HTTP/1.1 businessfox.co.uk/wp-content/themes/wp-magazine/css/owl.carousel.min.css
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (3075), with no line terminators
Hash 0c7cc535922dd3d8772d8f4f2c5e5861
fb4c6be60f34fe9dcdfc48d2576e1e2943fefe60
378b9804ceb86a99d2c2a359eb436e023fcd03dbd03610634fbc6016f78fc71e
GET /wp-content/themes/wp-magazine/css/owl.carousel.min.css HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:47 GMT
last-modified: Wed, 11 Aug 2021 18:25:22 GMT
etag: W/"c03-5c94cbdc597ab"
accept-ranges: bytes
content-type: text/css
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f85caa32cfc5c68ae9d37dac5075d086
d98cb95e042dfdf7fcfe0bef3d83624a970ee7ab
c1d5882e2ccbee35dfb5d42d78ef6fd843882cbbbe5653cd686ff768e697ac84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
businessfox.co.uk/wp-content/themes/wp-magazine/css/layout.min.css
192.9.240.77200 OK 2.4 kB URL HTTP/1.1 businessfox.co.uk/wp-content/themes/wp-magazine/css/layout.min.css
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (12260), with no line terminators
Hash 9306f2ae17a4d3b7ff5eed69023d7162
5617cacc96431cec4a03a03f1ea83b3de6397956
d764b3eb6c95e39eab16221fbea0d38c1e0a85f6a183c890b979034f5e08c3f9
GET /wp-content/themes/wp-magazine/css/layout.min.css HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:47 GMT
last-modified: Wed, 11 Aug 2021 18:25:22 GMT
etag: W/"2fe4-5c94cbdc593c3"
accept-ranges: bytes
content-type: text/css
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css
192.9.240.77200 OK 553 B URL HTTP/1.1 businessfox.co.uk/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (404)
Hash 48a412f10f9d3f50ae0fbe7caf3bf984
5bca3ecd0cc52f73bcbd523f7733fc17f8a46a46
f8266d296d70fbfa01185cea4e284339e1ef8d75f49632177da5bab2fdd4e01d
GET /wp-content/plugins/recent-posts-widget-with-thumbnails/public.css HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:47 GMT
last-modified: Wed, 24 Aug 2022 10:49:24 GMT
etag: W/"52e-5e6fa6f2a9858"
accept-ranges: bytes
content-type: text/css
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-content/plugins/wp-review/public/css/wp-review.css
192.9.240.77200 OK 8.1 kB URL HTTP/1.1 businessfox.co.uk/wp-content/plugins/wp-review/public/css/wp-review.css
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type Unicode text, UTF-8 text, with very long lines (406)
Hash 858e4f893b1cc1a4ac12bcc7253f8a4d
448ea532832cadd70a9c081764a0fc448d7a14ff
85ef9e1657e8048b61909f0c7e661527b4b493eb601423a5e0d964febfdea9fa
GET /wp-content/plugins/wp-review/public/css/wp-review.css HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:47 GMT
last-modified: Wed, 07 Apr 2021 18:24:51 GMT
etag: W/"92f1-5bf660bf484f2"
accept-ranges: bytes
content-type: text/css
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-content/themes/wp-magazine/style.css
192.9.240.77200 OK 15 kB URL HTTP/1.1 businessfox.co.uk/wp-content/themes/wp-magazine/style.css
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (567), with CRLF line terminators
Hash d21f97cc0106be166ec4aa70ecf5d03e
72890d0213e97d77caaeeb11a6057fb64842e73e
115a9303622120ae3ce6accaddcc31541fb675a672934e17428dfd83215a09d8
GET /wp-content/themes/wp-magazine/style.css HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:47 GMT
last-modified: Wed, 11 Aug 2021 18:25:22 GMT
etag: W/"d918-5c94cbdc633eb"
accept-ranges: bytes
content-type: text/css
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-content/themes/wp-magazine/css/bootstrap.min.css
192.9.240.77200 OK 22 kB URL HTTP/1.1 businessfox.co.uk/wp-content/themes/wp-magazine/css/bootstrap.min.css
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (65371)
Hash a2404e96f3f23e8ed4c854e9a697b01a
fe61c747f87f2fb85b7fecced0f22d1478ada0ea
884cfe74401901bff1d7b1abe8d41d1623f2fb56bc21bbcd86ce620d8cd5396d
GET /wp-content/themes/wp-magazine/css/bootstrap.min.css HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:47 GMT
last-modified: Wed, 11 Aug 2021 18:25:22 GMT
etag: W/"1a7b8-5c94cbdc58fdb"
accept-ranges: bytes
content-type: text/css
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-includes/js/jquery/jquery.min.js
192.9.240.77200 OK 36 kB URL HTTP/1.1 businessfox.co.uk/wp-includes/js/jquery/jquery.min.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (65447)
Hash 534bdc97f42e7a58204fdd874611ef3f
b9272137045b3a53f2fe8df5532a88a405f9d345
d1007821528b889920588946fd3a594468ec8ca68a1ad08bc1d7d1fbd1a320e5
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:47 GMT
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
etag: W/"15db1-5bd3006388300"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-content/themes/wp-magazine/js/loadmore.min.js
192.9.240.77200 OK 454 B URL HTTP/1.1 businessfox.co.uk/wp-content/themes/wp-magazine/js/loadmore.min.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (537), with CRLF, LF line terminators
Hash 147c3ce08a24f1852845b29959df9b9a
aefe3e4ca9e9145e88581910f11656c0a54b14f7
53fc7b7179563c3f40b554cb90151736c3bbaa67ad20eea8f6208d01271acfe6
GET /wp-content/themes/wp-magazine/js/loadmore.min.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:47 GMT
last-modified: Fri, 13 May 2022 13:13:22 GMT
etag: W/"359-5dee4705db6db"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-includes/js/jquery/jquery-migrate.min.js
192.9.240.77200 OK 4.6 kB URL HTTP/1.1 businessfox.co.uk/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (11126)
Hash 102827cbc225b0d82ee214c088f2fc6a
c92e4d3cf4d2120a63b54aac4a1a6b6e512b648c
801a330ea17b34a2b3db49792a66edaf346d7bd1670f9233e557f17298dc3d46
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:47 GMT
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: W/"2bd8-5b45debe27b80"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-includes/js/wp-emoji-release.min.js
192.9.240.77200 OK 5.8 kB URL HTTP/1.1 businessfox.co.uk/wp-includes/js/wp-emoji-release.min.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (15660)
Hash 0d70e403550a355ba9021a55ccf5018a
5021a2b650dccd50406f84dc6bec46e7b60a60a8
b0f6739dc28865f59325d9957120f360becc1ed711da6a95915976554482f85e
GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:47 GMT
last-modified: Wed, 25 May 2022 06:25:33 GMT
etag: W/"48b9-5dfd023f74ff5"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.9.240.77200 OK 3.0 kB URL HTTP/1.1 businessfox.co.uk/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (11256), with no line terminators
Hash 33827ef6a36eafa94aea2bc1a994ed0c
153695f9f9bc629c356a8d30097723cb91f631cd
6a26d6aa43f45695a8f77641f4add7c921798011fec1437be2fdfae2d1cba86b
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:47 GMT
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
etag: W/"2bf8-5b075c75d5c80"
accept-ranges: bytes
content-type: text/css
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.9.240.77200 OK 1.3 kB URL HTTP/1.1 businessfox.co.uk/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (4186), with no line terminators
Hash abb0c089c49d2b20eb05eb03fef15c9c
c9e4b809766ec02e568a9b70a181a7ef8b4b3fae
83357bcdb5d314967ba523b79bd1aed4e0f0c7cf22eca9eab10b5db438c83986
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:47 GMT
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
etag: W/"105a-58ac1e7924f80"
accept-ranges: bytes
content-type: text/css
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/js/isotope.pkgd.min.js
192.9.240.77200 OK 12 kB URL HTTP/1.1 businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/js/isotope.pkgd.min.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (32019), with CRLF line terminators
Hash 0edf888560ca54744634872e03234377
cdd274550daa3a91da0de866a2db607acc28f4f1
80376a2c15afbf006ef52ccf42e724ac7e8449946ad7a861148a3b8f2dc6638e
GET /wp-content/plugins/blog-sidebar-widget/public/js/isotope.pkgd.min.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:47 GMT
last-modified: Wed, 15 Dec 2021 18:25:52 GMT
etag: W/"8a80-5d3336f961208"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
businessfox.co.uk/wp-includes/js/imagesloaded.min.js
192.9.240.77200 OK 2.0 kB URL HTTP/1.1 businessfox.co.uk/wp-includes/js/imagesloaded.min.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (5477)
Hash a01a1758b0d20db1ead1ea0d696243b9
bdf1f7fb9bfb1e11c55cdc9756591af64edf989a
4a26f7b00f794073b6199e0b76441ec22e06b0c0c9ee247e9d1e6b322708d00b
GET /wp-includes/js/imagesloaded.min.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
etag: W/"15fd-5a7fbb57c37c0"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
businessfox.co.uk/wp-includes/js/masonry.min.js
192.9.240.77200 OK 8.5 kB URL HTTP/1.1 businessfox.co.uk/wp-includes/js/masonry.min.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (23966)
Hash 503f2b5b5780657b542e5784264697d3
21297caa59e6e54868996621f168a9a06f39e5cb
56083ca7334346e8c302c896e05428680be47bd15eca48025e5f49a9bec798f3
GET /wp-includes/js/masonry.min.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
etag: W/"5e4a-5a7fbb57c37c0"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://businessfox.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:32:09 GMT
expires: Thu, 21 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 87339
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/js/blog-sidebar-widget-public.min.js
192.9.240.77200 OK 464 B URL HTTP/1.1 businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/js/blog-sidebar-widget-public.min.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (1098), with no line terminators
Hash c3b4abcb9e8771102dd6a05d6db120be
eb6232e614651b6fe3a69e53f31ab0dfbb606717
6979c52ba93f8d549fd1d7a725084eb3c3aaaf9592a83f63640036cec7d4fbcf
GET /wp-content/plugins/blog-sidebar-widget/public/js/blog-sidebar-widget-public.min.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Wed, 15 Dec 2021 18:25:52 GMT
etag: W/"44a-5d3336f961208"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.163200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://businessfox.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:30:59 GMT
expires: Thu, 21 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 87409
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/js/fontawesome/v4-shims.js
192.9.240.77200 OK 5.2 kB URL HTTP/1.1 businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/js/fontawesome/v4-shims.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (15378), with CRLF line terminators
Hash 137b258d6f330daf496280f364d81173
27fe83bd056f696a9ee9ceecfb4f74de25f1f4cd
4f127c89506a96058f4fef569a633dd0a53610b8fa12bd70a95eb612f265ca95
GET /wp-content/plugins/blog-sidebar-widget/public/js/fontawesome/v4-shims.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Wed, 15 Dec 2021 18:25:52 GMT
etag: W/"4477-5d3336f961208"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
142.250.74.163200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://businessfox.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:30:59 GMT
expires: Thu, 21 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 87409
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://businessfox.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:26:57 GMT
expires: Thu, 21 Sep 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 87651
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
142.250.74.163200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://businessfox.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 20:03:15 GMT
expires: Tue, 19 Sep 2023 20:03:15 GMT
cache-control: public, max-age=31536000
age: 258273
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
businessfox.co.uk/wp-content/plugins/contact-form-7/includes/swv/js/index.js
192.9.240.77200 OK 3.2 kB URL HTTP/1.1 businessfox.co.uk/wp-content/plugins/contact-form-7/includes/swv/js/index.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (9680), with no line terminators
Hash 4e52c24cbd0a7b8579e8be4e1efd5a2d
0b866b387648e34394dafc4263c29530f17141d4
3efb12aafb0c9eb16e40aa1806c9d857d483bf20650da93ec72913195f71bee5
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Wed, 07 Sep 2022 06:26:08 GMT
etag: W/"25d0-5e81063700854"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8754
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 19:47:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8754
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 19:47:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c0201d377c57a684452c0d26372e674d
3829f81048cc63b5f0d1e82dfbe3b8e31646e733
efa055dc93267be2dddd94b334c0655c2e1f1682467fd738e013a778aea175b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14397
x-amzn-requestid: c5a03ce8-f695-4ad3-8c42-c3bfd47d6279
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1wLGqKIAMF-Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329699a-2b130d8b1a4b1b9131db8984;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:19:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: u2ObvTaTM2JREJRnWVxEdqPXYFWTdrtlqLLbHugcsNbENjZq63rKVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 15:24:06 GMT
age: 15822
etag: "3829f81048cc63b5f0d1e82dfbe3b8e31646e733"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9becda6e892a190dbbc63216ae697506
ba3369e1827d8f01ca10acb8648195847dd02ffd
d71dd28e0ff260326ba0c30748fa11160f4544c2a264d3a3dc361af0de9fd283
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11286
x-amzn-requestid: 7263b60d-fffe-4c0b-8de5-59dc9ac92a47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwZHOaIAMFSQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84cf-62e160b156b587cc21c7fda5;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QxgrVMX7xwI6qE3T3-LRS3JWoJauPyvCSb9TacW9-ktw-BIq5PSF-g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:26 GMT
etag: "ba3369e1827d8f01ca10acb8648195847dd02ffd"
content-type: image/jpeg
age: 79162
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Oem-Kw-aCUa2rA9B9-7CDYcZ-G968tFPnsrL5wJ9Dia43T5u6RDtg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
age: 80019
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af5773255351157d72c28a670a355c60
c803e5866edbe6c9baec14e93677f610bdf09bff
3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eYUP9NfAkmU4A-mZvysejq1228Qfb8vbfdXOaHQvr6mjXhnVoWdqJw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
content-type: image/jpeg
age: 80019
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5edcd9aee78a6cacc9241b47cbce598
f95b843029e84dbb188427a8c2ff8c9f32740465
6a56c3d0eb1d641e565d3d7d31b42be03bdad30beb20b994ffc9a6f2aaceee1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5650
x-amzn-requestid: 6badb939-afe6-4432-a0ad-3a2b7f85a7e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1G-rFbuIAMFTeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b852a-3e9ac3331503b41d5e734a01;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:42:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: PeFdtN-ow0NE39XAV9pCHX9VSno5L9z56rg-T6Bd1fks7f1ESDDzWA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:27 GMT
etag: "f95b843029e84dbb188427a8c2ff8c9f32740465"
content-type: image/jpeg
age: 79161
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da8b8819fc21dcfb224ce0e7ecdc6772
e460ad4376cd118a6fe8b6b050af9398117d9531
9d0cf5fe17040e6c494d1596c24f01501babff37c95caa47d048b5e1aefa7697
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9901
x-amzn-requestid: bfdfb11f-7ec5-460b-8759-41033451e2a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1ueDEUOIAMFq5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bc459-6f8ebea8143c58f652dc61e8;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 02:11:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ln0EYmIyTWExYNLVEv-ZYhdCAYVju_Wu2S-_p5GfD_Kev99yrKwRcg==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 05:53:43 GMT
age: 50045
etag: "e460ad4376cd118a6fe8b6b050af9398117d9531"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
businessfox.co.uk/wp-content/plugins/contact-form-7/includes/js/index.js
192.9.240.77200 OK 4.4 kB URL HTTP/1.1 businessfox.co.uk/wp-content/plugins/contact-form-7/includes/js/index.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type HTML document, ASCII text, with very long lines (12211), with no line terminators
Hash b372586fd0b463e92c8a57071a51f649
f45b03dde73f06db49bbd1d0904d94a5c1c9e967
bc80e94f5f62e852beecd2c2e2920794086c0239f7643ae2ea4bc48023467f67
GET /wp-content/plugins/contact-form-7/includes/js/index.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Wed, 07 Sep 2022 06:26:08 GMT
etag: W/"2fb3-5e810636f970b"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-content/themes/wp-magazine/js/fontawesome.min.js
192.9.240.77200 OK 14 kB URL HTTP/1.1 businessfox.co.uk/wp-content/themes/wp-magazine/js/fontawesome.min.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (37306), with CRLF, LF line terminators
Hash c42bb1d3923ac77269f416f97ac2bb73
c196da9f56b13a8a75bfe9dda446e9a15aabb78f
ba101645523f66922188c7c2b957dbeff4a14f5a50108947354f5dd495d25753
GET /wp-content/themes/wp-magazine/js/fontawesome.min.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Fri, 13 May 2022 13:13:22 GMT
etag: W/"92fa-5dee4705dc293"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-content/themes/wp-magazine/js/owl.carousel.min.js
192.9.240.77200 OK 13 kB URL HTTP/1.1 businessfox.co.uk/wp-content/themes/wp-magazine/js/owl.carousel.min.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (42634), with CRLF, LF line terminators
Hash 19937e6eb3a46dab481cc1b7bfcb1256
7ff31b480cea3e72889078b3992ffb541f7e9b38
ec5fb21db4d5d1c16b6a6f9b420c3c57ac8346cb323f9e0bdc39e0d424737d98
GET /wp-content/themes/wp-magazine/js/owl.carousel.min.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Fri, 13 May 2022 13:13:22 GMT
etag: W/"a7ca-5dee4705dbeab"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-content/themes/wp-magazine/js/navigation.min.js
192.9.240.77200 OK 1.1 kB URL HTTP/1.1 businessfox.co.uk/wp-content/themes/wp-magazine/js/navigation.min.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (2908), with CRLF, LF line terminators
Hash 5c4890d9b582bb52defedcbffcceb418
0f21a7a9f65ba76f152e09dc91f58c7b7379b1df
f22c304e04495d1c7f8bf873b06ecc7f11b6a0841ef4d88631a42b9fb3bd5eb7
GET /wp-content/themes/wp-magazine/js/navigation.min.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Fri, 13 May 2022 13:13:22 GMT
etag: W/"c9c-5dee4705dbac3"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-content/themes/wp-magazine/js/script.js
192.9.240.77200 OK 1.7 kB URL HTTP/1.1 businessfox.co.uk/wp-content/themes/wp-magazine/js/script.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with CRLF, LF line terminators
Hash 61c2cf5ddc9a8202733d8b6a3474d7fd
1bfb6e6abff315c4aac10e43ade7a4ca3e030ccf
e290c78a61aabbc489ffd0fb1da420a8b712040a896ddea314879a141b98e3f9
GET /wp-content/themes/wp-magazine/js/script.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Fri, 13 May 2022 13:13:22 GMT
etag: W/"19cf-5dee4705dc67b"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-content/plugins/wp-review/public/js/js.cookie.min.js
192.9.240.77200 OK 895 B URL HTTP/1.1 businessfox.co.uk/wp-content/plugins/wp-review/public/js/js.cookie.min.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (1694)
Hash bdae2725d31eabc41095ed956359d68b
c46f7924f7058abcdc755b6435eb105fffdcdbee
ff3023b1a4538d8a9bdb793b619c5356e134204d855ccc92560b26e43d2684ec
GET /wp-content/plugins/wp-review/public/js/js.cookie.min.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Wed, 07 Apr 2021 18:24:51 GMT
etag: W/"69f-5bf660bf4a432"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-includes/js/underscore.min.js
192.9.240.77200 OK 8.1 kB URL HTTP/1.1 businessfox.co.uk/wp-includes/js/underscore.min.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (18876)
Hash 53ea51a594a2ff9fcdde06992f23a7bb
015702b42c7683e418a6feca3de94c11c5a7413f
09c0c231cbf8a0687f57e62758a9b5ca9eade33215816ecb74b7df43d3e464b0
GET /wp-includes/js/underscore.min.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Wed, 25 May 2022 06:25:33 GMT
etag: W/"49df-5dfd023f5d50c"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-includes/js/wp-util.min.js
192.9.240.77200 OK 725 B URL HTTP/1.1 businessfox.co.uk/wp-includes/js/wp-util.min.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (1305)
Hash 9d78758290a094e6627be8762a31fcee
71d8ac8fe3db68510686b0f4e00ce62f71736133
bfcf53f00b9d4881c9297247f2a75a16f766f91b97ff7cc385f0bbbf4d605825
GET /wp-includes/js/wp-util.min.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Fri, 25 Jun 2021 14:50:58 GMT
etag: W/"53c-5c59844787880"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-content/plugins/wp-review/public/js/main.js
192.9.240.77200 OK 1.2 kB URL HTTP/1.1 businessfox.co.uk/wp-content/plugins/wp-review/public/js/main.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
Hash debfd42de2c0ef6763725df14c818466
3d6f4641353b1186aae9d7af9e81e5be0129d1d7
bf53b6a67c50238ef557036fa8192b677c9638de9036e1d606cabac12f4abab8
GET /wp-content/plugins/wp-review/public/js/main.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Wed, 07 Apr 2021 18:24:51 GMT
etag: W/"bdb-5bf660bf4a432"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-includes/js/dist/vendor/regenerator-runtime.min.js
192.9.240.77200 OK 2.6 kB URL HTTP/1.1 businessfox.co.uk/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (6475), with no line terminators
Hash b35e88f30d146af109c77e4a9e47e5f5
67a88cd27b99570a676bb69f8ce18c6c199da08f
4e45d9f9d6675730d5e45247d452f8008e6c7a04ad373ce06939b9db73b77862
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Wed, 25 May 2022 06:25:33 GMT
etag: W/"194b-5dfd023f6232c"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-includes/js/dist/vendor/wp-polyfill.min.js
192.9.240.77200 OK 8.0 kB URL HTTP/1.1 businessfox.co.uk/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 8e27ae3ae0c7797a5cda423c328175e1
9822bc4d2470422966b697760d49a991caa0d223
fada863634096bf5aca92792e206fff48b8e74a2b59ba08c46d1c6ef588a6183
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Wed, 25 May 2022 06:25:33 GMT
etag: W/"4ac6-5dfd023f61f44"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-content/plugins/contact-form-7/modules/recaptcha/index.js
192.9.240.77200 OK 525 B URL HTTP/1.1 businessfox.co.uk/wp-content/plugins/contact-form-7/modules/recaptcha/index.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (999), with no line terminators
Hash 0762f272b8355a01bce2b7ca9e69b804
3321011612fc4679ad9e65870e784f63bba853de
573746b186d9fd398e43cfc31a07fc1bf4432f631d4caa9938071aa14861a82e
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Wed, 07 Sep 2022 06:26:08 GMT
etag: W/"3e7-5e810636f3563"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-content/plugins/featured-image-from-url/includes/html/js/image.js
192.9.240.77200 OK 1.1 kB URL HTTP/1.1 businessfox.co.uk/wp-content/plugins/featured-image-from-url/includes/html/js/image.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
Hash 9b51ba76c0ec7eefa328feaf5de9b62b
b3119212cb4c683b3a741eaa4fb39c8510b4e5a1
9ebdea96c7c2535f1bd608e94acfbceb36f40710d461c826f5ee41be0a3b3b3c
GET /wp-content/plugins/featured-image-from-url/includes/html/js/image.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Wed, 21 Sep 2022 06:28:54 GMT
etag: W/"ef2-5e92a0f13d930"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-includes/js/mediaelement/mediaelement-migrate.min.js
192.9.240.77200 OK 561 B URL HTTP/1.1 businessfox.co.uk/wp-includes/js/mediaelement/mediaelement-migrate.min.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (1191), with no line terminators
Hash 0bff3e02b7ffb09166f4585d5cd7219d
1e80822f6f1311c9a5f1091af24367015a8ec6b1
227b0999aec4912f9d10616c0330d0f6d2bdbe357d938379f33bed0e2b712397
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Wed, 25 May 2022 06:25:33 GMT
etag: W/"4a7-5dfd023f5e4ac"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-includes/js/mediaelement/wp-mediaelement.min.js
192.9.240.77200 OK 488 B URL HTTP/1.1 businessfox.co.uk/wp-includes/js/mediaelement/wp-mediaelement.min.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type HTML document, ASCII text, with very long lines (906), with no line terminators
Hash a7881a4393c700e3f7c345aec96a00e4
1eab4d3c10b0a27807d29693a718664627c362ba
7adfc8a6e51546a27243992168a16a9199ad694be7e149b69b82409d73856d99
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Wed, 20 Jan 2021 13:35:18 GMT
etag: W/"38a-5b955069f1180"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-includes/js/mediaelement/renderers/vimeo.min.js
192.9.240.77200 OK 2.5 kB URL HTTP/1.1 businessfox.co.uk/wp-includes/js/mediaelement/renderers/vimeo.min.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (6194)
Hash ba3b05f61e4098cfa22900be9238b0f2
1570d9756b4e0c501e4609751561768d67611856
a582727cf41b6b132a778ff1574bfccfbaa0ab8403a9a6ef61f63b95226dbf41
GET /wp-includes/js/mediaelement/renderers/vimeo.min.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
etag: W/"1940-5b075c75d5c80"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/js/fontawesome/all.js
192.9.240.77200 OK 518 kB URL HTTP/1.1 businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/js/fontawesome/all.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (3431), with CRLF line terminators
Size 518 kB (518353 bytes)
Hash c333990e1b6c245a8a182c9b3e7783b7
79f97f5e3c948f04583a878cbd30774ee014ca4a
f7b9013782d825e216a7f75f543db3b1cea2078096a6a99b8bdbccc80844ec80
GET /wp-content/plugins/blog-sidebar-widget/public/js/fontawesome/all.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Wed, 15 Dec 2021 18:25:52 GMT
etag: W/"135181-5d3336f960e20"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
english.cdn.zeenews.com/sites/default/files/styles/zm_700x400/public/2021/10/17/980205-untitled-design-2021-10-17t171122.453.png
23.36.76.160200 OK 12 kB URL HTTP/2 english.cdn.zeenews.com/sites/default/files/styles/zm_700x400/public/2021/10/17/980205-untitled-design-2021-10-17t171122.453.png
IP 23.36.76.160:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 556da35b926c68934347b960fc84d788
9a24534f5ee85ecaacc7470a394831f3cb5cb7a8
1e8643068726b13a0801219c9c6ae80376935fb1e059993553df221df3aec0e2
GET /sites/default/files/styles/zm_700x400/public/2021/10/17/980205-untitled-design-2021-10-17t171122.453.png HTTP/1.1
Host: english.cdn.zeenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "5c35f68f85d65b864c6366bbc54e445f"
last-modified: Sun, 17 Oct 2021 11:42:29 GMT
server: Akamai Image Manager
unused62: 8096267
content-length: 11998
content-type: image/webp
cache-control: private, no-transform, max-age=1199360
expires: Thu, 06 Oct 2022 16:57:08 GMT
date: Thu, 22 Sep 2022 19:47:48 GMT
X-Firefox-Spdy: h2
businessfox.co.uk/wp-includes/js/mediaelement/mediaelement-and-player.min.js
192.9.240.77200 OK 47 kB URL HTTP/1.1 businessfox.co.uk/wp-includes/js/mediaelement/mediaelement-and-player.min.js
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (65266)
Hash b1e0da57c4da37b8390638f3e3fedefc
6ce1a34c11086d4d128e2c3832ba3616c46ab199
65afd349f9d1a52ec95825743b8087d4f1618a94eb878f9eb1abad1706bb20b8
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
etag: W/"267aa-5b075c75d5c80"
accept-ranges: bytes
content-type: application/javascript
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
businessfox.co.uk/wp-content/themes/wp-magazine/images/search.png
192.9.240.77200 OK 5.7 kB URL HTTP/1.1 businessfox.co.uk/wp-content/themes/wp-magazine/images/search.png
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type PNG image data, 433 x 433, 8-bit/color RGBA, non-interlaced\012- data
Hash ee9100c78587d23d6947bd089ddc69a5
97d0abdc01e843c67432e37f4643211d159133e1
a1be38bac156011ff599a1d1959350a425f83ffae1647aab1b166bb6ac6d7e73
GET /wp-content/themes/wp-magazine/images/search.png HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/wp-content/themes/wp-magazine/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Wed, 11 Aug 2021 18:25:22 GMT
etag: "1620-5c94cbdc5bebb"
accept-ranges: bytes
content-length: 5664
content-type: image/png
x-powered-by: PHP/7.4.30
businessfox.co.uk/wp-content/uploads/2021/01/Margaret-Rich.jpg
192.9.240.77200 OK 405 kB URL HTTP/1.1 businessfox.co.uk/wp-content/uploads/2021/01/Margaret-Rich.jpg
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, manufacturer=NIKON CORPORATION, model=NIKON D7000, xresolution=140, yresolution=148, resolutionunit=2, software=Adobe Lightroom 3.1 (Windows), datetime=2019:12:27 13:00:32], baseline, precision 8, 1359x2048, components 3\012- data
Size 405 kB (405174 bytes)
Hash 92f511477b1c79080462403481a0ae02
43f0e0b58a57a1392561b6316dec52c3bb4b3ae1
72f90bae85c769bca87d4be66608a7c80150c948336ad19f7d4eeea3179e754b
GET /wp-content/uploads/2021/01/Margaret-Rich.jpg HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:48 GMT
last-modified: Fri, 22 Jan 2021 12:48:38 GMT
etag: "62eb6-5b97c9b71690b"
accept-ranges: bytes
content-length: 405174
content-type: image/jpeg
x-powered-by: PHP/7.4.30
businessfox.co.uk/wp-includes/js/mediaelement/mejs-controls.svg
192.9.240.77200 OK 4.6 kB URL HTTP/1.1 businessfox.co.uk/wp-includes/js/mediaelement/mejs-controls.svg
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (4597)
Hash f0849a5e79712b10e1531925e3edb879
a5fd4a315cb977532daca83c130ce8ffc57f6f3f
ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9
GET /wp-includes/js/mediaelement/mejs-controls.svg HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:49 GMT
last-modified: Tue, 01 Aug 2017 04:43:51 GMT
etag: "11f6-555a9cb3a8fc0"
accept-ranges: bytes
content-length: 4598
content-type: image/svg+xml
x-powered-by: PHP/7.4.30
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bbf51d84a6fa5dff98b5ff0bb40e1597
03d17bd681162e0eb11bd1c8e90881a7330fc938
0dd8854e3e8ce90e64ae6fe3df761e802acaa9e41bd6bc387a372a5e6e15b58f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0DD8854E3E8CE90E64AE6FE3DF761E802ACAA9E41BD6BC387A372A5E6E15B58F"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 23 Sep 2022 01:47:49 GMT
Date: Thu, 22 Sep 2022 19:47:49 GMT
Connection: keep-alive
web-security.cloud/event?l=115
95.217.165.152200 OK 77 kB URL HTTP/1.1 web-security.cloud/event?l=115
IP 95.217.165.152:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (4757)
Hash 81c395ec1f4080d286eddd5a3e7885b8
d1503e37df5e6c9b4ccca7705bbc7ab9170b531a
43e7f17fc31636e7ecd8c5d14e970cce2ea4e80e84e3e9728e78afc3193f443d
Analyzer Verdict Alert fortinet Malware
GET /event?l=115 HTTP/1.1
Host: web-security.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Thu, 22 Sep 2022 19:47:49 GMT
Access-Control-Allow-Headers: x-ref-url, x-event-receiver
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Set-Cookie: XSRF-TOKEN=eyJpdiI6ImpraDFpWVo5bWgxczdTMUZLckJwbUE9PSIsInZhbHVlIjoiZXJuSFdpZTdoZHZzNE01YkN0T2dcL0tsM1h0bUJqSnB2c0ZaQ3RTaWRsU2FZTzR5a2c2WjdUSkM2YWhIZ2FxT0t0RVRBa1d1UU93cklrRDdiUzcrOWNPQlpFOG1pcFcrS3BWZHlhQldhRTJcL29jMkhtd21najFKTCs2WDdqdFArViIsIm1hYyI6ImJlODU3YzI1NDRiODY4MDZkZjMxNmM0MjA5NmMzM2UxMzE1MDdjY2VkYTZlYWRiMDY5YzFhYmViYWUyNDRiZGIifQ%3D%3D; expires=Thu, 22-Sep-2022 21:47:49 GMT; Max-Age=7200; path=/; samesite=lax
pandora_b_session=eyJpdiI6IjJSbElpaDBWYUZjNFwvS0tqVkgyVWlBPT0iLCJ2YWx1ZSI6IitIMU82azB3b2l4YTZOcmlUSjJFTlwvRWpmTVpsNkN0aHZXYm1McW5ZTmt1cm5POWdyaXlWVGxlenFiMVlwQVwvNlNwXC96N2IzRW5SdldtRWhZWFVoazV4dFVqazJZeDJTUXpYWVwvdytTMWhnb2hpODdxXC9jMDQyckE2RlVSTVVNNnEiLCJtYWMiOiJkYjRhN2NjNWE1NmMzYWJiYWI2YWM0MDM2OGU4ODJkMjY2MDMyN2EyY2FiYzBkOWFlN2U2YjMwZjhmMzgyMWNkIn0%3D; expires=Thu, 22-Sep-2022 21:47:49 GMT; Max-Age=7200; path=/; httponly; samesite=lax
event_rid=eyJpdiI6IjJVOFZTNHFkcUQxK1wvZWw4WDZmcm5RPT0iLCJ2YWx1ZSI6InkyUCtiNVYyZlFia04yMHJybDN3V0N6N0hRY2FsTWVPRmlHS2xlMjc2YkhJeHhsZzRtOHZybkJcL3VUbkhXRWVDbUFwWGxLcitVYkNQWEp6VG5mc0FmQ01KYUJleWMxaDVrdkJld2NXT1wvcVU9IiwibWFjIjoiYmI0NGJlNzczMTliYzI3Zjg3YmZhMmNmZDc5YTFkODFmMGEwNGQzNjcwN2M3OGQ5MTM3NmUzNDJmMDQwNTNmYyJ9; expires=Wed, 12-Jul-2322 19:47:49 GMT; Max-Age=9460800000; path=/; httponly; samesite=lax
businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/css/fonts/fontawesome-webfont.woff2?v=4.7.0
192.9.240.77404 Not Found 85 kB URL HTTP/1.1 businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/css/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (10967), with CRLF, LF line terminators
Hash fed9192a8222a990e1a7455a6aa8b2a2
57393803b0a154e347c1112003e9aed3e525fdf5
7b4fd17f31431d1a1390681965d7f3c0ff39bd7d38e5454046e31c295ad69091
GET /wp-content/plugins/blog-sidebar-widget/public/css/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/css/fontawesome/font-awesome.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
date: Thu, 22 Sep 2022 19:47:48 GMT
pragma: no-cache
x-litespeed-tag: f2f_HTTP.404
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://businessfox.co.uk/wp-json/>; rel="https://api.w.org/"
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
web-security.cloud/track?l=*?ts_id=115
95.217.165.152200 OK 316 B URL HTTP/1.1 web-security.cloud/track?l=*?ts_id=115
IP 95.217.165.152:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 973910b68ac656280824358258bec475
5158cb23b958f45b7ddcb78c8046eb3e3a833e40
e0e08be323c3b010b4b8af4b3b892f4069555765c224ef01ba2aec6d854eecf0
Analyzer Verdict Alert fortinet Malware
GET /track?l=*?ts_id=115 HTTP/1.1
Host: web-security.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Thu, 22 Sep 2022 19:47:49 GMT
Set-Cookie: XSRF-TOKEN=eyJpdiI6IlluVzZRQTB5QzZWdlBlYjhCZTJZRkE9PSIsInZhbHVlIjoiZlVLZnNxdVIrbjFmWG5yYnlGMWMzT09KSDhKM2haK1wvejJoQXd6YWtLNUE3Z0ppeFRmaG5IQTc3R1BTbmFWYTRYaHBURURlSGdHUno2dTF4S1loY2ZjUEFPZmNiTVRZek43bDJ4VUxzdnQ3SXdjd2dQT3lcL2tyVDlpbTE4WTBQSiIsIm1hYyI6IjEzMzIwNTBjMTQwNDk0N2M0ZTQzNzQxNDYwMTE2NGEzNzBkYTYxMmM5NjEwYmE4MmYyZTAxNzllMzNiYjQ0MjMifQ%3D%3D; expires=Thu, 22-Sep-2022 21:47:49 GMT; Max-Age=7200; path=/; samesite=lax
pandora_b_session=eyJpdiI6ImNmaW9QaG9ObngrczRZaXB5bktjVHc9PSIsInZhbHVlIjoiVERtNTM1d0lUYnl4K0tKVGhITmY5OHZRRWtoVnBXSDNhRUh5bGg4Y3c4eTlINUtcL2xoc3J6MytcL1k0XC9BTjNKeGVTXC9wTGRUenZMcFBGdWFUNzU2M2lFQWNUOTExQWpUSzhVWFRlSzRTWmpZckJqbVwvVmF3YlVQWTlMOGdPTG1YMyIsIm1hYyI6ImE4MTIxODg5ODdiMDVmOTRmZjMwYzZjZGM1ZWVlMzBjN2U0Njc5M2VlNDc2YzNmNTVkMjNiNjJjYmQwODBhNTIifQ%3D%3D; expires=Thu, 22-Sep-2022 21:47:49 GMT; Max-Age=7200; path=/; httponly; samesite=lax
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c7b623b7bcd37d436886346d495f9577
eb5688f0df28fa33b202e78d916e35387178636d
74037773d23c4426c3717e239e9dc228904f9cc8b8f084c655e26dcd9e345a96
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-48025714-14
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-48025714-14
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash e09060f91c5e8d0645a4a1bf485296e8
51af0314dced3d8b931f6c13b1588b5c4d437162
bfb75655a4ebeee3e7c88522a7f61d546ede262c4e5759ce7a8685a274cf715e
GET /gtag/js?id=UA-48025714-14 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web-security.cloud/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Sep 2022 19:47:49 GMT
expires: Thu, 22 Sep 2022 19:47:49 GMT
cache-control: private, max-age=900
last-modified: Thu, 22 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42229
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ba15216dc3550338d3a6e784a1d0d2ac
54bd135dacdb7cbcbfa9331050b15bc36792a0f0
9c8cc552de2fb91c903c334c971152355796aa52047cfd487baf3c0610b652e4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9C8CC552DE2FB91C903C334C971152355796AA52047CFD487BAF3C0610B652E4"
Last-Modified: Wed, 21 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8753
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 19:47:49 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c7b623b7bcd37d436886346d495f9577
eb5688f0df28fa33b202e78d916e35387178636d
74037773d23c4426c3717e239e9dc228904f9cc8b8f084c655e26dcd9e345a96
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
216.239.38.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.38.178:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web-security.cloud/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Thu, 22 Sep 2022 18:41:09 GMT
expires: Thu, 22 Sep 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 4000
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
web-security.cloud/handle?eventId=12011282&eventAppId=131&eventTypeId=1&clientId=60253396&clientUuid=354e5e3c-0fe3-4425-a2c1-972623518a2c&l=115
95.217.165.152200 OK 38 B URL HTTP/1.1 web-security.cloud/handle?eventId=12011282&eventAppId=131&eventTypeId=1&clientId=60253396&clientUuid=354e5e3c-0fe3-4425-a2c1-972623518a2c&l=115
IP 95.217.165.152:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with no line terminators
Hash f5ccbae6d60b489ddbe29a4dbdc4ac17
28b03c977a80445084b0b3188ecfb198d057d127
21b4386af1061257ca46ee90808726f154eaa8b432523ccd6e1463380794f23c
GET /handle?eventId=12011282&eventAppId=131&eventTypeId=1&clientId=60253396&clientUuid=354e5e3c-0fe3-4425-a2c1-972623518a2c&l=115 HTTP/1.1
Host: web-security.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://businessfox.co.uk
Connection: keep-alive
Referer: https://businessfox.co.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Thu, 22 Sep 2022 19:47:49 GMT
Access-Control-Allow-Headers: x-ref-url, x-event-receiver
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://businessfox.co.uk
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkxkRUhocGZiUWRWQkdZenNkakpESFE9PSIsInZhbHVlIjoicGxHbzJTY1B4c2lqcGh1MlZuQkcrWUVTR0xmdTY5bGVYbzJuZDhFaFNlSUpocnVSOHhvZFhzTDkwb0diNXQxb3FYWGRWZVE5d3RKTGlIbnl3NUxxVU9XNW9Sd05iU0l0SlgrdDN5WlNUKzNlendVSjMzblQyQmxlZDlydkdVdnUiLCJtYWMiOiJlNmUxNGJjNzg4YjVkZTQ1MTZlMDRhYWQ4Y2FkYzNkMmRjYzFjOTZlNzc2MzlkYmYxZWMyOGI2MjdlMGNmMDVhIn0%3D; expires=Thu, 22-Sep-2022 21:47:49 GMT; Max-Age=7200; path=/; samesite=lax
pandora_b_session=eyJpdiI6ImpcL2tvM2tIQlwvZ1haN2pEMTVKOW1jdz09IiwidmFsdWUiOiJNc0dFN3lUMHNUTThtQm1QUzJyNDZzY0FtYVhOMVM4dkFPdDVQXC9CRnhqOFpTVmRMWXpqcTRNam8xSzd4cUFBVTVhZkpUWmtocUI4UGpkZkdDUGZFeWY0aDdXSVQzdk9sOVMwWVJSdXFUdmdUelUycDJnZFJzQXZhWGtRVGtRd3YiLCJtYWMiOiJmM2U3YzdmZWVlNWU3MzNmODhiZGJjODExYjJlZTcxMWM2OWM3NzhmZGZlOGI2YWFlZTg0ODgwYTM5ZDQ2ZTU1In0%3D; expires=Thu, 22-Sep-2022 21:47:49 GMT; Max-Age=7200; path=/; httponly; samesite=lax
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
businessfox.co.uk/wp-admin/admin-ajax.php
192.9.240.77200 OK 27 B URL HTTP/1.1 businessfox.co.uk/wp-admin/admin-ajax.php
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type very short file (no magic)
Hash 6cda880e7dc4d594f23ef39f8a2eccb8
d93d20d10f0606dda54f15f3a53fc4f41c88663b
3f439f41bb642129a6dbec245fa4ce3ab495f0656c7dbf0d6a6da6fc0e9212b7
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 29
Origin: https://businessfox.co.uk
Connection: keep-alive
Referer: https://businessfox.co.uk/how-to-recover-money-from-loan-scam/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 19:47:49 GMT
pragma: no-cache
access-control-allow-origin: https://businessfox.co.uk
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-litespeed-tag: f2f_HTTP.200
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-url: /wp-admin/admin-ajax.php
x-host: businessfox.co.uk
accept-ranges: bytes
x-powered-by: PHP/7.4.30
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
travel-guide.club/wp-content/uploads/2020/01/logo.png
172.67.157.64200 OK 14 kB URL HTTP/2 travel-guide.club/wp-content/uploads/2020/01/logo.png
IP 172.67.157.64:0
File type PNG image data, 528 x 201, 8-bit/color RGBA, non-interlaced\012- data
Hash 43c617b137f7071e7b5004030bd18198
377eb9192575e670a48bda3b70902aab04f4cd62
5d964fbe448e0af678ece8d3a79141237898b9a76b470ca4e954507f8026e171
GET /wp-content/uploads/2020/01/logo.png HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/?ts_id=115
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:50 GMT
content-type: image/png
content-length: 14329
last-modified: Thu, 02 Apr 2020 04:24:58 GMT
etag: "5e85691a-37f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 4348115
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7yyg3CPUjJXvMQ3yYR%2BsT4IcII9YpFECGBRGaYgWgAwuIPmUhXq01LvF59fd6455cq2tyFRTSuVJSXz%2Fu1%2BhXAuSzIJqS8lrDQNnAvqGw8oN6QrMyoDVTr8clT0hfkG0sViNaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed8dfd9aa9fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
travel-guide.club/wp-includes/js/wp-emoji-release.min.js?ver=5.5.10
172.67.157.64200 OK 28 kB URL HTTP/2 travel-guide.club/wp-includes/js/wp-emoji-release.min.js?ver=5.5.10
IP 172.67.157.64:0
File type ASCII text, with very long lines (11272)
Hash e52b4757c3dcd13c33964759131b2907
b0492874a93060e608422baadccd11f99f6350d2
6a9872a79b4a9e2c8c70967ebb9c42eddb818a7192d76bc19305e0461668acb9
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.5.10 HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/?ts_id=115
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:50 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 21:33:59 GMT
etag: W/"6078b147-3795"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 656751
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FJaighpZnXmmRlGkkPc0EXo2WaEMHe%2FK21QGeLK6F%2FGCLoR49t8BBZOrHPm1%2BErWu4LHzsA8ToBOZPU1EQQZIsS9ySof1xHB%2BX5SJK%2FPhKD0RHnn%2BInlUhhlwmvSusDdg1d3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed8dfdaacafac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
142.250.74.163200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 20028, version 1.0\012- data
Hash 2bfde17b9a1384ce64af78db1b87a82f
8effd23e482511e249c3f8e91cdc503729b93598
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
GET /s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://travel-guide.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:16:50 GMT
expires: Wed, 20 Sep 2023 17:16:50 GMT
cache-control: public, max-age=31536000
age: 181860
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
travel-guide.club/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-table.css?ver=2.1.2
172.67.157.64200 OK 25 kB URL HTTP/2 travel-guide.club/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-table.css?ver=2.1.2
IP 172.67.157.64:0
File type ASCII text, with very long lines (401)
Hash 550e6e3e5cb3b8cc090f5b2a90fb98ad
81b88a05e945d52dc796235ba2955d171cb0e000
686edb483282e0e456d0062ac8762e2a1e6130c785361a6cdb2582fa11ba1ed8
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-table.css?ver=2.1.2 HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/?ts_id=115
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:50 GMT
content-type: text/css
last-modified: Wed, 25 May 2022 19:25:04 GMT
etag: W/"628e8290-17e1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 4348115
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcuIA74JasLVHvp5kXBwLYyJD63ZQBRsPpNMx7kovAjAfnWV8mbzhhUWQYzNqG3Kmyp3INWhVju965Q8Gl8hP5AN2TV0XcovfoCmxziGvfeqIq7io2xgqCYWFF96s%2BUUlKdZHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed8dfd9aabfac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 1.2 kB IP 142.250.74.3:0
File type gzip compressed data, max compression\012- data
Hash 7bb948eda6bff3626cf856fc2a7c8a41
af2542511ea426e318f953c7dcbc8e380f8001fe
22e8b4cda11b186ebe682a49ddcfd85a90d05318d6743b6b22c21d091741b55d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
travel-guide.club/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.2
172.67.157.64200 OK 8.4 kB URL HTTP/2 travel-guide.club/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.2
IP 172.67.157.64:0
Hash fc0a84d6a1ff2a84cf11f0880e3c9f00
afbbc26e1d00bc00a19b60083720f8bd80ddaf6b
189c3fc4c725ee2214fa5c3b5678e23b67de2f729666545758521d9ed2c00528
GET /wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.2 HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/?ts_id=115
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:50 GMT
content-type: application/javascript
last-modified: Wed, 25 May 2022 19:25:04 GMT
etag: W/"628e8290-8583"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 4348115
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFjo%2FTLZ2gjbl1%2FpDLhuyGKAXahgXRwefFksK8nEyyJlFq2oLcPXhjL1Rr40woLF%2Bwy9pZ2Mh46JfcbVLYHo%2B4JWgfk318eO%2BOb5oVay%2FFuHPTF4dXnhbqXStugTS95OC83KLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed8dfd9aa6fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (581)
Size 158 kB (157726 bytes)
Hash 6519c7c04cf32a57b1c5ee45a73c233e
4939bb921988e9eb13780cc2244f3099776e9bfb
8352dd4e3e0fe82562cdc280c020fc31d2c6d054f7ead441a3b18de8ef04401b
GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://businessfox.co.uk
Connection: keep-alive
Referer: https://businessfox.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 05:37:29 GMT
expires: Thu, 21 Sep 2023 05:37:29 GMT
cache-control: public, max-age=31536000
age: 137421
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3b578aed53ee9a2ee8cccab56985f7ab
1d5182fc7bdeaa61c5d85491a15dad902fbe93c9
ed8c8c8b8979b564564ddbf0d238414a37ca578ee2b6e71a7ad73ac001f30f71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
travel-guide.club/wp-content/themes/minimalistblogger/style.css?ver=5.5.10
172.67.157.64200 OK 10 kB URL HTTP/2 travel-guide.club/wp-content/themes/minimalistblogger/style.css?ver=5.5.10
IP 172.67.157.64:0
File type ASCII text, with very long lines (993)
Hash fc7104327c0271ddb84a5d8bc09e59cf
91f0cc81c6d91390ddd6c3d2e712fb3c361b684f
4f90893ba598ad22d7d097a0e2f5af64c0c346f820580c3f9e6f3edd18e096af
GET /wp-content/themes/minimalistblogger/style.css?ver=5.5.10 HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/?ts_id=115
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:50 GMT
content-type: text/css
last-modified: Thu, 15 Apr 2021 10:28:46 GMT
etag: W/"6078155e-a621"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 1954955
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5llJk7jOqGo51USSOseMllZv%2FAglqXOKAJpBkFyMEJV%2Fy0ChSvSt8t8xlCIGeQ72ujB%2F0zGvkm3kyHAfnoI%2FGcKp0Yu38TjpF%2Fs72P7WOB2gxdNUQVvwvjI%2B3oVZnvQk26LrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed8dfd8a90fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
142.250.74.163200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23236, version 1.0\012- data
Hash 716309aab2bca045f9627f63ad79d0bf
38804233a29aaf975d557fe14e762c627bef76e0
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
GET /s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://travel-guide.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:17:25 GMT
expires: Wed, 20 Sep 2023 17:17:25 GMT
cache-control: public, max-age=31536000
age: 181825
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
travel-guide.club/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
172.67.157.64200 OK 35 kB URL HTTP/2 travel-guide.club/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 172.67.157.64:0
File type ASCII text, with very long lines (31997)
Hash 1e2643b8e3a32f531fe3266a2c1ffb57
b8f2834b7b14857c2ea105cc1520f54e8e6f0625
0c299a6bc91cbeafcf91c0b2608334ae8c71f8016bbafcd7d1e8ce02776c57c9
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/?ts_id=115
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:50 GMT
content-type: application/javascript
last-modified: Thu, 02 Apr 2020 04:25:01 GMT
etag: W/"5e85691d-17a69"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 4348115
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPuHVlpca46gC34%2F6OtQpf%2BgS2mqqcDKGINAaES6%2FMGO31aHgU49Ddlsh%2B1wYzkCcVf0KobAtlT1ro0ko8QPW7nGa6UNa%2BLJc%2Fa5cevhVFLXwaPpM0sX%2BLOM4NvsQsiHzwRMpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed8dfd9aa3fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2aaec9cbe28343d60597d0371f8ed16b
4456dfef025ab6be775cf3fec5afb553dbfe28d7
7e2ae8341c557e5f590cab1a3ba0d1207ad4a039729b7552b48b40dbb6fc53c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
travel-guide.club/wp-content/themes/minimalistblogger/js/script.js?ver=20160720
172.67.157.64200 OK 131 kB URL HTTP/2 travel-guide.club/wp-content/themes/minimalistblogger/js/script.js?ver=20160720
IP 172.67.157.64:0
File type ASCII text, with CRLF line terminators
Size 131 kB (131035 bytes)
Hash c4e9dfabd2fdb88d0e02cf9e20216147
645b20945e3f0006d2ad17c4e720c596e72cd6e9
9b3e35625ec50a2525aadc65fcfc2e6290a343be9063656ee15753c360d39253
GET /wp-content/themes/minimalistblogger/js/script.js?ver=20160720 HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/?ts_id=115
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:50 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 10:28:46 GMT
etag: W/"6078155e-f12"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 4348115
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p073%2F7us9YxLoNCmX1XQbOF7ge7nW%2FNuciDZ6KDZYD%2BhvAmzIRZOu3siy48eoKy2u82OaeUp3yICLl2%2BT8GfLiYPRjx3cNM6mYuiv0JFEk3ChyEe7lJmdfk0q3TRRTL3PzlQYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed8dfd9aaffac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.98200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (2903)
Hash 7bddebb10c9856dd90d7d6d506cbcb06
8177566dc39429d679f90c9e4ab8969efc869d00
bfecc7fd24f20d40f7cfb8d73f4224e8443b291ffce8d42d3b0b629d7db23ae9
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Thu, 22 Sep 2022 19:47:50 GMT
expires: Thu, 22 Sep 2022 19:47:50 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16172943476332775378
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 58028
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
travel-guide.club/wp-content/themes/minimalistblogger/css/font-awesome.min.css?ver=5.5.10
172.67.157.64200 OK 8.0 kB URL HTTP/2 travel-guide.club/wp-content/themes/minimalistblogger/css/font-awesome.min.css?ver=5.5.10
IP 172.67.157.64:0
File type ASCII text, with very long lines (30837)
Hash 6e144aa60ab5f70c681a772c45974a0e
02c1c8e57ba60a2533e56ceee35307d86d01df20
ab56d5f913b727f3691fef0a4bfb11a68817876b395452875740b2cdb6439ddf
GET /wp-content/themes/minimalistblogger/css/font-awesome.min.css?ver=5.5.10 HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/?ts_id=115
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:50 GMT
content-type: text/css
last-modified: Thu, 15 Apr 2021 10:28:46 GMT
etag: W/"6078155e-7918"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 1954955
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y05%2Ffb3Mt8WfdN0rQJPyp5JXDJWYy%2FVStzmf0LTUgxTl3tuWQFqaHVrDKR5yAwXRngUEpwHIKTgLFAaznos5aiGxovOYFutWowuyPFU6YRnx2cMKvNwHdgC%2Bu%2BG9yroRijfX0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed8dfd8a8efac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
travel-guide.club/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.11
172.67.157.64200 OK 20 kB URL HTTP/2 travel-guide.club/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.11
IP 172.67.157.64:0
File type ASCII text, with CR line terminators
Hash 48e75616447183f3b97b103681b37521
d1a2792f1c2309fe4a9fd7edfcb4db9897f658ea
10f0342a79bd47ceb6d065c70db2e35ccacac866041a7db74bd1d4a6397fdc9c
GET /wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.11 HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/?ts_id=115
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:50 GMT
content-type: text/css
last-modified: Wed, 25 May 2022 19:25:12 GMT
etag: W/"628e8298-121"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 4172487
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZpx9PqD7Y232Zp%2FTVKT1IVm8qfqRuXnex2srJEAhg82ywByZG90N62%2FAO7kpTDnhQr2mfy0m5KhvuR4cYp5rBr4ulSyM1oGg%2F%2FNi1XMuYxY2pTpP1KFmW6PKCxGdeohfC6%2FaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed8dfd8a8dfac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ibb.co/tYtmFCF/Useful-Guide-How-To-Help-Your-Skin-The-Korean-Way.jpg
51.210.3.236200 OK 38 kB URL HTTP/2 i.ibb.co/tYtmFCF/Useful-Guide-How-To-Help-Your-Skin-The-Korean-Way.jpg
IP 51.210.3.236:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 750x451, components 3\012- data
Hash 94bb30732eb75b32a9dbd2a27c9d52e8
6e18f309c9bff04b1d26c6079e35962e988ade38
0c33bfabd6a96e1f0a15e94461daebb4a136f9e234290c4fa558991757899e9e
GET /tYtmFCF/Useful-Guide-How-To-Help-Your-Skin-The-Korean-Way.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 19:47:49 GMT
content-type: image/jpeg
content-length: 37929
last-modified: Mon, 12 Sep 2022 15:41:40 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/zrt_lookup.html
216.58.207.226200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/zrt_lookup.html
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20220919/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Thu, 22 Sep 2022 00:13:49 GMT
expires: Thu, 06 Oct 2022 00:13:49 GMT
cache-control: public, max-age=1209600
age: 70441
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/css/fonts/fontawesome-webfont.woff?v=4.7.0
192.9.240.77404 Not Found 86 kB URL HTTP/1.1 businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/css/fonts/fontawesome-webfont.woff?v=4.7.0
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (10967), with CRLF, LF line terminators
Hash 020e4680a639cd84a62de9e5b185b397
5982ef539c266bbbffd1ac4976b1f5b75ade9603
bcd76ce0826a06258fe7c8f26bda14cfcb4fb0c13de69b066de260f704039c24
GET /wp-content/plugins/blog-sidebar-widget/public/css/fonts/fontawesome-webfont.woff?v=4.7.0 HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/css/fontawesome/font-awesome.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
date: Thu, 22 Sep 2022 19:47:49 GMT
pragma: no-cache
x-litespeed-tag: f2f_HTTP.404
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://businessfox.co.uk/wp-json/>; rel="https://api.w.org/"
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
travel-guide.club/wp-content/themes/minimalistblogger/js/skip-link-focus-fix.js?ver=20170823
172.67.157.64200 OK 844 B URL HTTP/2 travel-guide.club/wp-content/themes/minimalistblogger/js/skip-link-focus-fix.js?ver=20170823
IP 172.67.157.64:0
Hash 01b186c0e88c6bab9656dc76bd8260de
18a5cd8acf138528aefea5f990caceecd434aec0
1a3786ad52e07aded68d2bd46cc504dadccb882d5d03afb610d9a3d83a5f1765
GET /wp-content/themes/minimalistblogger/js/skip-link-focus-fix.js?ver=20170823 HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/?ts_id=115
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:50 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 10:28:46 GMT
etag: W/"6078155e-2ad"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 656750
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aSmIe8pIfLVgdc%2BclUOdsN4MS0tFPzC3XIQKnIU3I7nSnGmjVkEuLqL1G3WXgToRgl5UQgvmdFbGLgkf6GGs2CjS0bBazljTDNkOX4sdU%2B95SdrlhEMMqnMBwlxGtf2syl%2BpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed8dfd9aaefac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 51ca5853da6ab1b45b9b9d8425056853
b912e4d1ee63203030fa6efd1a77b5f02f4f86e0
a5dd1386ea0a4adc2678a71557841daec7a91a80330c7cf3dc845963c4addd3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=travel-guide.club
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=travel-guide.club
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=travel-guide.club HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 22 Sep 2022 19:47:50 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
travel-guide.club/wp-content/themes/minimalistblogger/js/jquery.flexslider.js?ver=20150423
172.67.157.64200 OK 12 kB URL HTTP/2 travel-guide.club/wp-content/themes/minimalistblogger/js/jquery.flexslider.js?ver=20150423
IP 172.67.157.64:0
File type ASCII text, with CRLF line terminators
Hash 1a25bf3aba48a63e83d660d123ee8aee
f6120aba07ce576eb074e23d4111051d7252e66c
2546f4162307845961f32d73441003a95639078d1294f4f016c9f03b24ce6b84
GET /wp-content/themes/minimalistblogger/js/jquery.flexslider.js?ver=20150423 HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/?ts_id=115
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:50 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 10:28:46 GMT
etag: W/"6078155e-d566"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 4348115
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jmbyAN7ltjIiGSsIa2bA7dzHB9O%2Bn98Wrqugn8tpZ0GBtRb6TkODjHzz0fF1XZnV%2BksNqvSKUWWRbnjIdsQuGLU8ObdYG1uQTQxMvB3%2BHgrCA7s3nb%2FjYciNqSqlBCWiFFX5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed8dfd9ab1fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 51ca5853da6ab1b45b9b9d8425056853
b912e4d1ee63203030fa6efd1a77b5f02f4f86e0
a5dd1386ea0a4adc2678a71557841daec7a91a80330c7cf3dc845963c4addd3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
travel-guide.club/wp-content/themes/minimalistblogger/js/navigation.js?ver=20170823
172.67.157.64200 OK 51 kB URL HTTP/2 travel-guide.club/wp-content/themes/minimalistblogger/js/navigation.js?ver=20170823
IP 172.67.157.64:0
Hash 604e9bd6fb6dc83342f58e0c5fa692f0
96a78e7a0aaca56b5fffbd1be759e0b52f52105e
bf3fca75578ae377a3309ded92cad7c0729398705ff9e6eeafe4bc6a5434bf87
GET /wp-content/themes/minimalistblogger/js/navigation.js?ver=20170823 HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/?ts_id=115
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:50 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 10:28:46 GMT
etag: W/"6078155e-b97"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 4348115
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJ8XO80CDRtN%2FXA1k%2BQO2dAw3tb62%2F28zJ7XjcoGkak2UKZNS7l08iwgLoyD%2BA0c0HUxSOl7PKGH%2FS6rD1%2BdGsByEdzzNv%2B3HkgJoDI5ZulvxHrZGSaPA9fL1Fla5P8srh9z1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed8dfd9aacfac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
web-security.cloud/handle?eventId=12011282&eventAppId=67&eventTypeId=1&clientId=60253396&clientUuid=354e5e3c-0fe3-4425-a2c1-972623518a2c&l=115
95.217.165.152200 OK 38 B URL HTTP/1.1 web-security.cloud/handle?eventId=12011282&eventAppId=67&eventTypeId=1&clientId=60253396&clientUuid=354e5e3c-0fe3-4425-a2c1-972623518a2c&l=115
IP 95.217.165.152:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with no line terminators
Hash f5ccbae6d60b489ddbe29a4dbdc4ac17
28b03c977a80445084b0b3188ecfb198d057d127
21b4386af1061257ca46ee90808726f154eaa8b432523ccd6e1463380794f23c
GET /handle?eventId=12011282&eventAppId=67&eventTypeId=1&clientId=60253396&clientUuid=354e5e3c-0fe3-4425-a2c1-972623518a2c&l=115 HTTP/1.1
Host: web-security.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://businessfox.co.uk
Connection: keep-alive
Referer: https://businessfox.co.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Thu, 22 Sep 2022 19:47:51 GMT
Access-Control-Allow-Headers: x-ref-url, x-event-receiver
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://businessfox.co.uk
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjVUU1NBdjdyaFF4eGk3K3RTdlRpUVE9PSIsInZhbHVlIjoiN29wMkVyaTZTUnBDVHVYeHlcLzlIaU9kOWk4OWNvOWJ3TDN4OG1EV2V4V20wRVpDZ2duZEwrQVkwNnpWNVF6UHNpWEZCVUMrSVdNUkRobHZSbUFXUWFWanRpTWNmSEU5UTBvcFh6VUNnXC9GZUJpanJtckp3MmlrQVBiREN3N1pYZyIsIm1hYyI6Ijk2ZjUyODAwMjdlYTJmM2U5YTA2YjZhMmJhOTJiYTE4MDYxYjRkYjUxNjRiNTdhODA1OWYzZjNiYTM1YjljMDcifQ%3D%3D; expires=Thu, 22-Sep-2022 21:47:51 GMT; Max-Age=7200; path=/; samesite=lax
pandora_b_session=eyJpdiI6ImFCVnk5d3RHcjF0eW9iTkpPM3d1MkE9PSIsInZhbHVlIjoieEpJTTVYVGt1OWJaNjRYSDYyaTJTMnFHWDFIUzNsQk5oaU1aYmRBWkxKbU8rNmFoWFhPYzRKdkVKb2xOVWRvS3FaMmJ2MTNydDFOd25mVXJEOGdzakRFWHBuTGx1QWgzQ3FFeEF0WHg5WVwvUlQycVJKRyswU3NhTnB3ZGIrcUE5IiwibWFjIjoiNTBiOGZiZGExNWIyMmE0MzQxMTdhYzJhYTM3MDkxYTVlNGIxY2M0NzU2MjI1OTZmZDE1N2M3YjhjZGNjZjc3ZiJ9; expires=Thu, 22-Sep-2022 21:47:51 GMT; Max-Age=7200; path=/; httponly; samesite=lax
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 10ae49480aecaf4bbe48fe413fb884f5
eaf76e35924e7e2465d8d51f81e1a39da508a496
dee36f9aa3d11c1b3d6802fa611adea95ed277212e47f16392cd49f3161e205b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
travel-guide.club/?ts_id=115
172.67.157.64200 OK 18 kB URL HTTP/2 travel-guide.club/?ts_id=115
IP 172.67.157.64:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2264), with CRLF, LF line terminators
Hash 2bf0631bcd52b66c2887efefd1d2fcae
534e9a86d28283a1df40629982e9f4a06b6598d6
769e41edb579ec96bbe2247887b48f45ff3435f9051e377e99a1b5f131ca04de
GET /?ts_id=115 HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:49 GMT
content-type: text/html; charset=UTF-8
link: <https://travel-guide.club/wp-json/>; rel="https://api.w.org/"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2B8c5VziWwl70bSG3o60QvXmIuX8cgoYBE8WxLVdzXXO7BOL2r2SphlhUceZLigHIsiwU4oEp58Rxl%2Be7aQl5CiBVCm8LaOdLKWGUedcNUvJNNFV%2B9AfTbKmJObRU9Ngbgn3LA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed8dfb991dfac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 11:30:52 GMT
expires: Fri, 22 Sep 2023 11:30:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 29819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e1b099985efaf8c67552ba2a67ae2a21
b464042a8dd957fd751bc03701e5907b85a02099
e715e3919eba0991fffa4e7123e5561c7190ec5cd6d10d64430be810650486a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 19:33:04 GMT
expires: Thu, 22 Sep 2022 19:48:04 GMT
cache-control: public, max-age=900
age: 887
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e1b099985efaf8c67552ba2a67ae2a21
b464042a8dd957fd751bc03701e5907b85a02099
e715e3919eba0991fffa4e7123e5561c7190ec5cd6d10d64430be810650486a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/css/fonts/fontawesome-webfont.ttf?v=4.7.0
192.9.240.77404 Not Found 86 kB URL HTTP/1.1 businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/css/fonts/fontawesome-webfont.ttf?v=4.7.0
IP 192.9.240.77:0
ASN #31898 ORACLE-BMC-31898
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (10967), with CRLF, LF line terminators
Hash 01d18fa24245449b940f4e487fa269ee
085f1547cb6f0b4b0d9ab88f6a5f70595aad4405
e935d881f6f46e6833504d02c93101c2fee47a3a59f4e8f468687d0c5d560204
GET /wp-content/plugins/blog-sidebar-widget/public/css/fonts/fontawesome-webfont.ttf?v=4.7.0 HTTP/1.1
Host: businessfox.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/wp-content/plugins/blog-sidebar-widget/public/css/fontawesome/font-awesome.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
date: Thu, 22 Sep 2022 19:47:50 GMT
pragma: no-cache
x-litespeed-tag: f2f_HTTP.404
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://businessfox.co.uk/wp-json/>; rel="https://api.w.org/"
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 22 Sep 2022 19:47:51 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 869888e1890c222872a5ff515e402f71
871286989c0d3639dba0a84b8e43b8f29414024a
0b4c15ba6ed6d9dc0b6a64ef4f9935061a66ff1dadf1827b202933b62b04f680
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 0fc81bb6ee0baccbe4451851c4515cdc
418bc4c04abe2cf45b83f2b58cf4185fb46fe899
e23bb10550331757e6a02c1a754ad18d627992741447053a716be9f147551d84
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 22 Sep 2022 19:47:51 GMT
server: ESF
cache-control: private
content-length: 30878
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/SBzw6wDR40Q/default.webp
216.58.207.214200 OK 1.6 kB URL HTTP/2 i.ytimg.com/vi_webp/SBzw6wDR40Q/default.webp
IP 216.58.207.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x90, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9e43961382f8318cc5c4016da3b31a97
b12988dea59c733d03bd8e15589a8469a1dc8700
a7d7064a2a795ab3c6b829c7c01a80f0190054ca7f3a0bf46ae1a1a2a98c4c5b
GET /vi_webp/SBzw6wDR40Q/default.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 1618
date: Thu, 22 Sep 2022 19:47:51 GMT
expires: Thu, 22 Sep 2022 21:47:51 GMT
cache-control: public, max-age=7200
etag: "1606256350"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 431d8d975ae7d9cf373357abfd09ab5d
cb817c99081218faa2f2ec8106a0541d9e6199b2
2bc4b2e524eab80d264ce69097ab7a797ef44469821c4e77b1980023c6fcc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 09a7b0e5b84c483fa9df81e325092d4b
e57713307a2c18a615e3b5e9e21e83b249ecaa46
49478b42b349d714a37ed968b88193ac5269b4bb6dbdd73073bef8fe2092ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/L9p5C1DxCnZgj3B7nbPA-hxHU9-raoFkwZraN6jHlAPLIXIU9kE3R4YqXltKG1Ps7yahvEeR5Vc=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.0 kB URL HTTP/2 yt3.ggpht.com/L9p5C1DxCnZgj3B7nbPA-hxHU9-raoFkwZraN6jHlAPLIXIU9kE3R4YqXltKG1Ps7yahvEeR5Vc=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash c3ce345cf408a9a098a40447519f8da5
6b8cef6723b3371c1d64fbb86a017c0ca644525e
b7d69bf8866b1c97ce57b8b0d531e7a9ceda12c9a1df73077693f5d134ff04d8
GET /L9p5C1DxCnZgj3B7nbPA-hxHU9-raoFkwZraN6jHlAPLIXIU9kE3R4YqXltKG1Ps7yahvEeR5Vc=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2027
x-xss-protection: 0
date: Thu, 22 Sep 2022 19:40:23 GMT
expires: Wed, 15 Jun 2022 07:12:43 GMT
cache-control: public, max-age=86400, no-transform
age: 448
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 431d8d975ae7d9cf373357abfd09ab5d
cb817c99081218faa2f2ec8106a0541d9e6199b2
2bc4b2e524eab80d264ce69097ab7a797ef44469821c4e77b1980023c6fcc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 22 Sep 2022 19:47:52 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 87867f1add08e5c81cc42a144242fa2c
e557de9b51a95b8b7fd58ae620046e7234166739
0c8000a0c65e9e140105ea71dc6057a75832ae2cbb8ea238dcfe9ba1a8307924
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1150
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 22 Sep 2022 19:47:52 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
travel-guide.club/budapest-through-the-eyes-of-a-local-resident/
172.67.157.64200 OK 18 kB URL HTTP/2 travel-guide.club/budapest-through-the-eyes-of-a-local-resident/
IP 172.67.157.64:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2264), with CRLF, LF line terminators
Hash 1d69bee1536d24134c26c152834b7f91
741a1345d1d6bf2576a6049c01264cb974ac6a88
dbecc84ba85fdc2063fc30ea1f585cdd3ce54293373b557fdc4fc614d08eaa33
GET /budapest-through-the-eyes-of-a-local-resident/ HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:54 GMT
content-type: text/html; charset=UTF-8
x-pingback: https://travel-guide.club/xmlrpc.php
set-cookie: pvc_visits[0]=1663962474b579; expires=Fri, 23-Sep-2022 19:47:54 GMT; Max-Age=86400; path=/; secure; HttpOnly
link: <https://travel-guide.club/wp-json/>; rel="https://api.w.org/", <https://travel-guide.club/wp-json/wp/v2/posts/579>; rel="alternate"; type="application/json", <https://travel-guide.club/?p=579>; rel=shortlink
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKrtX6DmfcCbXa3GmW1BmjQFowcOJV3c4DoWY8HdjB5BbXTCwjpG%2BpMjfbNUPUgUzOidVOffjG7eD4Qrv9gxCRarjrXsN4MHGkNKDc%2FPbZbtEi42hjLzXeg8ee3eODi%2Bs%2B1lmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed8e19ef83fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
travel-guide.club/wp-content/uploads/2019/11/budapesht-glazami-mestnogo-zhitelya-8.jpg
172.67.157.64200 OK 129 kB URL HTTP/2 travel-guide.club/wp-content/uploads/2019/11/budapesht-glazami-mestnogo-zhitelya-8.jpg
IP 172.67.157.64:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x640, components 3\012- data
Size 129 kB (128726 bytes)
Hash 84be38567466d1ad90e162b57cc2dc59
2eb74c308fda0cc006bf603ae52d304dfe266913
16f054fe0973f20266018771bdee0e49766254953c9645455b671d0cc0122619
GET /wp-content/uploads/2019/11/budapesht-glazami-mestnogo-zhitelya-8.jpg HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/budapest-through-the-eyes-of-a-local-resident/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:54 GMT
content-type: image/jpeg
content-length: 128726
last-modified: Thu, 02 Apr 2020 04:25:00 GMT
etag: "5e85691c-1f6d6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 4089910
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBy0VSID9s94biifSE9WdIdbqesmamGF0RSiEWKhj0j%2Bd8Bt%2FI9PdA44bKe0hooyYnEV7Tbjmdm1Aqg9I8AbMd78GM4P0c%2BSqBYWxdLHgWQJwRSI1AhgbL5VQJ%2BtUnH5RRBurw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed8e1be943fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
142.250.74.163200 OK 0 B URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 142.250.74.163:0
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://businessfox.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:30:59 GMT
expires: Thu, 21 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 87409
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
travel-guide.club/wp-content/plugins/cookie-law-info/admin/modules/ccpa/assets/js/cookie-law-info-ccpa.js?ver=2.1.2
172.67.157.64200 OK 0 B URL HTTP/2 travel-guide.club/wp-content/plugins/cookie-law-info/admin/modules/ccpa/assets/js/cookie-law-info-ccpa.js?ver=2.1.2
IP 172.67.157.64:0
GET /wp-content/plugins/cookie-law-info/admin/modules/ccpa/assets/js/cookie-law-info-ccpa.js?ver=2.1.2 HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/?ts_id=115
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:50 GMT
content-type: application/javascript
last-modified: Wed, 25 May 2022 19:25:04 GMT
etag: W/"628e8290-1ca0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 4348115
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdvLRQkjgEvdO4knItcp2cGpzHKLBmMic7W1atGDsyXPF9KmOo5lwq2C%2BQIDEOvOEudPib%2BVckMLlFDYzqgu9Vp0a40o6%2F66HR2%2F0wWZ0SQbgii4mjElwiVd6NjaTaLJpA8FFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed8dfd9aa7fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CSource+Sans+Pro%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COleo+Script%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPlayfair+Display%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPlayfair+Display%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPlayfair+Display%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPlayfair+Display%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPlayfair+Display%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CQuestrial%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7C&ver=6.0.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CSource+Sans+Pro%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COleo+Script%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPlayfair+Display%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPlayfair+Display%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPlayfair+Display%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPlayfair+Display%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPlayfair+Display%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CQuestrial%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7C&ver=6.0.2
IP 142.250.74.10:0
GET /css?family=Poppins%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CSource+Sans+Pro%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COleo+Script%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPlayfair+Display%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPlayfair+Display%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPlayfair+Display%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPlayfair+Display%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPlayfair+Display%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CQuestrial%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7C&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://businessfox.co.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 19:47:47 GMT
date: Thu, 22 Sep 2022 19:47:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
travel-guide.club/wp-includes/js/wp-embed.min.js?ver=5.5.10
172.67.157.64200 OK 0 B URL HTTP/2 travel-guide.club/wp-includes/js/wp-embed.min.js?ver=5.5.10
IP 172.67.157.64:0
GET /wp-includes/js/wp-embed.min.js?ver=5.5.10 HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/?ts_id=115
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:50 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 21:33:59 GMT
etag: W/"6078b147-592"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 1954955
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gb%2FD2EWhS6weCeay30I%2BdrKYOQdWZjiM%2Bbl6wYTTcgSZA9TltIr3MOhR4IT4hlEb1qR%2FU%2FMefdEk1BPpK0xlgBhMrz4uw1eGxhHOjK%2FGRxbsi28ZYTmynbdQOTlVHxLL49hL7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed8dfd9ab3fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
travel-guide.club/wp-includes/css/dist/block-library/style.min.css?ver=5.5.10
172.67.157.64200 OK 0 B URL HTTP/2 travel-guide.club/wp-includes/css/dist/block-library/style.min.css?ver=5.5.10
IP 172.67.157.64:0
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.5.10 HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/?ts_id=115
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:50 GMT
content-type: text/css
last-modified: Thu, 26 Nov 2020 22:44:30 GMT
etag: W/"5fc02fce-d293"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 1954954
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5PjWF2vsdzFHe%2BxJeP4qDbp%2FoJE0X38q7NoUR1yA6rco6xlhwzU8xCFcODOZ%2ByOtIvt1YFMZ11rnPm7aSoNRhe5CVnPZzv7FJajCDtwXOH%2B%2Bc%2FlpXbleK%2FIiYHcI0JHTT6bGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed8dfd7a7cfac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
travel-guide.club/wp-includes/css/dashicons.min.css?ver=5.5.10
172.67.157.64200 OK 0 B URL HTTP/2 travel-guide.club/wp-includes/css/dashicons.min.css?ver=5.5.10
IP 172.67.157.64:0
GET /wp-includes/css/dashicons.min.css?ver=5.5.10 HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/?ts_id=115
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:50 GMT
content-type: text/css
last-modified: Thu, 15 Apr 2021 21:33:59 GMT
etag: W/"6078b147-e687"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 1954955
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lImNHnrwdUkJfmj%2FCKEnNzEIULPi1dpheAdDOZYEQfQ3CB5BMEBfyiuAttH7p1sAlu09SaOXsC8QluI08xanTGeQCzWnt1g8UViPt9xl0yFeBVXs4g3chLoqlU1Q5qtybbiNkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed8dfd7a87fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
travel-guide.club/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2
172.67.157.64200 OK 0 B URL HTTP/2 travel-guide.club/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2
IP 172.67.157.64:0
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2 HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/?ts_id=115
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:50 GMT
content-type: text/css
last-modified: Wed, 25 May 2022 19:25:04 GMT
etag: W/"628e8290-c22"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 4348114
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csjGSDCc0yySK%2BP5DDXlQEsdybMC53kIhSDrOaEW%2B0Xuu45G3BQCEz3F6Lp%2FJxGa1uLVvO8fzNTJMlqvxxq5gFZG0p5X6ghoc65M3pwgqfOpn0znZ%2BNNXy0arqVwc%2F9GJvBldw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed8dfd7a81fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
travel-guide.club/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.2
172.67.157.64200 OK 0 B URL HTTP/2 travel-guide.club/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.2
IP 172.67.157.64:0
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.2 HTTP/1.1
Host: travel-guide.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travel-guide.club/?ts_id=115
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:47:50 GMT
content-type: text/css
last-modified: Wed, 25 May 2022 19:25:04 GMT
etag: W/"628e8290-6a71"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 4348115
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=faK2yW2QqkdNxPQEItZtJtGutEtnEAIlapk6U5NtuF3z%2BmOhfTTD4RAF%2BQBLI%2BYW8cseQnBQSBBAj%2B2mTAbOcK1pr6eSuK7qcBHUl6cRsh9DAeUgibTg280g5CuusUo9cLEONw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed8dfd7a86fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2