r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3678
Expires: Fri, 02 Dec 2022 21:16:26 GMT
Date: Fri, 02 Dec 2022 20:15:08 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5585
Cache-Control: max-age=143351
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:15:09 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 12:04:20 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 19:18:12 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3417
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9821
Expires: Fri, 02 Dec 2022 22:58:50 GMT
Date: Fri, 02 Dec 2022 20:15:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 24gwbHJqLxPsZU2AYL6YTVZjyg43gIT1VTJUekS+19eE71DVHcqWbuWe1L9ZJQNWNftE81nGypk=
x-amz-request-id: GBQF7J819V1CFX01
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 19:46:14 GMT
age: 1735
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 20:15:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
301 Moved Permanently 0 B URL HTTP/1.1 www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-admin/pp/?i=i&0=riker_lee@slurpmail.net HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 20:15:08 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 20:08:57 GMT
cache-control: public,max-age=3600
age: 372
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5584
Cache-Control: max-age=138289
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:15:09 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 10:39:58 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 934994854d0dcb506b5b306da37ce078
63ef31ab058a2d5f76c5526f4de5b5bf48ee5722
3cb5d6d99a4d086d09e297e11e6f69ba73db85a5ec9e208950c1f5f8c6dbea27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3CB5D6D99A4D086D09E297E11E6F69BA73DB85A5EC9E208950C1F5F8C6DBEA27"
Last-Modified: Thu, 01 Dec 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 03 Dec 2022 02:15:09 GMT
Date: Fri, 02 Dec 2022 20:15:09 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HNS6y0XOHOeOjCH1veiLqw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jMnUr6gFQTM8r3GQESVdzfPLwB8=
ocsp.digicert.com/
200 OK 279 B IP
Hash 19a09dc440c5dff064eb9410b47caa48
7140f506d82dc1a62ae02a2b135485ce3f51ed4b
420957a48c24036f62864447c5e72096d3151f392e8cebbc2310e9a7cdbd1998
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5419
Cache-Control: max-age=148922
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:15:10 GMT
Etag: "6389ea5d-117"
Expires: Sun, 04 Dec 2022 13:37:12 GMT
Last-Modified: Fri, 02 Dec 2022 12:06:53 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:15:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.medinain.com/wp-content/plugins/dentalia-plugin/css/style.css?ver=5.3.14
200 OK 846 B URL HTTP/2 www.medinain.com/wp-content/plugins/dentalia-plugin/css/style.css?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5d5fe24f2d7bb66714315da9393da13f
dc8318a1fc5ee1ced411f66e7dc8b828b8e2c4d9
feb9fe76a872d23a2f13676951d723e4f4e055d9b4c55a5143f78e286e53fdd4
GET /wp-content/plugins/dentalia-plugin/css/style.css?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 08 Feb 2020 15:52:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 846
content-type: text/css
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.3.14
200 OK 687 B URL HTTP/2 www.medinain.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1939), with no line terminators
Hash e11d2889a9580d6c9e8ca29f6ec91ff7
623270b08afc6870973b753cf39ecf50b9cb05a4
2dd642e0897e59f5966b0082913a8ee08e81922e3241f3557f82c2adfa04030c
GET /wp-includes/css/dist/block-library/theme.min.css?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 08 Feb 2020 11:05:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 687
content-type: text/css
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3
200 OK 12 kB URL HTTP/2 www.medinain.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash c220a68e588d62a720ffacfa52ad31d3
430b0eb0bdf72cebd13d43d18b8a276847b7a786
c12f9fb0d32fe152c3306f864f398f965b24ac6ffe01697b2b05fac214d2991a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Apr 2019 11:06:22 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12242
content-type: text/css
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/themes/dentalia/libs/owlcarousel/assets/owl.theme.default.min.css?ver=5.3.14
200 OK 151 B URL HTTP/2 www.medinain.com/wp-content/themes/dentalia/libs/owlcarousel/assets/owl.theme.default.min.css?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 6ede1fb4653e4193364fac28718a37b1
0b37715c50864ed40c34c3adf30cb37e837adfa2
e3f13a408540d74b6c5444bb89d241dda2dd13f3029fb0f874de8b970bc77139
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dentalia/libs/owlcarousel/assets/owl.theme.default.min.css?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Apr 2019 00:03:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 151
content-type: text/css
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/themes/dentalia/libs/owlcarousel/assets/owl.carousel.min.css?ver=5.3.14
200 OK 1.0 kB URL HTTP/2 www.medinain.com/wp-content/themes/dentalia/libs/owlcarousel/assets/owl.carousel.min.css?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2863)
Hash 74d6136e6ef49d3043c591b293cc830b
d2ec935f37ab977f7a893feb123799a088dbd483
137700c88793cfb2425703be909c27b68aacf47dd7f745e095595aad2e4b22d2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dentalia/libs/owlcarousel/assets/owl.carousel.min.css?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Apr 2019 00:03:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1026
content-type: text/css
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:15:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 19a09dc440c5dff064eb9410b47caa48
7140f506d82dc1a62ae02a2b135485ce3f51ed4b
420957a48c24036f62864447c5e72096d3151f392e8cebbc2310e9a7cdbd1998
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5419
Cache-Control: max-age=148922
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:15:10 GMT
Etag: "6389ea5d-117"
Expires: Sun, 04 Dec 2022 13:37:12 GMT
Last-Modified: Fri, 02 Dec 2022 12:06:53 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
www.medinain.com/wp-content/plugins/buttonizer-multifunctional-button/assets/frontend.css?v=2d3122b037d996d22c41158f40c7f2d3&ver=5.3.14
200 OK 17 kB URL HTTP/2 www.medinain.com/wp-content/plugins/buttonizer-multifunctional-button/assets/frontend.css?v=2d3122b037d996d22c41158f40c7f2d3&ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF, LF line terminators
Hash 843a0fae68960b6da0c087be83bbf831
b06536f2fad5930489a7d69619b97d8c1b2d46c6
cb6919031cb9b34ecba3c59511c67e956a62e0de59e34454d1843e6f7643d208
GET /wp-content/plugins/buttonizer-multifunctional-button/assets/frontend.css?v=2d3122b037d996d22c41158f40c7f2d3&ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 08 Feb 2020 15:50:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16933
content-type: text/css
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/themes/dentalia/libs/orionicon/css/style.css?ver=5.3.14
200 OK 1.4 kB URL HTTP/2 www.medinain.com/wp-content/themes/dentalia/libs/orionicon/css/style.css?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 7763dfc2f993daf424fac03aaf1d8e3e
13c85f35d3f2f8706a56ec8049acf5eadbd7ba7d
31f2681395ccc24404cb264c56583c23397af6fd7c0471ce72a99c0be20857dd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dentalia/libs/orionicon/css/style.css?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Apr 2019 00:03:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1414
content-type: text/css
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.14
200 OK 7.9 kB URL HTTP/2 www.medinain.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (41045), with no line terminators
Hash b69eb1952e05cf5afb5c386f73755ef8
095c002392362a8484a999b7b56793ee5d17cd78
7697187ff6744523ef9079ea748c88d7378a60b64994b216b959d048123afb3b
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 11 Jun 2020 09:14:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7869
content-type: text/css
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/themes/dentalia/libs/swipebox/css/swipebox.min.css?ver=5.3.14
200 OK 1.4 kB URL HTTP/2 www.medinain.com/wp-content/themes/dentalia/libs/swipebox/css/swipebox.min.css?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4308), with no line terminators
Hash bb137499a9f0143f7577f48625fb7544
737198d7bb477564258dd43338d81a6bfb16417f
fd26e7f1401d5e584fe5bdbe20a2a5ca8c996e0d883049165855791d6266a430
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dentalia/libs/swipebox/css/swipebox.min.css?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Apr 2019 00:03:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1378
content-type: text/css
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/themes/dentalia/css/page-builder.css?ver=5.3.14
200 OK 3.8 kB URL HTTP/2 www.medinain.com/wp-content/themes/dentalia/css/page-builder.css?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6522)
Hash 09de017bd268b211725778b52a7a8e57
37854f6fa2ae03dd4e67f4d5b7136856b5a654f8
7376c701d4e03fd1c643c249dedfd5e3144f61b2cb0441a4b2fd0a4f3242969b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dentalia/css/page-builder.css?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Apr 2019 00:03:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3752
content-type: text/css
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/themes/dentalia/libs/waypoints/shortcuts/sticky.js?ver=5.3.14
200 OK 722 B URL HTTP/2 www.medinain.com/wp-content/themes/dentalia/libs/waypoints/shortcuts/sticky.js?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 854e79892010ddd6e70f0536815ec08a
a019efa80b1198d9e064b8550e6b5f9b0f7bddc9
9dd7a6a77ae347fa3cf8381ce48cf523ab793a65e084a784ca2ced67d0c38ee5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dentalia/libs/waypoints/shortcuts/sticky.js?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Apr 2019 00:03:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 722
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
409 Conflict 83 B URL HTTP/2 www.medinain.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.medinain.com/wp-content/themes/dentalia/libs/smoothscroll/jquery.smooth-scroll.min.js?ver=5.3.14
200 OK 1.6 kB URL HTTP/2 www.medinain.com/wp-content/themes/dentalia/libs/smoothscroll/jquery.smooth-scroll.min.js?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3320)
Hash 111d9fbcc499f9f57ff9dbcf04df3e1f
0d19600edaa5bdb64c328f5b0905f61717671c41
9291af0bcbb86ee6aab66b46488fe41543bfb2ef6b9a5262eec8445f1bce854f
GET /wp-content/themes/dentalia/libs/smoothscroll/jquery.smooth-scroll.min.js?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Apr 2019 00:03:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1606
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/plugins/siteorigin-panels/css/front-flex.min.css?ver=2.10.14
200 OK 360 B URL HTTP/2 www.medinain.com/wp-content/plugins/siteorigin-panels/css/front-flex.min.css?ver=2.10.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (971), with no line terminators
Hash 8f26841e9a94a19b4d1463f15fb01302
d2ad7907d738a9238070bd1ca7c71e5d571f088b
24c3bdc417b9ff6fab43e0f6aa9a3325334c053c0393d2b6e152d82043b5a358
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/siteorigin-panels/css/front-flex.min.css?ver=2.10.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 08 Feb 2020 15:51:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 360
content-type: text/css
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.14
200 OK 4.9 kB URL HTTP/2 www.medinain.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10927)
Hash 30370a183368c9c52d4ed6803553b79c
3441940f22666ab98d20748560c5e09e25b37755
8f7e03574f5594e8f53d34583332086aa6b750560dbd66dc89f8ceeb86b06926
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 09:01:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4893
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/themes/dentalia/libs/tab-collapse/bootstrap-tabcollapse.js?ver=5.3.14
200 OK 2.8 kB URL HTTP/2 www.medinain.com/wp-content/themes/dentalia/libs/tab-collapse/bootstrap-tabcollapse.js?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 21fb27dbed93e8070863d9f76bb454bf
a9035c37e9bea384af36c268fa3808234b317c1b
453f915d1a323619d962097a0f60f4153204643477482c2a386bc04e2a1fec67
GET /wp-content/themes/dentalia/libs/tab-collapse/bootstrap-tabcollapse.js?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Apr 2019 00:03:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2772
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/themes/dentalia/libs/waypoints/jquery.waypoints.min.js?ver=5.3.14
200 OK 3.1 kB URL HTTP/2 www.medinain.com/wp-content/themes/dentalia/libs/waypoints/jquery.waypoints.min.js?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8668)
Hash e5c4adb82b820be8aff9addd520270c8
53942ce584bd864d54bbea34b242536cef36ab77
2a4a2d37ac19afdd6e0cf3b0590114f0e5a1ec9a4fe87cc7fb5cc74d8eadccef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dentalia/libs/waypoints/jquery.waypoints.min.js?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Apr 2019 00:03:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3146
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
200 OK 4.4 kB URL HTTP/2 www.medinain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9959)
Hash 1e40dfe689f1e989e1a3de2e3c6e26bf
4196eddc5203fd18f63e90065d777f757088ca2f
b40b1ef07db6e093ad2df064e8cb582906eb2448e1caacc2f5b721cd5d0e3cb4
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 20 May 2016 06:11:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4444
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-includes/js/wp-embed.min.js?ver=5.3.14
200 OK 750 B URL HTTP/2 www.medinain.com/wp-includes/js/wp-embed.min.js?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1391), with no line terminators
Hash 1c782657b72dd210e34fe872458db8a4
9aab886e2eb32e3ad3b48b414725b93875843201
f938f1b4a0bac49749cd11a5f8838cdcf6a188f2b4c5054467a08e209a1560aa
GET /wp-includes/js/wp-embed.min.js?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 09:01:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 750
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/plugins/contact-form-7/includes/js/jquery-ui/themes/smoothness/jquery-ui.min.css?ver=1.11.4
409 Conflict 83 B URL HTTP/2 www.medinain.com/wp-content/plugins/contact-form-7/includes/js/jquery-ui/themes/smoothness/jquery-ui.min.css?ver=1.11.4
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/jquery-ui/themes/smoothness/jquery-ui.min.css?ver=1.11.4 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.medinain.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
200 OK 1.9 kB URL HTTP/2 www.medinain.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3704)
Hash 4da7257348968d061b28e145e26a4639
6a9e0f37940c7bc32efc1434b12da6d9d8e54571
33a59fbe2e521f58b4982d80c7659a0135f436a0d32f3594e5d9803b286433ec
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 09:01:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1893
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
200 OK 2.8 kB URL HTTP/2 www.medinain.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6603)
Hash d29fbe8eff531c97cc6a6b29d22bddf4
7cd9c2afca107613ad5112e046fd8ecdcd9388e0
7fbdb6504d03f1641268989b27e269ccff7f85a5723d112023c6a91bd8846177
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 09:01:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2837
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/themes/dentalia/libs/swipebox/js/jquery.swipebox.min.js?ver=5.3.14
200 OK 4.8 kB URL HTTP/2 www.medinain.com/wp-content/themes/dentalia/libs/swipebox/js/jquery.swipebox.min.js?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12859)
Hash cae376ac97f441e8afc1a6af42f34824
7b497b116bda173d75e4818cf13854b0ee7772ac
b8cfdfc3ef656f8bbf654727cd877046e38003238490016a8f7e752f28799a62
GET /wp-content/themes/dentalia/libs/swipebox/js/jquery.swipebox.min.js?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Apr 2019 00:03:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4783
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/themes/dentalia/libs/owlcarousel/owl.carousel.min.js?ver=5.3.14
200 OK 15 kB URL HTTP/2 www.medinain.com/wp-content/themes/dentalia/libs/owlcarousel/owl.carousel.min.js?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32045)
Hash fbe99391114d4d28d4aceabcd4739251
ab63a50161bbb56bdfa4c69e5218f3951f7cb820
b625b13a3af4e6f201a95ebda8b4fc5d99113219bc433aa02060f3dc523e2e4d
GET /wp-content/themes/dentalia/libs/owlcarousel/owl.carousel.min.js?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Apr 2019 00:03:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15365
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/themes/dentalia/libs/bootstrap/js/bootstrap.min.js?ver=5.3.14
200 OK 14 kB URL HTTP/2 www.medinain.com/wp-content/themes/dentalia/libs/bootstrap/js/bootstrap.min.js?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32034)
Hash 5f6b33d0c3c840a00bb9546255b950fe
8529abb9ada164bd0c06aac91f8772598cb06a83
77ef532197a471284339e911d1ec20c1da285e8e8dba10fec10c1dcde394fb08
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dentalia/libs/bootstrap/js/bootstrap.min.js?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Apr 2019 00:03:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14302
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
409 Conflict 83 B URL HTTP/2 www.medinain.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
404 Not Found 24 kB URL HTTP/2 www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26984), with CRLF, LF line terminators
Hash a1335f59a2d573403a21360f584b1f48
813a43b0b2cc73025ae379c33430e88ddd55e775
62dc33833ce7044d9e1849163806aa90b521a1599749986c9463c965e3cf79a9
GET /wp-admin/pp/?i=i&0=riker_lee@slurpmail.net HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://www.medinain.com/index.php/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 20:15:09 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
200 OK 14 kB URL HTTP/2 www.medinain.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (35947)
Hash e3f10fabdb040dca50c37058e547f432
4895f03dc3e99077d3d08abf3bee9268f0beba89
b7f94a29b1a82244bb3ca1d4425aaa7221c159eada453d7a2bc3c0040f8d3623
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 09:01:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13684
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/themes/dentalia/libs/waypoints/shortcuts/inview.js?ver=5.3.14
200 OK 907 B URL HTTP/2 www.medinain.com/wp-content/themes/dentalia/libs/waypoints/shortcuts/inview.js?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 8980d9e7626fc247e04f6898dd4705ae
59b6661af79e8b84c69db3816a0766b8d90c5720
e6c66fecf6815e2541d3d0472864593a7a3e0fbd52890544d3cdde18d6890878
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dentalia/libs/waypoints/shortcuts/inview.js?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Apr 2019 00:03:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 907
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/plugins/buttonizer-multifunctional-button/assets/frontend.min.js?v=2d3122b037d996d22c41158f40c7f2d3&ver=5.3.14
200 OK 9.4 kB URL HTTP/2 www.medinain.com/wp-content/plugins/buttonizer-multifunctional-button/assets/frontend.min.js?v=2d3122b037d996d22c41158f40c7f2d3&ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30383)
Hash 7f66158bbdafe5e42edab5ded9567831
da18fdc7e330f6233723d604a08520aa8706976f
7a5936aa98bde13f2c1ffaa4dba5d51f94e6ae58a1f1d194bce381f1293b999e
GET /wp-content/plugins/buttonizer-multifunctional-button/assets/frontend.min.js?v=2d3122b037d996d22c41158f40c7f2d3&ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 08 Feb 2020 15:50:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9368
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/plugins/siteorigin-panels/js/styling-21014.min.js?ver=2.10.14
200 OK 395 B URL HTTP/2 www.medinain.com/wp-content/plugins/siteorigin-panels/js/styling-21014.min.js?ver=2.10.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (802), with no line terminators
Hash 4d3ebac1da45b04b92742c68d31e4cef
35330a15df3c12fa0976df948854d3438c466b2d
95e9de4ee65b529de55f25168ea3eb581e9733a36e5922985d4875719fdb73c5
GET /wp-content/plugins/siteorigin-panels/js/styling-21014.min.js?ver=2.10.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 08 Feb 2020 15:51:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 395
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-includes/js/jquery/ui/button.min.js?ver=1.11.4
200 OK 2.4 kB URL HTTP/2 www.medinain.com/wp-includes/js/jquery/ui/button.min.js?ver=1.11.4
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6998)
Hash 9b5b2e55f0a4fbca18bd1d6a071deb9c
373f3465a6ab8098430244d448789af5f2887789
867d739e1ce4c764630b0894d5df865eb0dca1467111700fefecc4a000c8ed6b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/button.min.js?ver=1.11.4 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 09:01:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2409
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/uploads/2021/07/phone-icon-new.png
200 OK 2.7 kB URL HTTP/2 www.medinain.com/wp-content/uploads/2021/07/phone-icon-new.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash b3a3fa169eb8a6487d9feb8d63f911a3
90e943f10336bbd9122537da15cd9d83c9fb556f
7686b0b44a51516259fb4fd802395bc1374a6b13d21e98f9627397004a48fbb4
GET /wp-content/uploads/2021/07/phone-icon-new.png HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 19 Jul 2021 07:16:24 GMT
accept-ranges: bytes
content-length: 2697
content-type: image/png
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/uploads/2019/05/logo.png
200 OK 6.3 kB URL HTTP/2 www.medinain.com/wp-content/uploads/2019/05/logo.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 167 x 99, 8-bit/color RGB, non-interlaced\012- data
Hash 73d76d4c19027c6e58fe617e662e2165
2f38ca6151ecf9546b46a9664dae49e02be60840
c1a1e15e5014e8d86e66be285390aa3787f21b93ce80817510a6eb2ad71b03ee
GET /wp-content/uploads/2019/05/logo.png HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 May 2019 10:45:51 GMT
accept-ranges: bytes
content-length: 6263
content-type: image/png
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/uploads/2019/05/logos-certi-new.png
200 OK 9.5 kB URL HTTP/2 www.medinain.com/wp-content/uploads/2019/05/logos-certi-new.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 200 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 41a9f48bb0d137e88e7642eb3bd0fc28
8d2012af7d83425def97a80f0f14c8b4297c4141
8fee5f7a504318e804e7b799d860165452c33fa578ac316af3ae53d83e88851e
GET /wp-content/uploads/2019/05/logos-certi-new.png HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 May 2019 12:54:51 GMT
accept-ranges: bytes
content-length: 9519
content-type: image/png
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/uploads/2021/05/wh.png
200 OK 12 kB URL HTTP/2 www.medinain.com/wp-content/uploads/2021/05/wh.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 58fc68c7db0e75e04cc7a45afc31566e
64a9d048d266c72c8840cb6f6866f6a776bbf45b
7bd0be46baf9a4c96173870d78a143a2acc74036c01889e9fa00d8a305de1fc9
GET /wp-content/uploads/2021/05/wh.png HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 01 May 2021 14:14:37 GMT
accept-ranges: bytes
content-length: 12497
content-type: image/png
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 827a9675bd378e003c167270150f3590
67df0e185cc99c640e8a3acde0aefb104fe0710d
b1ed910ee10bb2858a5ad85972bbfa9e247534b6002ba0d5ef2c4c74d385bb25
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3950
Cache-Control: max-age=159334
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:15:10 GMT
Etag: "638a18c6-118"
Expires: Sun, 04 Dec 2022 16:30:44 GMT
Last-Modified: Fri, 02 Dec 2022 15:24:54 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 471 B IP
Hash 6acc582e88a49b8d0a4c05705f9c6af2
7cd445187fc02c97202cde41ee450d0c078cfd9c
41dc74b2ddf000db6ff024819614df835bb6092f78bba04e409b11f05e645348
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5406
Cache-Control: max-age=119402
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:15:11 GMT
Etag: "6389771b-1d7"
Expires: Sun, 04 Dec 2022 05:25:13 GMT
Last-Modified: Fri, 02 Dec 2022 03:55:07 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
use.fontawesome.com/releases/v5.8.2/css/all.css?ver=5.3.14
200 OK 13 kB URL HTTP/2 use.fontawesome.com/releases/v5.8.2/css/all.css?ver=5.3.14
IP
File type ASCII text, with very long lines (54998)
Hash 4dc7daf37617f33e648b8d8745bf7805
9e8a04f3e2c8dec99c1c325815c8eabb7d5f368f
0ee87e22750094e1cad0ee1b4a35ee1b136a0c907389b283de589c435a9bb813
GET /releases/v5.8.2/css/all.css?ver=5.3.14 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 20:15:10 GMT
content-type: text/css
x-amz-id-2: jsm1deUD9+9kJYQ2RbVrEDrKYh4zuWsd62OxvGRNqqegdPEU8qINhNdmZAoWmcAB5Sq0jufzfRU=
x-amz-request-id: HYMV1MJ66TZCVAD1
last-modified: Wed, 30 Jun 2021 15:47:00 GMT
etag: W/"77cbad34e5ce95e70847b074e05faeab"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1281376
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5kN2NTq4jTNgaTJ3k%2BQT%2BqsbcsBLVBkZvhCJkfLvI4LZR1WJXnS%2B3xBtJo7XFjjEpUSCezPR0uOicKbGbO82lY1VoEgTYgJ%2BMCOPnDZWm0X9gy3u2AThLZmxYTiHZ8Dsvmi9Ztc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7736bba9ab2573ff-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.medinain.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:55 GMT
expires: Tue, 28 Nov 2023 18:52:55 GMT
cache-control: public, max-age=31536000
age: 350536
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3A400%7COpen+Sans%3A400&subset=latin&ver=1632893381
200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A400%7COpen+Sans%3A400&subset=latin&ver=1632893381
IP
Hash fc0499807172e343c0006cb9f37dd2d0
8744f284b929222f43f1d5aef5260f798384c152
a704b5a0f4f5d6e8130c4ba4136bd3247decffd82bafcfccf250889350dad906
GET /css?family=Montserrat%3A400%7COpen+Sans%3A400&subset=latin&ver=1632893381 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 20:15:10 GMT
date: Fri, 02 Dec 2022 20:15:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Hash b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.medinain.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 14:42:14 GMT
expires: Sun, 26 Nov 2023 14:42:14 GMT
cache-control: public, max-age=31536000
age: 538377
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:15:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.medinain.com/wp-content/themes/dentalia/libs/orionicon/fonts/Orionicon.woff2
200 OK 4.4 kB URL HTTP/2 www.medinain.com/wp-content/themes/dentalia/libs/orionicon/fonts/Orionicon.woff2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 4356, version 1.0\012- data
Hash 0981d324ed84c574bdb6fc52f8e17173
1d9541565b500c1c90df932103683d02e90e1620
34526a68de24cc64858eb34c58a37c0d267d29bad89c3f16ee3f71a3dae6baaa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dentalia/libs/orionicon/fonts/Orionicon.woff2 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.medinain.com/wp-content/themes/dentalia/libs/orionicon/css/style.css?ver=5.3.14
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Apr 2019 00:03:58 GMT
accept-ranges: bytes
content-length: 4356
content-type: font/woff2
date: Fri, 02 Dec 2022 20:15:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/uploads/2016/09/dentalia-demo-bg-lights.jpg
200 OK 237 kB URL HTTP/2 www.medinain.com/wp-content/uploads/2016/09/dentalia-demo-bg-lights.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size 237 kB (237173 bytes)
Hash d6cba2476485490836c5e801b817c2e8
7c323630d3b175debfd49b58be43f8d5bd08a147
3d46d0be951cb3a419958a6c664bf18e739141620612a3b51106f852ffba9154
GET /wp-content/uploads/2016/09/dentalia-demo-bg-lights.jpg HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Apr 2019 11:13:24 GMT
accept-ranges: bytes
content-length: 237173
content-type: image/jpeg
date: Fri, 02 Dec 2022 20:15:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/themes/dentalia/css/components.css?ver=5.3.14
200 OK 356 kB URL HTTP/2 www.medinain.com/wp-content/themes/dentalia/css/components.css?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
Size 356 kB (355460 bytes)
Hash 7ab62625b397937af512cd305be2eaa8
ed7e369397a8762e3894d8adcd0c96b9c18f0843
899c316b9afc08463a4fbe73ca6696edf652b981a6426eefdceb3e2271ef2026
GET /wp-content/themes/dentalia/css/components.css?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Apr 2019 00:03:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14797
Expires: Sat, 03 Dec 2022 00:21:48 GMT
Date: Fri, 02 Dec 2022 20:15:11 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14797
Expires: Sat, 03 Dec 2022 00:21:48 GMT
Date: Fri, 02 Dec 2022 20:15:11 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14797
Expires: Sat, 03 Dec 2022 00:21:48 GMT
Date: Fri, 02 Dec 2022 20:15:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 291127b670135b42b6e9687aa2a13237
99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1
49b082a738bcd15a0bb4e9f96a180797ffcfa368977ac1927df882a0343664d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10437
x-amzn-requestid: 2a8183c4-47ec-42bb-8e67-3e742dc3750c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0YpEeooAMFfvg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdd0-2014fd4d49dcd4087bf1db4d;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wQc8gdA6brp46QVd0ee9cBtnmA9q1j3nUO2ou9MDIhecNINtmphq0Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:54 GMT
age: 80657
etag: "99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 10:51:17 GMT
age: 33834
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:00:48 GMT
age: 51263
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PIC-TIeTFK_Y2AiqowYT4_8tMuzIKO23lAwx18fYepTf4PIWkmLqkQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 05:20:15 GMT
age: 53696
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d147ccb10bda82b153a596c3c967cd6a
ffd0763f997e71a8c1458523fc17cafe8849dfdf
1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7591
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgMFRZIAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 80780
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
age: 80618
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 6acc582e88a49b8d0a4c05705f9c6af2
7cd445187fc02c97202cde41ee450d0c078cfd9c
41dc74b2ddf000db6ff024819614df835bb6092f78bba04e409b11f05e645348
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5406
Cache-Control: max-age=119402
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:15:11 GMT
Etag: "6389771b-1d7"
Expires: Sun, 04 Dec 2022 05:25:13 GMT
Last-Modified: Fri, 02 Dec 2022 03:55:07 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
IP
File type C source, ASCII text, with very long lines (8741)
Hash c92ef94e30a2dd9473fd9fe533472b73
97049e47de026939c75a885df9e8bb0fb56515ba
f2981c7109e60cf9f5a9e846a25800dbec20a923db028f310b6feb79415650bb
GET /rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 30 Nov 2023 01:39:55 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: yS75TjCi3ZRz/Z/lM0crcw==
x-fb-debug: xRgL4SR78NBeYrhUhKw2tM2diKO8H9ar5BV1fHljLsQNOYfJnH12XENzxLY13OIbL0DEDztH3k0HkhZz0aFcLg==
content-length: 16232
x-fb-trip-id: 1679558926
date: Fri, 02 Dec 2022 20:15:11 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
200 OK 293 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (327)
Hash 2f913d812811ef7e6fca30334c5972e2
d17caaa167443dc08696c672380f237e0db3fb02
ee8918a2f5d163099104b70f79065abc8fd309e69add57170546f2706956eef8
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 24 Nov 2023 23:53:58 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: L5E9gSgR735vyjAzTFly4g==
x-fb-debug: DIZ2G1nJsLCy0zTQurqaB4WnHCvKRvXeIb4sGerawttQsKRanlNnUlKxdOxnOz/81HHCgmE2TeQwIKReB8knYQ==
content-length: 293
x-fb-trip-id: 1679558926
date: Fri, 02 Dec 2022 20:15:11 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yX/r/JYOpIVwZVr3.js?_nc_x=Ij3Wp8lg5Kz
200 OK 7.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yX/r/JYOpIVwZVr3.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (4057)
Hash 72ce84f8c50139151a20bf5471e26955
ddb1cf4f30d5935149c5eb1cd2ab799002bd9c73
abee72daf709c744bfa59f68193be9899d5a80eb72874965dfa3ec373c861973
GET /rsrc.php/v3/yX/r/JYOpIVwZVr3.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 29 Nov 2023 19:02:04 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: cs6E+MUBORUaIL9UceJpVQ==
x-fb-debug: ayphQDRLI7xffeiq4R8a0hWhIOidimNS/Y6BucSM8z3UzNz7bJy5P9yA5YhFtaY066bTM/jCvOdJOJrhuqSR0g==
content-length: 7183
x-fb-trip-id: 1679558926
date: Fri, 02 Dec 2022 20:15:11 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iLl54/yh/l/en_US/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz
200 OK 8.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iLl54/yh/l/en_US/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (2905)
Hash 69e486cc855b05e1ef83518e57af55de
44f27786a30398501e9e4925004a15804fb945e9
f468a9ac1baf337dee981e479d9db4d1c6239ff4a0feea34854383aa9c76c345
GET /rsrc.php/v3iLl54/yh/l/en_US/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 01 Dec 2023 00:35:01 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: aeSGzIVbBeHvg1GOV69V3g==
x-fb-debug: p6U9C4EREHTnpaJI1kBrf5tFhRrhJ1yaMX5V6wZLbNJL8RrJNsYWPfA9esurMfj7FoMO+UhrLEm621sNyiJ6dw==
content-length: 8322
x-fb-trip-id: 1679558926
date: Fri, 02 Dec 2022 20:15:11 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yM/r/nALqeRS3pkU.js?_nc_x=Ij3Wp8lg5Kz
200 OK 8.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yM/r/nALqeRS3pkU.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (9885)
Hash c56784b5b5c7cbc9911e0108d1c0a98d
727ab16dc3c4eda3b1d6826d98cd1c15cb1d9050
bed83269314491f240efafd92b85f1c48c61c63a927ff44ca2ae0b8d2ddb34b5
GET /rsrc.php/v3/yM/r/nALqeRS3pkU.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 29 Nov 2023 20:56:57 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: xWeEtbXHy8mRHgEI0cCpjQ==
x-fb-debug: mrNIwsxQfycL8aWgy7FQKR763RsuxqF0Ljqb/zm4Ti8kWNR2qDj8ZQtn+fXfnAOe5VUkJhAA5kfj1CM+hWBjmA==
priority: u=3,i
content-length: 8694
x-fb-trip-id: 1679558926
date: Fri, 02 Dec 2022 20:15:11 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/-MfsHH0joer.css?_nc_x=Ij3Wp8lg5Kz
200 OK 5.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/-MfsHH0joer.css?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (4431)
Hash 34c7c8ac5c5afe2194fe0015729a6362
99ba29737187829926793d1030f71a1e024b6bd6
dd49cedd11b308a50b6c1803cee732e2de5db081df13e12c24418a8c15d06869
GET /rsrc.php/v3/y3/l/0,cross/-MfsHH0joer.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 02 Dec 2023 18:38:21 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: NMfIrFxa/iGU/gAVcppjYg==
x-fb-debug: z17RpNOziZR3sIAM4f5Y3bb2w7ZHKhFubu9rLDsKnXtLsJkfRdIbfAgaZxTzcBo6N3ZKfLtyQlYYO5we6W5yHQ==
content-length: 5034
x-fb-trip-id: 1679558926
date: Fri, 02 Dec 2022 20:15:11 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yk/l/en_US/6RO4Jokp9az.js?_nc_x=Ij3Wp8lg5Kz
200 OK 23 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEpO4/yk/l/en_US/6RO4Jokp9az.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (42048)
Hash 5254a36c2855a4a6064cd97facbfc995
f7d48d2a045bbfe918d0e5f3694d8bd3c4cb9875
7b1e9b3adeec2ebab50637282fe680eb1c714f8623f90f52f813fa7c97059e2c
GET /rsrc.php/v3iEpO4/yk/l/en_US/6RO4Jokp9az.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 30 Nov 2023 16:15:03 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: UlSjbChVpKYGTNl/rL/JlQ==
x-fb-debug: hTsK77EXHx33wSvrUFBfqgqIjAHkcg7GCbSykxNk6g3kBhzREa+XVDoMtMn1YsUlbpBrGYFOws2dqoMGUWGq2Q==
content-length: 23382
x-fb-trip-id: 1679558926
date: Fri, 02 Dec 2022 20:15:11 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
200 OK 830 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (724)
Hash d63a02ce87c07ffcfa869fef7fc5f233
cae745fef84088abe3525bb77f75c55cd1d4cc2c
bf9d4d71541a0a1f31b10be351add847ee935da6de355756314c8ca96512444d
GET /rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 01 Dec 2023 00:16:08 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 1joCzofAf/z6hp/vf8XyMw==
x-fb-debug: 7P2YQcLU5AD+fSgEUB2ZYqJO8dXMvvnY11OYp5ho6i2aZ46ue375+HD0M2ahQwp7JIBq5qPCBmq9ceB/wdAWFw==
priority: u=3,i
content-length: 830
x-fb-trip-id: 1679558926
date: Fri, 02 Dec 2022 20:15:11 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz
200 OK 1.8 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (1984)
Hash 3eec5e9a11ba7da3a0f8cd0af8b4bdcb
462922ace2e24121fb02f42966abb8004b24c98c
92e829ebf854a5a759b0f718ea0f31b4870e1dbbd7f09e8c2e1cac0b21e6d69c
GET /rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 30 Nov 2023 16:15:03 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: PuxemhG6faOg+M0K+LS9yw==
x-fb-debug: ysL+o95UDwHfEUO8RXEoxQbD9qS4wm8/3GXhNWlrUvr6HBzic7cOmeKziHwxYvPnKo/uYjrJr9E3NoDm+nKUAQ==
content-length: 1847
x-fb-trip-id: 1679558926
date: Fri, 02 Dec 2022 20:15:11 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (5542)
Hash 1ad15afc034f310427c81b0759603a2b
e5efd1d029dccf5fa8128c84aadb6544a4ab60e0
fedf63f655f9eef24c517c3d6762fb07b142213ba623d4a0b06614fb5d9754bd
GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 30 Nov 2023 02:31:04 GMT
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-fb-rlafr: 0
content-md5: GtFa/ANPMQQnyBsHWWA6Kw==
x-fb-debug: aCcOg3CkPeic7Q1qWgphyxqPm1JrzgvxRd3MqZGIOOJl8cxlygVrXdSkjRKSCXFCr7yUGkhiRQjZtFVjm4IZQg==
content-length: 12334
x-fb-trip-id: 1679558926
date: Fri, 02 Dec 2022 20:15:11 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.medinain.com/wp-admin/admin-ajax.php?action=buttonizer&qpu=0affd7a626418f910934845919bc248c&preview=0
200 OK 559 B URL HTTP/2 www.medinain.com/wp-admin/admin-ajax.php?action=buttonizer&qpu=0affd7a626418f910934845919bc248c&preview=0
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JSON data\012- , ASCII text, with very long lines (1408), with no line terminators
Hash 9ec0d80fb561fbba0374093f4a36e6fd
0d3840a70e5f36c7bed42e6ee0a971ecf3f794d0
c1485b6c608f336c696b0a06a2565347a39e31ee6e179f18bd269667a161954d
GET /wp-admin/admin-ajax.php?action=buttonizer&qpu=0affd7a626418f910934845919bc248c&preview=0 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-robots-tag: noindex
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
pragma: cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding
content-encoding: gzip
content-length: 559
content-type: application/json; charset=UTF-8
date: Fri, 02 Dec 2022 20:15:11 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 827a9675bd378e003c167270150f3590
67df0e185cc99c640e8a3acde0aefb104fe0710d
b1ed910ee10bb2858a5ad85972bbfa9e247534b6002ba0d5ef2c4c74d385bb25
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3951
Cache-Control: max-age=159334
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:15:11 GMT
Etag: "638a18c6-118"
Expires: Sun, 04 Dec 2022 16:30:45 GMT
Last-Modified: Fri, 02 Dec 2022 15:24:54 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
www.medinain.com/favicon.ico
200 OK 0 B URL HTTP/2 www.medinain.com/favicon.ico
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 0
content-type: image/vnd.microsoft.icon
date: Fri, 02 Dec 2022 20:15:11 GMT
server: Apache
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yy/r/BBmdPZ5Lu1y.js?_nc_x=Ij3Wp8lg5Kz
200 OK 5.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yy/r/BBmdPZ5Lu1y.js?_nc_x=Ij3Wp8lg5Kz
IP
File type C source, ASCII text, with very long lines (10494)
Hash 8d2072d6624b51be56303ac9b3ff2e32
dcdfacb3375e65e9e8fb2e6888820b9a777b6e61
24aee0833249ea9efc50731ab81924cea2a1f6798698b7f2e294067bbdc3a0a3
GET /rsrc.php/v3/yy/r/BBmdPZ5Lu1y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 01 Dec 2023 23:09:02 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: fgLoU5VNW81u9ug1+Sd8Dg==
x-fb-debug: ctNG2uJtyVPDZERwF2EkZMam5ZAUvSQKjsJIgoIK19vUcPUJApfgy+vrkN+INqcnLBhP4c19TKgjbG8KuVCn5w==
content-length: 84306
x-fb-trip-id: 1679558926
date: Fri, 02 Dec 2022 20:15:11 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/5d5136a777aa790be32e8166/default
200 OK 17 kB URL HTTP/2 embed.tawk.to/5d5136a777aa790be32e8166/default
IP
Hash 3fbc54edb96f1a2b23c676816de8b85e
386ba7762bc0e3f889021eeb750cd3199093b1c5
f5753d264b386802f8e848daa882c807da2dbf1891108e2b06d37e0247c7b696
GET /5d5136a777aa790be32e8166/default HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.medinain.com
Connection: keep-alive
Referer: https://www.medinain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 20:15:11 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-637ddf31c8f"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7736bbad9adbb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmedinaindelhi&tabs=timeline&width=340&height=300&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=false&appId=443040589231563
200 OK 76 kB URL HTTP/2 www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmedinaindelhi&tabs=timeline&width=340&height=300&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=false&appId=443040589231563
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17461)
Hash eb26992c571d249555d9845c1c33fbc6
0ed45638430545fd2e1b33cde0a4e6bb599c421b
86958306a7f1c808368fe4a65703f0d7b5a3b82b106dcc3923e3a0b5d7c05eb3
GET /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmedinaindelhi&tabs=timeline&width=340&height=300&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=false&appId=443040589231563 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 9arPwaznE+QTZ1jbOQmNIV+8dH4EoySbmAX99f7oahHqbq7gnI6XxxAcsuPkP1QImmSTpPIlpucO5mIHwKsVXg==
date: Fri, 02 Dec 2022 20:15:11 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-arn2-2.xx.fbcdn.net/v/t39.30808-6/295870840_1248954332337269_7880137661083392438_n.jpg?stp=dst-jpg_p235x350&_nc_cat=100&ccb=1-7&_nc_sid=110474&_nc_ohc=GL02DGDjJfoAX_tgGWA&_nc_oc=AQnWrja3QjGps0xklq9TC_qbfdqTLESAFhg7M8CuZkzhRSw1KsGAhggImHyFSFbnCX0&_nc_ht=scontent-arn2-2.xx&oh=00_AfCkizGVAZlm4l9g9cRomNglOVG-NvLsTac1HgzalcqYBQ&oe=638F348F
200 OK 21 kB URL HTTP/2 scontent-arn2-2.xx.fbcdn.net/v/t39.30808-6/295870840_1248954332337269_7880137661083392438_n.jpg?stp=dst-jpg_p235x350&_nc_cat=100&ccb=1-7&_nc_sid=110474&_nc_ohc=GL02DGDjJfoAX_tgGWA&_nc_oc=AQnWrja3QjGps0xklq9TC_qbfdqTLESAFhg7M8CuZkzhRSw1KsGAhggImHyFSFbnCX0&_nc_ht=scontent-arn2-2.xx&oh=00_AfCkizGVAZlm4l9g9cRomNglOVG-NvLsTac1HgzalcqYBQ&oe=638F348F
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x350, components 3\012- data
Hash 4f968b546baea287a242912157af7bad
73a211fb74c1f641d53de9e6d955156a9c455c36
bafc42221f3b922ba02fb53a6c025bcf7534a2b9af39fd2928954e8f9728b3c7
GET /v/t39.30808-6/295870840_1248954332337269_7880137661083392438_n.jpg?stp=dst-jpg_p235x350&_nc_cat=100&ccb=1-7&_nc_sid=110474&_nc_ohc=GL02DGDjJfoAX_tgGWA&_nc_oc=AQnWrja3QjGps0xklq9TC_qbfdqTLESAFhg7M8CuZkzhRSw1KsGAhggImHyFSFbnCX0&_nc_ht=scontent-arn2-2.xx&oh=00_AfCkizGVAZlm4l9g9cRomNglOVG-NvLsTac1HgzalcqYBQ&oe=638F348F HTTP/1.1
Host: scontent-arn2-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 26 Jul 2022 08:08:02 GMT
x-haystack-needlechecksum: 1098217276
x-needle-checksum: 636100151
content-type: image/jpeg
content-digest: adler32=3286372111
content-length: 20685
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-trip-id: 1904183273
date: Fri, 02 Dec 2022 20:15:14 GMT
x-fb-edge-debug: SS1OL-Bac3To9fK4oFdJF0Q-0_KIGFH7ACUdYFgJ0ZNTuMiUvQoqkKNrx4-xuy93r73PX9qlRr2TVbPImqAmSaeASxbiS-KEWIfaCzbyIak
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-arn2-2.xx.fbcdn.net/v/t39.30808-6/298617638_1257668811465821_4226353178284854878_n.jpg?stp=dst-jpg_p235x350&_nc_cat=100&ccb=1-7&_nc_sid=110474&_nc_ohc=inLIlecPK_QAX8TNiE6&_nc_ht=scontent-arn2-2.xx&oh=00_AfCXQlXAPUaZ-RAaM_3j1-zHH5uKR1ZtZ6x1MHXYycRK8g&oe=638F1354
200 OK 26 kB URL HTTP/2 scontent-arn2-2.xx.fbcdn.net/v/t39.30808-6/298617638_1257668811465821_4226353178284854878_n.jpg?stp=dst-jpg_p235x350&_nc_cat=100&ccb=1-7&_nc_sid=110474&_nc_ohc=inLIlecPK_QAX8TNiE6&_nc_ht=scontent-arn2-2.xx&oh=00_AfCXQlXAPUaZ-RAaM_3j1-zHH5uKR1ZtZ6x1MHXYycRK8g&oe=638F1354
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x350, components 3\012- data
Hash 1a60b859a562151939cc4f2a8f7f5e98
08a6341abaf3f977678af714842bc84f79c3516a
d9aa7a9a046fd3996d7c2672698b8a3f29c9c4497514b8c95ff7343202cd23b4
GET /v/t39.30808-6/298617638_1257668811465821_4226353178284854878_n.jpg?stp=dst-jpg_p235x350&_nc_cat=100&ccb=1-7&_nc_sid=110474&_nc_ohc=inLIlecPK_QAX8TNiE6&_nc_ht=scontent-arn2-2.xx&oh=00_AfCXQlXAPUaZ-RAaM_3j1-zHH5uKR1ZtZ6x1MHXYycRK8g&oe=638F1354 HTTP/1.1
Host: scontent-arn2-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 09 Aug 2022 05:24:19 GMT
x-haystack-needlechecksum: 245616574
x-needle-checksum: 2858487301
content-type: image/jpeg
content-digest: adler32=1897531903
content-length: 25767
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-trip-id: 1904183273
date: Fri, 02 Dec 2022 20:15:14 GMT
x-fb-edge-debug: o5Svo93DKVmgmkxmtcO-8q7gPOP5nNbWQtNH2Dahkokndcihn9V_9TUmz8_RF4MpsfWSQbIt1JVm6q8cS3XHjJ-337jsHID4QmcJ1f3Pa8U
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
video-arn2-2.xx.fbcdn.net/v/t42.1790-2/315993151_432109778941236_618895290020745476_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=gxSJX_dwIfIAX-1RrKV&_nc_ht=video-arn2-2.xx&oh=00_AfDG2_do-CQgeARweyny2z8EJ7PMUloGaWlCq7DKUE3YBQ&oe=638A82D0&bytestart=0&byteend=782
200 OK 783 B URL HTTP/2 video-arn2-2.xx.fbcdn.net/v/t42.1790-2/315993151_432109778941236_618895290020745476_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=gxSJX_dwIfIAX-1RrKV&_nc_ht=video-arn2-2.xx&oh=00_AfDG2_do-CQgeARweyny2z8EJ7PMUloGaWlCq7DKUE3YBQ&oe=638A82D0&bytestart=0&byteend=782
IP
File type ISO Media, MP4 Base Media v5 \012- data
Hash 616e1c66a274d6a48bc7da898ed16a09
5c8ad6d52bef57156831469054be45c2bb28f113
8591db54a436999d237aac3d7da46690dd2f46f7a529194d22746b5f234da2f9
GET /v/t42.1790-2/315993151_432109778941236_618895290020745476_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=gxSJX_dwIfIAX-1RrKV&_nc_ht=video-arn2-2.xx&oh=00_AfDG2_do-CQgeARweyny2z8EJ7PMUloGaWlCq7DKUE3YBQ&oe=638A82D0&bytestart=0&byteend=782 HTTP/1.1
Host: video-arn2-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Tue, 22 Nov 2022 11:02:12 GMT
content-type: video/mp4
x-needle-checksum: 1348253116
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=1348253116
content-length: 783
accept-ranges: bytes
x-fb-trip-id: 436667874
date: Fri, 02 Dec 2022 20:15:15 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
x-fb-edge-debug: 0sMOdzj-OJ6DCQCQJfFmt8ygA900mKqVoLEM94pR-carOG66yWreq_VcrBi_Hx5dDV7GN81HvNvXG8ULpc6dQhl7wI2-kvy2kexn9WhMZA4
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
video-arn2-2.xx.fbcdn.net/v/t42.1790-2/315993151_432109778941236_618895290020745476_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=gxSJX_dwIfIAX-1RrKV&_nc_ht=video-arn2-2.xx&oh=00_AfDG2_do-CQgeARweyny2z8EJ7PMUloGaWlCq7DKUE3YBQ&oe=638A82D0&bytestart=851&byteend=17369
200 OK 16 kB URL HTTP/2 video-arn2-2.xx.fbcdn.net/v/t42.1790-2/315993151_432109778941236_618895290020745476_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=gxSJX_dwIfIAX-1RrKV&_nc_ht=video-arn2-2.xx&oh=00_AfDG2_do-CQgeARweyny2z8EJ7PMUloGaWlCq7DKUE3YBQ&oe=638A82D0&bytestart=851&byteend=17369
IP
Hash 29d21a481e4c590a96521620ac0c8063
e59b6bf3fc2bd4a489c2b09256cdb739adaae305
9179f15c23bcd1f9965c4dd9c25ca35052f28dc3e9a98efafabf05ee80018d1f
GET /v/t42.1790-2/315993151_432109778941236_618895290020745476_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=gxSJX_dwIfIAX-1RrKV&_nc_ht=video-arn2-2.xx&oh=00_AfDG2_do-CQgeARweyny2z8EJ7PMUloGaWlCq7DKUE3YBQ&oe=638A82D0&bytestart=851&byteend=17369 HTTP/1.1
Host: video-arn2-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Tue, 22 Nov 2022 11:02:12 GMT
content-type: video/mp4
x-needle-checksum: 1348253116
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=1348253116
content-length: 16519
accept-ranges: bytes
x-fb-trip-id: 436667874
date: Fri, 02 Dec 2022 20:15:15 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
video-arn2-2.xx.fbcdn.net/v/t42.1790-2/315993151_432109778941236_618895290020745476_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=gxSJX_dwIfIAX-1RrKV&_nc_ht=video-arn2-2.xx&oh=00_AfDG2_do-CQgeARweyny2z8EJ7PMUloGaWlCq7DKUE3YBQ&oe=638A82D0&bytestart=783&byteend=850
200 OK 68 B URL HTTP/2 video-arn2-2.xx.fbcdn.net/v/t42.1790-2/315993151_432109778941236_618895290020745476_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=gxSJX_dwIfIAX-1RrKV&_nc_ht=video-arn2-2.xx&oh=00_AfDG2_do-CQgeARweyny2z8EJ7PMUloGaWlCq7DKUE3YBQ&oe=638A82D0&bytestart=783&byteend=850
IP
Hash c2bcf1c19c36947407f82ba0f9509ef0
4dc74cb73f0b2f82007212f0dcd76f89fd879bda
f75dca2f6286db4b51ebb2536e4dcab75a039ad05692fa3fa712e87e11667ad5
GET /v/t42.1790-2/315993151_432109778941236_618895290020745476_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=gxSJX_dwIfIAX-1RrKV&_nc_ht=video-arn2-2.xx&oh=00_AfDG2_do-CQgeARweyny2z8EJ7PMUloGaWlCq7DKUE3YBQ&oe=638A82D0&bytestart=783&byteend=850 HTTP/1.1
Host: video-arn2-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Tue, 22 Nov 2022 11:02:12 GMT
content-type: video/mp4
x-needle-checksum: 1348253116
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=1348253116
content-length: 68
accept-ranges: bytes
x-fb-trip-id: 436667874
date: Fri, 02 Dec 2022 20:15:15 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
video-arn2-1.xx.fbcdn.net/v/t39.25447-2/316537198_534636304866370_96643859023902012_n.mp4?_nc_cat=103&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfcjJfYXZjX2dlbjFhdmNfbGNfcTUwX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=OqsppgQS2mwAX_Nj1qH&_nc_ht=video-arn2-1.xx&oh=00_AfAWH1M81sFMuHzuE7rjHGr38jdOUkSG56eYt0cC5vUmlw&oe=638ECE49&bytestart=841&byteend=884
200 OK 44 B URL HTTP/2 video-arn2-1.xx.fbcdn.net/v/t39.25447-2/316537198_534636304866370_96643859023902012_n.mp4?_nc_cat=103&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfcjJfYXZjX2dlbjFhdmNfbGNfcTUwX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=OqsppgQS2mwAX_Nj1qH&_nc_ht=video-arn2-1.xx&oh=00_AfAWH1M81sFMuHzuE7rjHGr38jdOUkSG56eYt0cC5vUmlw&oe=638ECE49&bytestart=841&byteend=884
IP
Hash b92d9efdcc1de4a31d8b5d075a4063fc
57b638eb2dd9317f863e23825c8f9fc3b2bf1f05
ef6cd22be09472d3a9ac85da315332587fbebfd7e923b7d72c39755539401d43
GET /v/t39.25447-2/316537198_534636304866370_96643859023902012_n.mp4?_nc_cat=103&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfcjJfYXZjX2dlbjFhdmNfbGNfcTUwX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=OqsppgQS2mwAX_Nj1qH&_nc_ht=video-arn2-1.xx&oh=00_AfAWH1M81sFMuHzuE7rjHGr38jdOUkSG56eYt0cC5vUmlw&oe=638ECE49&bytestart=841&byteend=884 HTTP/1.1
Host: video-arn2-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Tue, 22 Nov 2022 14:22:49 GMT
content-type: video/mp4
x-needle-checksum: 1407151495
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=1407151495
content-length: 44
accept-ranges: bytes
x-fb-trip-id: 436667874
date: Fri, 02 Dec 2022 20:15:15 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
x-fb-edge-debug: RkLWvCUFFUKyf2vs1U4ejcKIFpNe7fSGGCxCZPBXRKpv4H6apezwW36AXYwAIeWNGzkfZOlJTPZW-E13m_KTq1tq54FVhAjFnE1_bWHzhls
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
video-arn2-1.xx.fbcdn.net/v/t39.25447-2/316537198_534636304866370_96643859023902012_n.mp4?_nc_cat=103&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfcjJfYXZjX2dlbjFhdmNfbGNfcTUwX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=OqsppgQS2mwAX_Nj1qH&_nc_ht=video-arn2-1.xx&oh=00_AfAWH1M81sFMuHzuE7rjHGr38jdOUkSG56eYt0cC5vUmlw&oe=638ECE49&bytestart=0&byteend=840
200 OK 841 B URL HTTP/2 video-arn2-1.xx.fbcdn.net/v/t39.25447-2/316537198_534636304866370_96643859023902012_n.mp4?_nc_cat=103&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfcjJfYXZjX2dlbjFhdmNfbGNfcTUwX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=OqsppgQS2mwAX_Nj1qH&_nc_ht=video-arn2-1.xx&oh=00_AfAWH1M81sFMuHzuE7rjHGr38jdOUkSG56eYt0cC5vUmlw&oe=638ECE49&bytestart=0&byteend=840
IP
File type ISO Media, MP4 Base Media v5 \012- data
Hash f3e4fd202e27cc3fd5b8b07f70c61064
dc44dc2191eb99898a43ec18811a02f6138a6d53
bc7187bf72918d2209c4551d1b190d9566637eed0de1e341ebddfadd762b3c72
GET /v/t39.25447-2/316537198_534636304866370_96643859023902012_n.mp4?_nc_cat=103&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfcjJfYXZjX2dlbjFhdmNfbGNfcTUwX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=OqsppgQS2mwAX_Nj1qH&_nc_ht=video-arn2-1.xx&oh=00_AfAWH1M81sFMuHzuE7rjHGr38jdOUkSG56eYt0cC5vUmlw&oe=638ECE49&bytestart=0&byteend=840 HTTP/1.1
Host: video-arn2-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Tue, 22 Nov 2022 14:22:49 GMT
content-type: video/mp4
x-needle-checksum: 1407151495
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=1407151495
content-length: 841
accept-ranges: bytes
x-fb-trip-id: 436667874
date: Fri, 02 Dec 2022 20:15:15 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
video-arn2-1.xx.fbcdn.net/v/t39.25447-2/316537198_534636304866370_96643859023902012_n.mp4?_nc_cat=103&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfcjJfYXZjX2dlbjFhdmNfbGNfcTUwX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=OqsppgQS2mwAX_Nj1qH&_nc_ht=video-arn2-1.xx&oh=00_AfAWH1M81sFMuHzuE7rjHGr38jdOUkSG56eYt0cC5vUmlw&oe=638ECE49&bytestart=885&byteend=56063
200 OK 55 kB URL HTTP/2 video-arn2-1.xx.fbcdn.net/v/t39.25447-2/316537198_534636304866370_96643859023902012_n.mp4?_nc_cat=103&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfcjJfYXZjX2dlbjFhdmNfbGNfcTUwX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=OqsppgQS2mwAX_Nj1qH&_nc_ht=video-arn2-1.xx&oh=00_AfAWH1M81sFMuHzuE7rjHGr38jdOUkSG56eYt0cC5vUmlw&oe=638ECE49&bytestart=885&byteend=56063
IP
Hash b9f38fecff4a69b42434e2ee7285723a
cc332307a9aa94b886d09cc1586f57162de57dcc
234cbe8f8816308fd8a605daa72b29a3deb3cb8f99f23953555835de819809ee
GET /v/t39.25447-2/316537198_534636304866370_96643859023902012_n.mp4?_nc_cat=103&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfcjJfYXZjX2dlbjFhdmNfbGNfcTUwX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=OqsppgQS2mwAX_Nj1qH&_nc_ht=video-arn2-1.xx&oh=00_AfAWH1M81sFMuHzuE7rjHGr38jdOUkSG56eYt0cC5vUmlw&oe=638ECE49&bytestart=885&byteend=56063 HTTP/1.1
Host: video-arn2-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Tue, 22 Nov 2022 14:22:49 GMT
content-type: video/mp4
x-needle-checksum: 1407151495
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=1407151495
content-length: 55179
accept-ranges: bytes
x-fb-trip-id: 436667874
date: Fri, 02 Dec 2022 20:15:15 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
x-fb-edge-debug: n2-F3YWjF7nafJFWkYsRlazvoXcyWYhtZTu_PjIYapdLFlvTh1RmXfPF2z-YvdgRDq5n4Mh-9Rb4udTsxMSnJi3jPGD4bo4sBnzpv44SOHs
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.medinain.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3
200 OK 0 B URL HTTP/2 www.medinain.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Apr 2019 11:06:22 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
200 OK 0 B URL HTTP/2 www.medinain.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 05 Sep 2019 09:01:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/themes/dentalia/libs/bootstrap/css/bootstrap.min.css?ver=5.3.14
200 OK 0 B URL HTTP/2 www.medinain.com/wp-content/themes/dentalia/libs/bootstrap/css/bootstrap.min.css?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/themes/dentalia/libs/bootstrap/css/bootstrap.min.css?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Apr 2019 00:03:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/themes/dentalia/dev-js/functions.js?ver=5.3.14
200 OK 0 B URL HTTP/2 www.medinain.com/wp-content/themes/dentalia/dev-js/functions.js?ver=5.3.14
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dentalia/dev-js/functions.js?ver=5.3.14 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Apr 2019 00:03:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.medinain.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3
200 OK 0 B URL HTTP/2 www.medinain.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3
IP
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3 HTTP/1.1
Host: www.medinain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medinain.com/wp-admin/pp/?i=i&0=riker_lee@slurpmail.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Apr 2019 11:06:22 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Dec 2022 20:15:10 GMT
server: Apache
X-Firefox-Spdy: h2
192.185.115.123
157.240.194.21
93.184.220.29
104.22.25.131
23.33.119.27