bonfirebread.com.au/
198.71.233.36301 Moved Permanently 195 B IP 198.71.233.36:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 609d8157cc4cb5dac76f03dc7d021529
f77822e62542d493ea7c21aa034d11bffe3ee728
45e85985bd1a9a6bd36b18040cf23a919e025905c18d334a7ef3694d64b4b48a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Age: 9979
Content-Encoding: gzip
Content-Length: 195
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 19 Sep 2022 08:54:19 GMT
Location: https://bonfirebread.com.au/
Vary: User-Agent, Accept-Encoding
X-Backend: local
X-Cache: cached
X-Cache-Hit: HIT
X-Cacheable: YES:Forced
X-Cacheproxy-Retries: 0/2
X-Content-Type-Options: nosniff
X-Php-Version: 7.4
X-Xss-Protection: 1; mode=block
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 11:12:40 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 84RBx3oae2_7bbNBlkL9SMxFD2qE2iku-vt4OEyLt1v0TgeZ6oYZ8A==
Age: 1679
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash adb43321efa5cd1662993b701ff25fa4
1299dcea7e9c59d9f22f39d69025484fe71098c1
2c25a6717245be3746f1412af9dd1c351e12dbb93e8e08c3ddcdacf35e419514
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C25A6717245BE3746F1412AF9DD1C351E12DBB93E8E08C3DDCDACF35E419514"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17525
Expires: Mon, 19 Sep 2022 16:32:44 GMT
Date: Mon, 19 Sep 2022 11:40:39 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8XVhuscBKBBZb1LL_0A1hYn1XdS6vGAf3gRVqKQf0-QOuRS8ZFL88Q==
age: 25526
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 11:40:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 68548773bab6d9180c02afa1d8867472
7ec0f6881b3210b57ab31be19b3e9831c8a66e14
810fdd4f75cb6b36bda7f6899d2cb2d8737c2a4e1fbcee4e0230fbac21a54200
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 19 Sep 2022 11:40:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 18 Sep 2022 22:59:39 GMT
Expires: Mon, 19 Sep 2022 22:59:39 GMT
ETag: "7ec0f6881b3210b57ab31be19b3e9831c8a66e14"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
bonfirebread.com.au/
198.71.233.156200 OK 9.3 kB IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash d6ef977718512253ad869cfadf62b81e
f94e118ec65880eb2e0552f180458d6c19f49e4b
3cabe39078cd2bfac30a126150611cd668569d94c21b8c97e4900de26e49d0be
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: text/html; charset=UTF-8
content-length: 9285
accept-ranges: bytes
age: 9979
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=300
vary: Accept-Encoding, User-Agent
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,0,24
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 11:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 11:20:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CM12D44r_DvatT7aYVFwQQYN_N-6WFDZ0TLBKJ9N0HDBoGEB9P9_Ew==
Age: 2238
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5c817aa82ca8ed4a4257fd1e1628b423
7905c62b6bbc582860c07b75eddae371a4b8d02b
dce1783ecfe50c83d30878b48d60e1cf3fe42a3fa4090fb5d318194de73e53d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5539
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 11:40:40 GMT
Last-Modified: Mon, 19 Sep 2022 10:08:21 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css?ver=5.1.3
151.101.85.229200 OK 24 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css?ver=5.1.3
IP 151.101.85.229:0
File type Unicode text, UTF-8 text, with very long lines (65306)
Hash 57a992194d8a5b4bbd4ade561fd348bb
bb66f00fe168c6df50af51abdededdfceb15c59f
be95ec6ab71f5fa87401a698cb9566490258fa9012bb0e8467920b0f74163a0a
GET /npm/bootstrap@5.1.3/dist/css/bootstrap.min.css?ver=5.1.3 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.1.3
x-jsd-version-type: version
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 19 Sep 2022 11:40:40 GMT
age: 12389796
x-served-by: cache-fra19136-FRA, cache-bma1661-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23938
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.min.js?ver=5.1.3
151.101.85.229200 OK 16 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.min.js?ver=5.1.3
IP 151.101.85.229:0
File type ASCII text, with very long lines (58940)
Hash 91c21574e43063d0417cf89a625f5cc8
c4f08091738869a949c33566f06ae72a34bf5e50
cf0cae076ca89b7a8b14200227016f507749c915e5bee173717eba8268318cbb
GET /npm/bootstrap@5.1.3/dist/js/bootstrap.min.js?ver=5.1.3 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.1.3
x-jsd-version-type: version
etag: W/"e753-GQgMO4F5hTNqq14c5pJcmYA/Lv0"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 19 Sep 2022 11:40:40 GMT
age: 10759219
x-served-by: cache-fra19180-FRA, cache-bma1661-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16337
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.8.3
198.71.233.156200 OK 1.3 kB URL HTTP/2 bonfirebread.com.au/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.8.3
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (4933), with no line terminators
Hash d2d7f4c273d3b4cd972a337969b14754
b441775d1dcba61a5234df0256a40c7f58a8b059
fcfdbdf2a45072bbb545934d419cf76e5272d3193742eb8b659e938cafab4cdf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.8.3 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: text/css
content-length: 1286
accept-ranges: bytes
age: 183648
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 01 Aug 2022 12:45:48 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash d068763047214880544c4fe40b327376
254a8588a004478d5bd707352a38ae839e5f5e10
41ab3779b53bfcadd66aa71edca6ec70d6e3d76568e85995789fc088fe0968b2
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 11:40:40 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "2BC1C3F05D4FA601071C69BEDAA14068EF0556FE"
Expires: Mon, 19 Sep 2022 22:00:00 GMT
Last-Modified: Mon, 19 Sep 2022 10:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3515
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74d20c411cd1b51b-OSL
bonfirebread.com.au/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.8.3
198.71.233.156200 OK 22 kB URL HTTP/2 bonfirebread.com.au/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.8.3
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash d1c79b3d421c348277ebe3df2678e919
4a4eea8629662b1556e1b7cf793a33b83a98c709
4895dd35591c52a1392ad0e29652a0b01a96ffac7d010d3a672b1ae60b3aaf08
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.8.3 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: text/css
content-length: 22458
accept-ranges: bytes
age: 183648
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 01 Aug 2022 12:45:48 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
198.71.233.156200 OK 12 kB URL HTTP/2 bonfirebread.com.au/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (43771)
Hash e5548800176e913a9084f47a3e1e04f6
eff4604acc5c26ae82a19188de2f98bf5b79d80c
a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: text/css
content-length: 11681
accept-ranges: bytes
age: 191479
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 12 Sep 2022 15:17:23 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1
198.71.233.156200 OK 972 B URL HTTP/2 bonfirebread.com.au/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: text/css
content-length: 972
accept-ranges: bytes
age: 183648
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 01 Aug 2022 12:38:34 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.7.0
198.71.233.156200 OK 2.6 kB URL HTTP/2 bonfirebread.com.au/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.7.0
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (17809), with no line terminators
Hash d45c9e0b4109fd68bc2eaae40d01f61a
f0fd80fcb3e8b7a9d95782d0f0c79ddc19b2fa96
072aa95bd2ad493914030593b84c611b2dfcc39444f726ddab52751f4b4bf926
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.7.0 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: text/css
content-length: 2554
accept-ranges: bytes
age: 183648
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 01 Aug 2022 12:45:36 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.7.0
198.71.233.156200 OK 8.9 kB URL HTTP/2 bonfirebread.com.au/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.7.0
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Hash 6c8772ecf168559902155fb7bbbb6ff5
437a2c6b53493b57f4dd490368c53070c903be85
afcaf780edbf3bc69ee80db3e8b9420cc1c7a458b270bf7df979f53a21136288
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.7.0 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: text/css
content-length: 8895
accept-ranges: bytes
age: 183648
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 01 Aug 2022 12:45:36 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/themes/bornfirebread/style.css?ver=1.0.0
198.71.233.156200 OK 1.0 kB URL HTTP/2 bonfirebread.com.au/wp-content/themes/bornfirebread/style.css?ver=1.0.0
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash bcdcc8d3c0b6ab3f08ca2b670916087f
a2da13af921b7d29f7f3869ba5890e167d5c1999
df9d5de4bce15b0d5e7bbf3e390fb7e498065e78aed82f5ab2de4f81cb9b6074
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bornfirebread/style.css?ver=1.0.0 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: text/css
content-length: 1021
accept-ranges: bytes
age: 191479
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 24 Aug 2022 12:49:01 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/themes/bornfirebread/assets/fonts/stylesheet.css?ver=1.0.0
198.71.233.156200 OK 136 B URL HTTP/2 bonfirebread.com.au/wp-content/themes/bornfirebread/assets/fonts/stylesheet.css?ver=1.0.0
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 74c2a26f109ac421fe61bbc6320423c0
99ede671562868ea2d44aa052cf17dab0334f1a5
24029c7dadbae577236e94d3981aef193695ab0c7465dca6578e53fbe7257cd1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bornfirebread/assets/fonts/stylesheet.css?ver=1.0.0 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: text/css
content-length: 136
accept-ranges: bytes
age: 183648
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Jul 2022 09:06:00 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/themes/bornfirebread/assets/css/style.css?ver=1.0.0
198.71.233.156200 OK 3.6 kB URL HTTP/2 bonfirebread.com.au/wp-content/themes/bornfirebread/assets/css/style.css?ver=1.0.0
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (438), with CRLF line terminators
Hash 23b8fbd22fd9226d63f405df4d346345
3b24f675b8cc4b7396ff666bb58583f0e1ecb7d0
968265169d8b7c5530445fdfa456a7479855e159223db77b7c763b4907d21e0e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bornfirebread/assets/css/style.css?ver=1.0.0 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: text/css
content-length: 3625
accept-ranges: bytes
age: 183648
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 17 Aug 2022 09:24:00 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/themes/bornfirebread/assets/css/app.css?ver=1.0.0
198.71.233.156200 OK 713 B URL HTTP/2 bonfirebread.com.au/wp-content/themes/bornfirebread/assets/css/app.css?ver=1.0.0
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 1bf8817a1543056113a5d3eb945c6ed4
f29326de8279399f7c68abc39046128ce3f0060e
6d12bed886d7f770e4916b2d1312b1c09b3edacc737ba2605bb0e3c448ce4446
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bornfirebread/assets/css/app.css?ver=1.0.0 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: text/css
content-length: 713
accept-ranges: bytes
age: 183648
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Aug 2022 06:25:12 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/themes/bornfirebread/assets/js/custume.js?ver=1.0.0
198.71.233.156200 OK 200 B URL HTTP/2 bonfirebread.com.au/wp-content/themes/bornfirebread/assets/js/custume.js?ver=1.0.0
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash f4a1dadff4bdbf8a98f65d950ab277f3
0fd86ce932d6aa53053b944e628d6079cce5ca46
e650b63a8b58e7a613a32125ab29fe2893e46d6c80657e38f81ee6cbd6f53342
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bornfirebread/assets/js/custume.js?ver=1.0.0 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: application/javascript
content-length: 200
accept-ranges: bytes
age: 189274
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 04 Aug 2022 12:31:51 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
198.71.233.156200 OK 4.2 kB URL HTTP/2 bonfirebread.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: application/javascript
content-length: 4169
accept-ranges: bytes
age: 191479
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 12 Sep 2022 15:17:24 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/themes/bornfirebread/assets/css/media.css?ver=1.0.0
198.71.233.156200 OK 2.6 kB URL HTTP/2 bonfirebread.com.au/wp-content/themes/bornfirebread/assets/css/media.css?ver=1.0.0
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 1db665db69c6b97642f8b36419c41c3e
375d71e741b8ef391b69210c7a28c1bba00ad023
be01d5c160377274f5169c2bc7d819e728ef27f6ec2486c0c6123db83eeed805
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bornfirebread/assets/css/media.css?ver=1.0.0 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: text/css
content-length: 2551
accept-ranges: bytes
age: 183648
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Aug 2022 05:22:16 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
198.71.233.156200 OK 31 kB URL HTTP/2 bonfirebread.com.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: application/javascript
content-length: 30908
accept-ranges: bytes
age: 191479
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 12 Sep 2022 15:17:24 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/uploads/2022/08/cropped-Bitmap-3.png
198.71.233.156200 OK 17 kB URL HTTP/2 bonfirebread.com.au/wp-content/uploads/2022/08/cropped-Bitmap-3.png
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 318 x 235, 8-bit/color RGBA, non-interlaced\012- data
Hash 7bfd03d834df9e6dec2f39a810455cbc
0cf0c97b713a18468c7cb9f4ab679766a094269a
3b8581cf0f7c9e2e8165ca9e05ddbd6f930df8cc0ad7615a0ef1d829d9b0798c
GET /wp-content/uploads/2022/08/cropped-Bitmap-3.png HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: image/png
content-length: 16877
accept-ranges: bytes
age: 183648
content-security-policy: upgrade-insecure-requests
etag: "41ed-5e52af813fd40"
last-modified: Mon, 01 Aug 2022 09:53:17 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.7.0
198.71.233.156200 OK 982 B URL HTTP/2 bonfirebread.com.au/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.7.0
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1668)
Hash e66463f2023b738680c9bdefece69a37
315dc8e6ebdfb18c662851244ee33e2758ad3c83
fd83e7fc6d81aa6f6680ea640e9c086aa1950a17757a582aa74ea9797a70f346
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.7.0 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: application/javascript
content-length: 982
accept-ranges: bytes
age: 189274
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 01 Aug 2022 12:45:36 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.7.0
198.71.233.156200 OK 794 B URL HTTP/2 bonfirebread.com.au/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.7.0
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (2139), with no line terminators
Hash 29307e8dec33cf3411ca4e1f2c84e9d0
484402289464d7ffb1475827f3438329d520bfc6
a2db59efaa416ef0c9d5d58f142cd5e44c475348cff20a664586fd3cda1b5f5b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.7.0 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: application/javascript
content-length: 794
accept-ranges: bytes
age: 189274
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 01 Aug 2022 12:45:36 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.7.0
198.71.233.156200 OK 1.1 kB URL HTTP/2 bonfirebread.com.au/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.7.0
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash f46e666160800ab91bb12cccc7555662
63b98922823c1f54ed1a96e1dcd0c227e3e51419
f5cc9892eb6b336791126838b53edfe9dc4b12b99aae085cadf52d8e734f5c68
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.7.0 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: application/javascript
content-length: 1086
accept-ranges: bytes
age: 189274
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 01 Aug 2022 12:45:36 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
198.71.233.156200 OK 7.1 kB URL HTTP/2 bonfirebread.com.au/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 2f4fcc5a628b379672d76b7e91cbdf07
9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: application/javascript
content-length: 7095
accept-ranges: bytes
age: 191479
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 12 Sep 2022 15:17:24 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/uploads/2022/08/youtube.svg
198.71.233.156200 OK 986 B URL HTTP/2 bonfirebread.com.au/wp-content/uploads/2022/08/youtube.svg
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (986), with no line terminators
Hash 6d174d6aca3eccee667f85740702f9f6
15e516c27f801e98e08df4437be76cc7256edbf2
7b4e58b31892bd94bf91fef683a8cea8f60026558cb74bb4390aac83c0ceee82
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/08/youtube.svg HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: image/svg+xml
content-length: 986
accept-ranges: bytes
access-control-allow-origin: *
age: 65909
content-security-policy: upgrade-insecure-requests
etag: "3da-5e52b48e6e840"
last-modified: Mon, 01 Aug 2022 10:15:53 GMT
strict-transport-security: max-age=300
vary: User-Agent
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.39.175.179101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.175.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I6hmEa/6BJlCVvzP0BA8uw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zmKQ+d7sLcAPU6xcie2gN4Iwz9Q=
bonfirebread.com.au/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.7.0
198.71.233.156200 OK 3.5 kB URL HTTP/2 bonfirebread.com.au/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.7.0
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (9139)
Hash d6c87c7221011e280d3bb60eb9c598e4
93aa9b7f17b91719689519d4439c10d884063296
0acd2e4b6cc50829b1fb1e12b55ed2b72b201631e908a80171d39ef4a9570724
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.7.0 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: application/javascript
content-length: 3493
accept-ranges: bytes
age: 189274
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 01 Aug 2022 12:45:36 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/uploads/2022/08/Grain-SD.jpg
198.71.233.156200 OK 54 kB URL HTTP/2 bonfirebread.com.au/wp-content/uploads/2022/08/Grain-SD.jpg
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 340x340, components 3\012- data
Hash bee60b900d2ecbb8dd6176aed6e474d4
3222432ab3d6a0963d3627be73161de79084cbd3
b1b7a872650a3adbbd6ac10104e53945d09035b1691edc5fe91a0a9945bfa0ba
GET /wp-content/uploads/2022/08/Grain-SD.jpg HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: image/jpeg
content-length: 54478
accept-ranges: bytes
age: 191479
content-security-policy: upgrade-insecure-requests
etag: "d4ce-5e77633467131"
last-modified: Tue, 30 Aug 2022 14:28:55 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/themes/bornfirebread/js/navigation.js?ver=1.0.0
198.71.233.156200 OK 1.0 kB URL HTTP/2 bonfirebread.com.au/wp-content/themes/bornfirebread/js/navigation.js?ver=1.0.0
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash cb5adff64bb85b7f1db7168c218685a0
660af66623ba284e3e2523edcccbf21f3e8e8427
7b5ee2a4e978939f9b63c9ce187bd7a5ca926ccdee5d76518effd3648cc0e75c
GET /wp-content/themes/bornfirebread/js/navigation.js?ver=1.0.0 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: application/javascript
content-length: 1049
accept-ranges: bytes
age: 189274
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 01 Aug 2022 03:31:28 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1
198.71.233.156200 OK 6.6 kB URL HTTP/2 bonfirebread.com.au/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (21904), with no line terminators
Hash 84b522e453de98f4c752212b565dc5ff
3cefbfd41d84908870c0467fb449ff8917fc63bd
7c4a8a4e66df5634e99f175ddad90146b5486b3d7d7fa120bdf9fafe0203c02b
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: application/javascript
content-length: 6559
accept-ranges: bytes
age: 189274
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 01 Aug 2022 12:38:34 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.7.0
198.71.233.156200 OK 1.0 kB URL HTTP/2 bonfirebread.com.au/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.7.0
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (2938), with no line terminators
Hash 45db3d2887c26700a51bf469e3bb3aa1
d070b5fb53d2fbb66964bbfd482270b855d0ee96
1abc0cff49f82d9a063c04cd086b991af6ad00467efc4cb8d8d4e3c9a0f95777
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.7.0 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: application/javascript
content-length: 1039
accept-ranges: bytes
age: 189274
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 01 Aug 2022 12:45:36 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
198.71.233.156200 OK 5.0 kB URL HTTP/2 bonfirebread.com.au/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: application/javascript
content-length: 5009
accept-ranges: bytes
age: 191505
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 12 Sep 2022 15:17:24 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
198.71.233.156200 OK 2.5 kB URL HTTP/2 bonfirebread.com.au/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (6475), with no line terminators
Hash 27cbbd0a9d7c5ad9402118c4afc36035
7659d08a005f5ecfa6c779e3cda45c30007fd059
ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: application/javascript
content-length: 2457
accept-ranges: bytes
age: 191479
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 12 Sep 2022 15:17:24 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4ee5c6443c11da4a5cf7ea801cd0c62f
e742a7ee1cbedf1a23a82361f3873dbc165f927c
e3682e49ed03efcf590a500154380807b54433f8344923e9017994bdf0d46924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 11:40:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bonfirebread.com.au/wp-content/uploads/2022/08/ACO-BB-Cropped-1.png
198.71.233.156200 OK 21 kB URL HTTP/2 bonfirebread.com.au/wp-content/uploads/2022/08/ACO-BB-Cropped-1.png
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 213 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash 6f8446507059647f9bc86c6d80adcaa1
e1995b5295bcf368fda3b96d8e0aa91ebd5ee9b5
bf72463e7fcf050c87e6a7acac15cb9dac97fcb97c85f4f4e1538e47cf39a1b0
GET /wp-content/uploads/2022/08/ACO-BB-Cropped-1.png HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: image/png
content-length: 21271
accept-ranges: bytes
age: 191479
content-security-policy: upgrade-insecure-requests
etag: "5317-5e78598734340"
last-modified: Wed, 31 Aug 2022 08:50:57 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/uploads/2022/08/facebook.svg
198.71.233.156200 OK 580 B URL HTTP/2 bonfirebread.com.au/wp-content/uploads/2022/08/facebook.svg
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (580), with no line terminators
Hash 50ec0025289265ea42c1c711877d56d3
3264fcd9886757a5a0f1325bf816c77e33254f31
51bbd7ca1619957668e4b465a3e59e27f861651db104afd20bb1b4c81cbb743b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/08/facebook.svg HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: image/svg+xml
content-length: 580
accept-ranges: bytes
access-control-allow-origin: *
age: 65909
content-security-policy: upgrade-insecure-requests
etag: "244-5e52b4a08d300"
last-modified: Mon, 01 Aug 2022 10:16:12 GMT
strict-transport-security: max-age=300
vary: User-Agent
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/uploads/2022/08/instagram.svg
198.71.233.156200 OK 1.1 kB URL HTTP/2 bonfirebread.com.au/wp-content/uploads/2022/08/instagram.svg
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1090), with no line terminators
Hash 958435b330081ef9160cd74a65411faa
331a851e79b1c15bd2e31ecb2986bd03a4233603
dc9574e765730096b5b6c4d77950975d23316fd5b983de3af48e9bacb3a37763
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/08/instagram.svg HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: image/svg+xml
content-length: 1090
accept-ranges: bytes
access-control-allow-origin: *
age: 65908
content-security-policy: upgrade-insecure-requests
etag: "442-5e52b4ce53f00"
last-modified: Mon, 01 Aug 2022 10:17:00 GMT
strict-transport-security: max-age=300
vary: User-Agent
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/uploads/2022/08/Location.svg
198.71.233.156200 OK 1.5 kB URL HTTP/2 bonfirebread.com.au/wp-content/uploads/2022/08/Location.svg
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (376)
Hash 97d03a172bfbef70d01bf58d475ff1b3
4cee3457c94eb340884c2518d54f36227bafd5df
36426219ea517a231d968a2c7542e903c18100d374710e0708f55040563e6c9b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/08/Location.svg HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: image/svg+xml
content-length: 1477
accept-ranges: bytes
access-control-allow-origin: *
age: 65909
content-security-policy: upgrade-insecure-requests
etag: "5c5-5e52ca13cee80"
last-modified: Mon, 01 Aug 2022 11:52:10 GMT
strict-transport-security: max-age=300
vary: User-Agent
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.7.0
198.71.233.156200 OK 1.2 kB URL HTTP/2 bonfirebread.com.au/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.7.0
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (7043), with no line terminators
Hash 7a01d757cd8aced5af866e83a6d0ce76
f352b0e25c2a3ca7af84f93c9bc1fd700db3586f
da5327f259e09fafac875160fbcd3fe934f48359e751e42b802f5577310b014c
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.7.0 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: text/css
content-length: 1177
accept-ranges: bytes
age: 183648
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 01 Aug 2022 12:45:36 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/uploads/2022/08/grain.jpg
198.71.233.156200 OK 179 kB URL HTTP/2 bonfirebread.com.au/wp-content/uploads/2022/08/grain.jpg
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 671x684, components 3\012- data
Size 179 kB (179399 bytes)
Hash db1b8c9f80b7f926134d5a2b4f76a82a
e495269cc404e35fdb5d4bc13e25213f25b2ffc2
382cc03b924ed3b2397d50d2ac71331666774d595687f54d09174ce5f0e81946
GET /wp-content/uploads/2022/08/grain.jpg HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: image/jpeg
content-length: 179399
accept-ranges: bytes
age: 191479
content-security-policy: upgrade-insecure-requests
etag: "2bcc7-5e6f108abe58a"
last-modified: Tue, 23 Aug 2022 23:36:30 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/uploads/2022/08/Image.png
198.71.233.156200 OK 696 kB URL HTTP/2 bonfirebread.com.au/wp-content/uploads/2022/08/Image.png
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 776 x 489, 8-bit/color RGBA, non-interlaced\012- data
Size 696 kB (696467 bytes)
Hash c73c7ccb46c06415d3c17e0b5cc43e0b
42e6ab302a30dd00ebe22ccd181ece6aa851ebae
517683f0cb8f6421fc175fce333bddb6cfd4c815bda35585da89949c2ab411a5
GET /wp-content/uploads/2022/08/Image.png HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: image/png
content-length: 696467
accept-ranges: bytes
age: 183648
content-security-policy: upgrade-insecure-requests
etag: "aa093-5e5dc23c174c0"
last-modified: Wed, 10 Aug 2022 05:15:39 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/uploads/2022/08/White-SD-w-silver.png
198.71.233.156200 OK 576 kB URL HTTP/2 bonfirebread.com.au/wp-content/uploads/2022/08/White-SD-w-silver.png
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 543 x 544, 8-bit/color RGBA, non-interlaced\012- data
Size 576 kB (575880 bytes)
Hash 36e66b7b845927bc206ab9240facc5b0
62199a36fa5267c11c830143be5684a0586ae2b2
ca4a0c823df2c3a596db95014c829b823cdde401dcf75d96d2ec6d02016d0b7c
GET /wp-content/uploads/2022/08/White-SD-w-silver.png HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: image/png
content-length: 575880
accept-ranges: bytes
age: 191479
content-security-policy: upgrade-insecure-requests
etag: "8c988-5e77653064dd7"
last-modified: Tue, 30 Aug 2022 14:37:48 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d6092.039579343885!2d151.3203260879266!3d-33.63880716229806!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x6b72acd48ed1b81d%3A0x13cfc1ff8b4e1cf7!2s68%20Old%20Barrenjoey%20Rd%2C%20Avalon%20Beach%20NSW%202107%2C%20Australia!5e0!3m2!1sen!2sin!4v1659356886375!5m2!1sen!2sin
142.250.74.164200 OK 974 B URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d6092.039579343885!2d151.3203260879266!3d-33.63880716229806!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x6b72acd48ed1b81d%3A0x13cfc1ff8b4e1cf7!2s68%20Old%20Barrenjoey%20Rd%2C%20Avalon%20Beach%20NSW%202107%2C%20Australia!5e0!3m2!1sen!2sin!4v1659356886375!5m2!1sen!2sin
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1743)
Hash 90efca275a091460a8642cf5bb922931
37225bd02b2c264d3af456639bcec0b464f51983
cbba8f436ba5899229e37b6e392de35e940e4d5de973aa8d94d0d0658406cb6d
GET /maps/embed?pb=!1m18!1m12!1m3!1d6092.039579343885!2d151.3203260879266!3d-33.63880716229806!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x6b72acd48ed1b81d%3A0x13cfc1ff8b4e1cf7!2s68%20Old%20Barrenjoey%20Rd%2C%20Avalon%20Beach%20NSW%202107%2C%20Australia!5e0!3m2!1sen!2sin!4v1659356886375!5m2!1sen!2sin HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 11:40:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-a7ifi3dPqfinsDIY7mHd4Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 974
x-xss-protection: 0
server-timing: gfet4t7; dur=193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 56433b6932f28a949ac82fec1caa9e99
017c5a1ccc0f6e68fd60a9d0658c0526b81b4156
a6fe9208db3d30b3a81378a59aa588480ab2080c33f1d0921752c2dfdc76d1fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 11:40:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bonfirebread.com.au/wp-content/uploads/2022/08/Wholewheat-SD.jpg
198.71.233.156200 OK 386 kB URL HTTP/2 bonfirebread.com.au/wp-content/uploads/2022/08/Wholewheat-SD.jpg
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 220x220, segment length 16, baseline, precision 8, 1039x1039, components 3\012- data
Size 386 kB (385660 bytes)
Hash bafc28919d52b6b611133db0a8d86993
2ef22f076cf35638ee1d6fa92d5cf86ec738beab
0a22ce2c903c084fd5c20eba30823c829cb0d6990d7d09b9b042123fa1b4a1db
GET /wp-content/uploads/2022/08/Wholewheat-SD.jpg HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: image/jpeg
content-length: 385660
accept-ranges: bytes
age: 191479
content-security-policy: upgrade-insecure-requests
etag: "5e27c-5e7760a8b702e"
last-modified: Tue, 30 Aug 2022 14:17:32 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/themes/bornfirebread/assets/fonts/lato-v23-latin-700.woff2
198.71.233.156200 OK 23 kB URL HTTP/2 bonfirebread.com.au/wp-content/themes/bornfirebread/assets/fonts/lato-v23-latin-700.woff2
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bornfirebread/assets/fonts/lato-v23-latin-700.woff2 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bonfirebread.com.au/wp-content/themes/bornfirebread/assets/css/style.css?ver=1.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: font/woff2
content-length: 23040
accept-ranges: bytes
access-control-allow-origin: *
age: 183648
content-security-policy: upgrade-insecure-requests
etag: "5a00-5e4d88f316080"
last-modified: Thu, 28 Jul 2022 07:34:10 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/themes/bornfirebread/assets/fonts/lato-v23-latin-regular.woff2
198.71.233.156200 OK 24 kB URL HTTP/2 bonfirebread.com.au/wp-content/themes/bornfirebread/assets/fonts/lato-v23-latin-regular.woff2
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bornfirebread/assets/fonts/lato-v23-latin-regular.woff2 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bonfirebread.com.au/wp-content/themes/bornfirebread/assets/css/style.css?ver=1.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: font/woff2
content-length: 23580
accept-ranges: bytes
access-control-allow-origin: *
age: 183648
content-security-policy: upgrade-insecure-requests
etag: "5c1c-5e4d88f316080"
last-modified: Thu, 28 Jul 2022 07:34:10 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/uploads/2022/08/bg1.png
198.71.233.156200 OK 653 kB URL HTTP/2 bonfirebread.com.au/wp-content/uploads/2022/08/bg1.png
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 1421 x 463, 8-bit/color RGBA, non-interlaced\012- data
Size 653 kB (652844 bytes)
Hash 351308672b0d3a1f070361a775ab6724
a188bf6a1f0c62892263004dbe8d6d052e7d046f
051ceadd9f0eef4ce0feeefbb8f55f04cfa41bbd66b41fef894c08107cc644af
GET /wp-content/uploads/2022/08/bg1.png HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: image/png
content-length: 652844
accept-ranges: bytes
age: 183648
content-security-policy: upgrade-insecure-requests
etag: "9f62c-5e52bfd904c00"
last-modified: Mon, 01 Aug 2022 11:06:24 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/themes/bornfirebread/assets/fonts/Sylfaen.woff2
198.71.233.156200 OK 112 kB URL HTTP/2 bonfirebread.com.au/wp-content/themes/bornfirebread/assets/fonts/Sylfaen.woff2
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 112524, version 1.0\012- data
Size 112 kB (112524 bytes)
Hash 393e175101adee65f45dd2d5070f2c19
075ddc2b6edcf4d47f6fd0610deda1fb9b0b7e54
a876efdbcc18bf038d8b60bd04a280cdda0ec2b4b74f35684bda8c553d64c708
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bornfirebread/assets/fonts/Sylfaen.woff2 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bonfirebread.com.au/wp-content/themes/bornfirebread/assets/fonts/stylesheet.css?ver=1.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: font/woff2
content-length: 112524
accept-ranges: bytes
access-control-allow-origin: *
age: 183648
content-security-policy: upgrade-insecure-requests
etag: "1b78c-5e4d9d79d4e00"
last-modified: Thu, 28 Jul 2022 09:06:00 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/themes/bornfirebread/assets/fonts/Lato-Light_1.woff2
198.71.233.156200 OK 223 kB URL HTTP/2 bonfirebread.com.au/wp-content/themes/bornfirebread/assets/fonts/Lato-Light_1.woff2
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 223356, version 1.0\012- data
Size 223 kB (223356 bytes)
Hash 2635270faa1351e3f8237abbec102e65
0bdcdad21eb78d45dc7eb61b9ca91b3b4763daf9
6fc28d96282a4974e9d2bfb26b6d915cdfd9e5dda3c2ddddbdb2707e4cb3c420
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bornfirebread/assets/fonts/Lato-Light_1.woff2 HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bonfirebread.com.au/wp-content/themes/bornfirebread/assets/css/style.css?ver=1.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: font/woff2
content-length: 223356
accept-ranges: bytes
access-control-allow-origin: *
age: 183648
content-security-policy: upgrade-insecure-requests
etag: "3687c-5e5b6ddb52c80"
last-modified: Mon, 08 Aug 2022 08:47:30 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 11:40:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=in&callback=onApiLoad
142.250.74.42200 OK 57 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=in&callback=onApiLoad
IP 142.250.74.42:0
File type ASCII text, with very long lines (2578)
Hash c022a573bbf51e0a0fd3e7b18ff2a784
f36a47a40ca28afd1d4af0c33de48ec55d5aec3e
911a8ce5261e7eb49d22eabcd5f38b59c0714c037b2a501785727963a9994adc
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=in&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56935
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=13
date: Mon, 19 Sep 2022 11:21:44 GMT
expires: Mon, 19 Sep 2022 11:51:44 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 1137
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 11:40:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bonfirebread.com.au/wp-content/uploads/2022/08/Bitmap-2.png
198.71.233.156200 OK 2.9 MB URL HTTP/2 bonfirebread.com.au/wp-content/uploads/2022/08/Bitmap-2.png
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 1920 x 1203, 8-bit/color RGBA, non-interlaced\012- data
Size 2.9 MB (2899299 bytes)
Hash 2725e01caeba731dbe17aa2f5858b944
8bd19aeaf33f2fd9a06bcf876fa62e48e6d4cf1b
c3e575dd808b0ceb546860375e344078717c6bcbaaddaf7523fc04fb9702a57a
GET /wp-content/uploads/2022/08/Bitmap-2.png HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: image/png
content-length: 2899299
accept-ranges: bytes
age: 183648
content-security-policy: upgrade-insecure-requests
etag: "2c3d63-5e52b995e45c0"
last-modified: Mon, 01 Aug 2022 10:38:23 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 11:40:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/maps-api-v3/embed/js/50/5/init_embed.js
142.250.74.163200 OK 70 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/50/5/init_embed.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (2669)
Hash 0fc3152fed6efc465b1800d74c5e6e03
d1c179356bb78058c9f3a915b9d0860cee8f0d18
3126304f64d7b4a45e7c7c2db4393290ac9e659411d493607f56c51370422f35
GET /maps-api-v3/embed/js/50/5/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 70418
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 17:14:08 GMT
expires: Thu, 14 Sep 2023 17:14:08 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Sep 2022 20:19:12 GMT
content-type: text/javascript
age: 411993
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-content/uploads/2022/08/about_img.png
198.71.233.156200 OK 3.8 MB URL HTTP/2 bonfirebread.com.au/wp-content/uploads/2022/08/about_img.png
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 1920 x 2312, 8-bit/color RGBA, non-interlaced\012- data
Size 3.8 MB (3818623 bytes)
Hash 075e66ae306f7388143ebf0e638bded0
38cefdffca1fcbca22ec94c34930502abd26b9f4
553020c008faf31a5e3402179d68dffea09d780490ea7132895e1edf800375d0
GET /wp-content/uploads/2022/08/about_img.png HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:40 GMT
content-type: image/png
content-length: 3818623
accept-ranges: bytes
age: 183648
content-security-policy: upgrade-insecure-requests
etag: "3a447f-5e52c4e16ebc0"
last-modified: Mon, 01 Aug 2022 11:28:55 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-json/contact-form-7/v1/contact-forms/89/feedback/schema
198.71.233.156200 OK 222 B URL HTTP/2 bonfirebread.com.au/wp-json/contact-form-7/v1/contact-forms/89/feedback/schema
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JSON data\012- , ASCII text, with no line terminators
Hash 4e6fd6fb057a8dbcb80eb3aa83a10034
44bca90a043d658e1c20dc4d900b9d387cbd900f
49598ead86884dc7633f4a835d020353920b2064ee2bc9ba8ade68d0ce0ae667
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/89/feedback/schema HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bonfirebread.com.au/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:41 GMT
content-type: application/json; charset=UTF-8
content-length: 222
accept-ranges: bytes
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
age: 0
allow: GET
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=300
vary: Origin, User-Agent
x-backend: local
x-cache: uncached
x-cache-hit: MISS
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-fawn-proc-count: 1,1,24
x-php-version: 7.4
x-robots-tag: noindex
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/?wc-ajax=get_refreshed_fragments
198.71.233.156200 OK 210 B URL HTTP/2 bonfirebread.com.au/?wc-ajax=get_refreshed_fragments
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JSON data\012- , ASCII text, with no line terminators
Hash 0c97a46508dc677362be2a79fd34feea
bce89aaf991907a16c951cc6a9a8121045374e22
3e799d21e1116a135fcd10c071506f34b99cf79d93b5548199e1376f88b62434
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://bonfirebread.com.au
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:41 GMT
content-type: application/json; charset=UTF-8
content-length: 210
access-control-allow-credentials: true
access-control-allow-origin: https://bonfirebread.com.au
cache-control: no-cache, must-revalidate, max-age=0
content-security-policy: upgrade-insecure-requests
expires: Wed, 11 Jan 1984 05:00:00 GMT
strict-transport-security: max-age=300
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-fawn-proc-count: 2,0,24
x-php-version: 7.4
x-robots-tag: noindex
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 11:40:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bonfirebread.com.au/favicon.ico
198.71.233.156302 Found 0 B URL HTTP/2 bonfirebread.com.au/favicon.ico
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bonfirebread.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: openresty
date: Mon, 19 Sep 2022 11:40:41 GMT
content-type: text/html; charset=UTF-8
content-length: 0
age: 21841
content-security-policy: upgrade-insecure-requests
location: https://bonfirebread.com.au/wp-includes/images/w-logo-blue-white-bg.png
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,0,24
x-php-version: 7.4
x-redirect-by: WordPress
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
bonfirebread.com.au/wp-includes/images/w-logo-blue-white-bg.png
198.71.233.156200 OK 4.1 kB URL HTTP/2 bonfirebread.com.au/wp-includes/images/w-logo-blue-white-bg.png
IP 198.71.233.156:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: bonfirebread.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bonfirebread.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 11:40:42 GMT
content-type: image/png
content-length: 4119
accept-ranges: bytes
age: 191469
content-security-policy: upgrade-insecure-requests
etag: "1017-5e87c64872251;592bbd73a11c0
last-modified: Mon, 12 Sep 2022 15:17:23 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5396
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 11:40:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5396
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 11:40:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5396
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 11:40:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5396
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 11:40:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5396
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 11:40:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e998cc5-16fd-41d0-80c4-f7b6ce93932c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e998cc5-16fd-41d0-80c4-f7b6ce93932c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b174f977a78acf5f28935f44cac702d
7deb4e0fc838bcfffb532ff1f92f4036b35571f2
7e87fe13d3127a1c8e89f72c1455349d9edcb89eeb2a9b103d191095ddc69751
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e998cc5-16fd-41d0-80c4-f7b6ce93932c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5570
x-amzn-requestid: a20f5fb2-9c4a-4124-bc27-6b7cf99c5a73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn64FEKXoAMFbzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263e99-0edcfdf505c4467b31355e71;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:39:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Jp6TEMqaAAIs3jUsysER2sqaEob7LrzeR0vwp5I-gWSZsPxaFW4Vlg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:49:39 GMT
age: 49863
etag: "7deb4e0fc838bcfffb532ff1f92f4036b35571f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4098577adb98eae5ba4a8b5e143df71
b0ad467f2837d103f8a96fb732bd34176c4c7110
83aa54020ffc684690dfb58d78608411de38ab02fee50808a8243c6b388e77c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5064
x-amzn-requestid: 985dbd5b-3e8a-4e22-a974-1effa6c99112
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOS8FyBoAMFrCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790df-201df5494f1513b91eefe9d5;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RWcHVQkq3COqcWuVRgOdpVDi7VFrdjpu4q-NU0D3iod1B58xF4K_Yw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:55 GMT
age: 49727
etag: "b0ad467f2837d103f8a96fb732bd34176c4c7110"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 87bddc1f919e51c976d5377040861ea6
f5bf6c28f20414c7dd3ac1098defc46d3d68fd99
28541ca828b6358c8e6081e9f2022e7ad18a8adcb3df09a3fa079f32c08fcda6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10721
x-amzn-requestid: fadb4327-7392-42be-9167-16dd28876400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeIqeEg2IAMF-XA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632254a9-45261b545b58382717b63418;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:24:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5nlB_PBHKyP0p9rF3pJiwnoiSXxYvRSVLDNPcg9x_2i-N04HaRH8fA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 04:31:06 GMT
age: 25776
etag: "f5bf6c28f20414c7dd3ac1098defc46d3d68fd99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa0051cf-bacd-445a-a6c3-6e5be807c94d.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa0051cf-bacd-445a-a6c3-6e5be807c94d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a29b48f8601db6bee0408f77ef7e1810
35417f27e4529b172aff7581d25ef8de26158a6c
37f2b7accb42719f1f2c25d371691aaed05160bbb40d4941da2650adc12be316
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa0051cf-bacd-445a-a6c3-6e5be807c94d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9773
x-amzn-requestid: a66002a7-8621-4e8c-ba24-ca935485c6ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeBrlH7vIAMFz8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322497d-05c3244840ad5aba14217936;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 21:37:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Pb3pzSP2mQJVW2ff5ErXKB-jzLuYDSjENRCbzId9adJXEKIrRRihpw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:29 GMT
age: 49633
etag: "35417f27e4529b172aff7581d25ef8de26158a6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da8b8819fc21dcfb224ce0e7ecdc6772
e460ad4376cd118a6fe8b6b050af9398117d9531
9d0cf5fe17040e6c494d1596c24f01501babff37c95caa47d048b5e1aefa7697
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9901
x-amzn-requestid: e1792a3b-1893-48a6-8d01-463050259dc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiGMYE3IoAMFgvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6323ea4f-42ab13411e65943538101b11;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 03:15:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XmcyJv7bahHB4wMjFmgvh2fEkJJYLPhRrISZ_DczSErdEQjXIxWUvg==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 03:58:21 GMT
age: 27741
etag: "e460ad4376cd118a6fe8b6b050af9398117d9531"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d9fd171b51b27aa84e06e7d5a40116e
a81660dcace8f232018ce9a6d027b271d1f8a863
2c80ffd2c0c451c61623a677d1b17e8e58a40a0a7bdb5ef1cac2610bb0a7e0a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: 8af37b3f-bacb-4f13-a539-0a8a1e2c7fe8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrN_VHdooAMF8cQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63279061-083f90a5264568d85ce86e5a;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:40:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tPeWvkV7t7BSrnTA0G2Sf_KmuH5M4azBRhaeNuuaeiOW7zB4RhM_mw==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:50 GMT
age: 49732
etag: "a81660dcace8f232018ce9a6d027b271d1f8a863"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 403596
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 02:02:22 GMT
expires: Sun, 17 Sep 2023 02:02:22 GMT
cache-control: public, max-age=31536000
age: 207502
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
IP 216.58.211.10:0
GET /css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 19 Sep 2022 11:40:44 GMT
date: Mon, 19 Sep 2022 11:40:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en
IP 216.58.211.10:0
GET /css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 19 Sep 2022 11:40:44 GMT
date: Mon, 19 Sep 2022 11:40:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2