| demo2.cloudwp.dev/trial-46961z22/wp-content/plugins |  151.139.128.10 | 301 Moved Permanently | 0 B |
URL HTTP/1.1demo2.cloudwp.dev/trial-46961z22/wp-content/plugins IP151.139.128.10:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /trial-46961z22/wp-content/plugins HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 07 Jan 2023 11:05:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Location: https://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins
X-HW: 1673089554.cds236.sk1.h2,1673089554.cds261.sk1.c
Link: <http://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins>; rel="canonical"
Access-Control-Allow-Origin: *
x-sp-metadata: HS256.CKLA5Z0GEksKJGI2NjY5NmIyLWM3NzktNGRmNS04MzUxLTNiOTdhZjZhNGIyNxDYn4qBp9n7AhoGCJKk5Z0GIgw5MS45MC40Mi4xNTQot8QDMAIaKAgBEiQ5NGMzM2JjMi03YjgyLTQyZDctYTljNS01MDdhMjAyYjYxZmQiGAgCEhRjZHMyNjEuc2sxLmh3Y2RuLm5ldA==.cEXmL1/IHbjd23P8pxPWUGl+aLHhzRsp+70/xAJ6gKI=
Connection: keep-alive
Content-Length: 0
|
|
| r3.o.lencr.org/ |  23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash326898eb925368408f6f42ee173b9d89 b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8 96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5475
Expires: Sat, 07 Jan 2023 12:37:09 GMT
Date: Sat, 07 Jan 2023 11:05:54 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash516b9d6951b09439a51d5284994ed92f 5c78edb38bae36caa8e2db8ed6635a32e46c91dd eaaf4ebc59d2a06d02b552154c5adb7c713ffc4a7f5caabcff1c2b4cd6ec5c7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EAAF4EBC59D2A06D02B552154C5ADB7C713FFC4A7F5CAABCFF1C2B4CD6EC5C7B"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8698
Expires: Sat, 07 Jan 2023 13:30:52 GMT
Date: Sat, 07 Jan 2023 11:05:54 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash600f7ba6e1a6fbbd176cd2df19b1e4d9 cdd72b25fd91ee980aba193b12e890096e4fe852 860214860947dfbe26099f018747154823b175fceb2821a390cc655da191a6d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "860214860947DFBE26099F018747154823B175FCEB2821A390CC655DA191A6D0"
Last-Modified: Thu, 05 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6764
Expires: Sat, 07 Jan 2023 12:58:38 GMT
Date: Sat, 07 Jan 2023 11:05:54 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 07 Jan 2023 10:48:07 GMT
content-type: application/json
age: 1067
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashb1fcd419a4245617397846e8d17233f6 2a037ce244587640b27ead9a0ec2af4f862d91b2 e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1OKEc7KkjLrQC+qi4DG3S2XUHPf7j2cGTN3g9QdEPwV3GxVhi/ijbFgxCmJPsw8WLfvLFWMKP1DiJeYrVKxg9Q==
x-amz-request-id: Z4S4Y1TVRX61ESBC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 07 Jan 2023 10:15:16 GMT
age: 3038
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 11:05:54 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 07 Jan 2023 10:08:13 GMT
age: 3462
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash8589b6a84dd5a09ec546aff38bbd2515 1c3a3d8a69ae7a3ebda64292caf0e0f5968e81f7 f013da155203f0509d56e8174c2ae5ed23aad413b4391f276efd388519743b17
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 709
Cache-Control: max-age=166364
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 11:05:55 GMT
Etag: "63b9362a-1d7"
Expires: Mon, 09 Jan 2023 09:18:39 GMT
Last-Modified: Sat, 07 Jan 2023 09:06:50 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
|
|
| demo2.cloudwp.dev/favicon.ico | 151.139.128.10 | 200 OK | 1.2 kB |
URL HTTP/2demo2.cloudwp.dev/favicon.ico IP151.139.128.10:0
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Hash6af2b6286c753a22bf1dd95100bd3093 004c513c359ae3c57ed85910f27804def11e2d26 9a187b9fc2a7a7ebeae725b685c4a33848f94b2cf69d276a227401c10a268058
GET /favicon.ico HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins
Cookie: DSR=y2UR3uTfTU0eMM3ZHgTo9YhJOwcgyTETNhsd6kjvC8bO5CfxODucbdDtRzTDsXM07WfjGYd/TSH1KZS57egyqQ==; DCSS=D79EEAFC7E3680AE84E7916F220A7DD2EE0D147; DGCC=fUS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 11:05:55 GMT
cache-control: max-age=30
content-length: 1189
content-type: image/x-icon
last-modified: Tue, 21 Apr 2015 20:19:14 GMT
accept-ranges: bytes
etag: "5536b0c2-4a5"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
x-robots-tag: noindex, nofollow, noarchive, nosnippet
strict-transport-security: max-age=31536000; includeSubDomains
server: fbs
set-cookie: DCST=pE9; path=/; HttpOnly; SameSite=Lax;
SPSI=00299b984332e3709833f890eaed0468; path=/; HttpOnly; SameSite=Lax;
SPSE=+24cU10j1Hmu9Bc7kT0rI5JUwBM7qA+F1NwfltfG/engg5I4Yr7e48n3naF541qdM9vfWgcArzpT68lSmpkQIw==; path=/; HttpOnly; SameSite=Lax;
x-sp-metadata: HS256.CKPA5Z0GEocBCiQ0MWZiNzAxNS03MTFlLTQ4MDQtYjE1Ny1iMTFlMDNlODI2MzIQ2J+KgafZ+wIaBgiSpOWdBiIMOTEuOTAuNDIuMTU0KNCrAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGIyZTMyMTQ2MDdjMjc0ZTNiNzJmMTQ0NzFhMGFkZDlkGikSJDI5MTMyZjJhLWUwZDYtNDMwMC1iZGY4LWJhYjcyYmEwYmI1NhilCSIaCAISFGNkczAxNS5zazEuaHdjZG4ubmV0GAg=.4kOFGokOf9Ng9d5wf4CDYi2UNnswS7IAa0GqVihWexo=
x-hw: 1673089554.cds203.sk1.hc,1673089554.cds015.sk1.sc,1673089555.cds015.sk1.pr
link: <https://demo2.cloudwp.dev/favicon.ico>; rel="canonical"
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 52.39.111.94 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.39.111.94:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: n9PQfppNClH5W3LRzg70Tw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1q/45oBDSeAee+PXlciY9vqyHpY=
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash8b64a17d9b8c33515817fc19dd6f60d7 a752305109964bc1ef3537debed9c40c44198cea 8f7b7d229100176e82780eb0c3808b410b078025237210d8b5037c30ac3b0987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 11:05:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash8b64a17d9b8c33515817fc19dd6f60d7 a752305109964bc1ef3537debed9c40c44198cea 8f7b7d229100176e82780eb0c3808b410b078025237210d8b5037c30ac3b0987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 11:05:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/josefinsans/v9/C6HYlRF50SGJq1XyXj04z04GofcKVZz6wtzX_QUIqsI.woff2 | 216.58.207.227 | 200 OK | 22 kB |
URL HTTP/2fonts.gstatic.com/s/josefinsans/v9/C6HYlRF50SGJq1XyXj04z04GofcKVZz6wtzX_QUIqsI.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 22244, version 1.0\012- data Hash6a6b4d48d3990297f8feb86f96e8386e beef652f807f9bb675aed8738aead08fdea31611 70716a99384f70e8f55280615bf0ddf84d17c5561769e1671ee736bda8c2796a
GET /s/josefinsans/v9/C6HYlRF50SGJq1XyXj04z04GofcKVZz6wtzX_QUIqsI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://demo2.cloudwp.dev
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 03 Jan 2023 17:47:50 GMT
expires: Wed, 03 Jan 2024 17:47:50 GMT
cache-control: public, max-age=31536000
age: 321486
last-modified: Mon, 06 Oct 2014 20:36:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/exo2/v3/-A4eIjQkAwKL411pgtQ4VA.woff2 | 216.58.207.227 | 200 OK | 20 kB |
URL HTTP/2fonts.gstatic.com/s/exo2/v3/-A4eIjQkAwKL411pgtQ4VA.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 19516, version 1.65\012- data Hashd4ca8d74b0e60bc12aff23761498c73d 403689d08005fec559afc2f3070d5d2817d62595 25706f2aee8b387e4ce26b4cbcf4a6b79d385c1415f21baa41706fc7ed4520ea
GET /s/exo2/v3/-A4eIjQkAwKL411pgtQ4VA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://demo2.cloudwp.dev
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 18:49:05 GMT
expires: Thu, 04 Jan 2024 18:49:05 GMT
cache-control: public, max-age=31536000
age: 231411
last-modified: Wed, 27 Aug 2014 15:24:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash8b64a17d9b8c33515817fc19dd6f60d7 a752305109964bc1ef3537debed9c40c44198cea 8f7b7d229100176e82780eb0c3808b410b078025237210d8b5037c30ac3b0987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 11:05:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash457ca75ed75785c514fb36a16792410f fcc640c00713c93633d0b2887104c8fbc6c754f9 ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6926
Expires: Sat, 07 Jan 2023 13:01:22 GMT
Date: Sat, 07 Jan 2023 11:05:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash457ca75ed75785c514fb36a16792410f fcc640c00713c93633d0b2887104c8fbc6c754f9 ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6926
Expires: Sat, 07 Jan 2023 13:01:22 GMT
Date: Sat, 07 Jan 2023 11:05:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash457ca75ed75785c514fb36a16792410f fcc640c00713c93633d0b2887104c8fbc6c754f9 ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6926
Expires: Sat, 07 Jan 2023 13:01:22 GMT
Date: Sat, 07 Jan 2023 11:05:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash457ca75ed75785c514fb36a16792410f fcc640c00713c93633d0b2887104c8fbc6c754f9 ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6926
Expires: Sat, 07 Jan 2023 13:01:22 GMT
Date: Sat, 07 Jan 2023 11:05:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash457ca75ed75785c514fb36a16792410f fcc640c00713c93633d0b2887104c8fbc6c754f9 ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6926
Expires: Sat, 07 Jan 2023 13:01:22 GMT
Date: Sat, 07 Jan 2023 11:05:56 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5c619dc-4aba-44fa-b20f-5156f0b5ce48.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5c619dc-4aba-44fa-b20f-5156f0b5ce48.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5196aa81157b1c7f02a2aeec700cb184 f298bf34671800af23c78a4dcc14ff0ed60f48e8 ecdaf55df4565409bd6f6cb66a7272e9a6f3cee750437df658d4412827e0d042
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5c619dc-4aba-44fa-b20f-5156f0b5ce48.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10809
x-amzn-requestid: 6871f0ab-096d-42bc-82c4-ed72871efd30
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d4DgmF_EIAMF_Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63acb2d0-551e264261f23a0f3afa9213;Sampled=0
x-amzn-remapped-date: Wed, 28 Dec 2022 21:19:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BoHEdJaS8XPY5eqT7q4mdxypOsnxpFgvMoB5O8iKkMSiNicBZgz5mw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:49:53 GMT
age: 47763
etag: "f298bf34671800af23c78a4dcc14ff0ed60f48e8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadd3e75d-3882-4f03-b3f3-9ee6d8c9e614.jpeg | 34.120.237.76 | 200 OK | 6.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadd3e75d-3882-4f03-b3f3-9ee6d8c9e614.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd7969a6b13e7b61ac8f3dd41697dc496 c453e493e0c5ed759440ae6a5fa9cb2d426c53e7 db236f4f50a187bfda4c25c98d9cd29306f3e36973217c92821cf59e495b7208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadd3e75d-3882-4f03-b3f3-9ee6d8c9e614.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6437
x-amzn-requestid: 52721f5f-175a-411f-ab50-e9af4c8dbcc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVxEpHrCIAMFSdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b89550-1fff65c32b4545ce5dfe9ca5;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 21:40:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: A4nhfHxlz62wMNC6iqRAy5Jwjm3nrVj30fGIcviCwjlz_xV_YPV82Q==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:47:49 GMT
age: 47887
etag: "c453e493e0c5ed759440ae6a5fa9cb2d426c53e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31bc11ee-d473-4118-9434-3dd149282464.webp | 34.120.237.76 | 200 OK | 6.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31bc11ee-d473-4118-9434-3dd149282464.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf83db2c3a907629e06bd60b97d98b436 e7adc7c3fc446bb4b78eef410b5d2a573b50bc6f 800cf7ed947e2a8046b0008d7998d79d9f8e47c6add076da789bf2bf0bda40ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31bc11ee-d473-4118-9434-3dd149282464.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6780
x-amzn-requestid: 3054b209-5d61-4f15-9522-c777bac9c7ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVxMXEfYoAMF4WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b89582-69265eda1930d43d59790083;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 21:41:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: -6EPhBDnwxBwW5rb-QO0EkO5S5APsCjSJIm52FYjl-_MyRbyiGasEg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:47:49 GMT
age: 47887
etag: "e7adc7c3fc446bb4b78eef410b5d2a573b50bc6f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ef3a07b-bcd6-4039-8f1b-5315d2fe51c2.jpeg | 34.120.237.76 | 200 OK | 5.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ef3a07b-bcd6-4039-8f1b-5315d2fe51c2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc9ea2a04001ae6e92e56682f186ffbc2 dea01d8485f04aba4dcae63eb073a76d242a0095 c71e983f9d53f96de3553eb78da4f6da141d3dd381b1a1d55061f9141d3a54b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ef3a07b-bcd6-4039-8f1b-5315d2fe51c2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5657
x-amzn-requestid: 4bb9764d-0119-4201-b4e1-f3193d436022
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVxL5G-VoAMFblQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8957f-65d303390f3426bc006f23f3;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 21:41:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: x2J2pA3SunX-oqNpW1qO9rRvN4oylDoaKvx1WaQx_-BgHEo2YvvkZg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:47:27 GMT
age: 47909
etag: "dea01d8485f04aba4dcae63eb073a76d242a0095"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe337b2fa-7f8d-45d1-9c3b-36a6e16363af.webp | 34.120.237.76 | 200 OK | 14 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe337b2fa-7f8d-45d1-9c3b-36a6e16363af.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3356bee662c2ea20cbebff5293e73340 625cfd3806740998c859fef8c1153efea72f5342 cd973426a15b28fa2c141e927ebf4e12faa05665780a3cd5010f874769b336e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe337b2fa-7f8d-45d1-9c3b-36a6e16363af.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13620
x-amzn-requestid: 0858cbd0-5965-477b-9d5f-015243f86e12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ePk56F4JoAMF5Uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b61b72-705a9ad403bb7795397926fd;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 00:36:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DoKiNkOKV6r5zqczq2ckoyb9UJyMABXfyn6WE1NerYovg8yg-AeePQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 10:11:59 GMT
age: 3237
etag: "625cfd3806740998c859fef8c1153efea72f5342"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg | 34.120.237.76 | 200 OK | 5.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe832123ea0c92a446b5894e75efc86ae bb438ca635b43819701067ef07a3d910ad29a0c7 e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vIFVXgt2RmoplkAVOtUrOkXj3LmhRw-XEPe7fugZ2-mv_iDY07XzUg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 08:42:42 GMT
age: 8594
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| demo2.cloudwp.dev/favicon.ico | 151.139.128.10 | 200 OK | 1.2 kB |
URL HTTP/2demo2.cloudwp.dev/favicon.ico IP151.139.128.10:0
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Hash6af2b6286c753a22bf1dd95100bd3093 004c513c359ae3c57ed85910f27804def11e2d26 9a187b9fc2a7a7ebeae725b685c4a33848f94b2cf69d276a227401c10a268058
GET /favicon.ico HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins/
Cookie: DSR=y2UR3uTfTU0eMM3ZHgTo9YhJOwcgyTETNhsd6kjvC8bO5CfxODucbdDtRzTDsXM07WfjGYd/TSH1KZS57egyqQ==; DCSS=D79EEAFC7E3680AE84E7916F220A7DD2EE0D147; DGCC=fUS; DCST=pE9; SPSI=00299b984332e3709833f890eaed0468; SPSE=+24cU10j1Hmu9Bc7kT0rI5JUwBM7qA+F1NwfltfG/engg5I4Yr7e48n3naF541qdM9vfWgcArzpT68lSmpkQIw==; spcsrf=eacf9d8ad9e9c130d56a601f80bb844b; UTGv2=h4306285e0f5dcb26d78e28e25c600386e65; sp_lit=eqp5Hxn6xZ/utpAuz3DYWA==; PRLST=em
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 11:05:56 GMT
cache-control: max-age=29
content-length: 1189
content-type: image/x-icon
last-modified: Tue, 21 Apr 2015 20:19:14 GMT
accept-ranges: bytes
etag: "5536b0c2-4a5"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
x-robots-tag: noindex, nofollow, noarchive, nosnippet
strict-transport-security: max-age=31536000; includeSubDomains
server: fbs
x-sp-metadata: HS256.CKTA5Z0GEocBCiRlODMwZjhmMy01OGNmLTQ2NDctOGNlMC0zMTFiNWU3NTE4NGQQ2J+KgafZ+wIaBgiUpOWdBiIMOTEuOTAuNDIuMTU0KOvIAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGIyZTMyMTQ2MDdjMjc0ZTNiNzJmMTQ0NzFhMGFkZDlkGisIARIkMmNhNDI1ZTgtNjZhOS00NWYxLWIwYWQtY2VmNTViZDFlMWQ4GKUJIhgIAhIUY2RzMDE1LnNrMS5od2Nkbi5uZXQ=.MywdIhJK5lwyvNbEY2P1Ou95M3oR+DUK/u9zuQtukgU=
x-hw: 1673089556.cds213.sk1.hc,1673089556.cds015.sk1.c
link: <https://demo2.cloudwp.dev/favicon.ico>; rel="canonical"
X-Firefox-Spdy: h2
|
|
| demo2.cloudwp.dev/images/no-grid.svg | 151.139.128.10 | 200 OK | 748 B |
URL HTTP/2demo2.cloudwp.dev/images/no-grid.svg IP151.139.128.10:0
File typeSVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (799) Hashfcebd70ebc58ff18fc16d5046b8327e0 8f9b173ec90e8c044c36e8d3e433adcbbea347f6 518b8561325dbb40ab1b4e06724feff581982bf209e60b4b7cc54983b6dd577b
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /images/no-grid.svg HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins/
Cookie: DSR=y2UR3uTfTU0eMM3ZHgTo9YhJOwcgyTETNhsd6kjvC8bO5CfxODucbdDtRzTDsXM07WfjGYd/TSH1KZS57egyqQ==; DCSS=D79EEAFC7E3680AE84E7916F220A7DD2EE0D147; DGCC=fUS; DCST=pE9; SPSI=00299b984332e3709833f890eaed0468; SPSE=+24cU10j1Hmu9Bc7kT0rI5JUwBM7qA+F1NwfltfG/engg5I4Yr7e48n3naF541qdM9vfWgcArzpT68lSmpkQIw==; spcsrf=eacf9d8ad9e9c130d56a601f80bb844b; UTGv2=D-h4306285e0f5dcb26d78e28e25c600386e65; sp_lit=eqp5Hxn6xZ/utpAuz3DYWA==; PRLST=em
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 11:05:57 GMT
etag: "1480970958"
cache-control: max-age=30
content-encoding: gzip
content-length: 748
content-type: image/svg+xml
last-modified: Mon, 05 Dec 2016 20:49:18 GMT
accept-ranges: bytes
x-proxy-cache: MISS
x-robots-tag: noindex, nofollow, noarchive, nosnippet
strict-transport-security: max-age=31536000; includeSubDomains
server: fbs
x-sp-metadata: HS256.CKXA5Z0GEocBCiRmOTk2MWEyMy0wYTY4LTRlNTMtOGVlYS04MTM0MzQyZDY1NWIQ2J+KgafZ+wIaBgiUpOWdBiIMOTEuOTAuNDIuMTU0KOvIAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGIyZTMyMTQ2MDdjMjc0ZTNiNzJmMTQ0NzFhMGFkZDlkGikSJDE4NzAzYTk1LTRiMWEtNDllZC1hOGU2LWViMTlkMjU0NGEyNRjsBSIaCAISFGNkczIyMi5zazEuaHdjZG4ubmV0GAg=.OEwU1JGS0t4i3bTKV96cXPPlVBYsOVKy0zATGFhP8+w=
x-hw: 1673089556.cds213.sk1.hc,1673089556.cds222.sk1.sc,1673089557.cds222.sk1.pr
link: <https://demo2.cloudwp.dev/images/no-grid.svg>; rel="canonical"
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| demo2.cloudwp.dev/images/boldgrid-logo-vertical-black.svg | 151.139.128.10 | 200 OK | 1.8 kB |
URL HTTP/2demo2.cloudwp.dev/images/boldgrid-logo-vertical-black.svg IP151.139.128.10:0
File typeSVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (4396), with no line terminators Hash5e37ed8b16c8e17b3d2da3c160274f74 a6f17c0b1d96de15eabe44d39133be2a72e3b800 a73c7101f349ebad8c84b448946034f907d4c6f7d384c5dd77b389a4ec14e266
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /images/boldgrid-logo-vertical-black.svg HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins/
Cookie: DSR=y2UR3uTfTU0eMM3ZHgTo9YhJOwcgyTETNhsd6kjvC8bO5CfxODucbdDtRzTDsXM07WfjGYd/TSH1KZS57egyqQ==; DCSS=D79EEAFC7E3680AE84E7916F220A7DD2EE0D147; DGCC=fUS; DCST=pE9; SPSI=00299b984332e3709833f890eaed0468; SPSE=+24cU10j1Hmu9Bc7kT0rI5JUwBM7qA+F1NwfltfG/engg5I4Yr7e48n3naF541qdM9vfWgcArzpT68lSmpkQIw==; spcsrf=eacf9d8ad9e9c130d56a601f80bb844b; UTGv2=D-h4306285e0f5dcb26d78e28e25c600386e65; sp_lit=eqp5Hxn6xZ/utpAuz3DYWA==; PRLST=em
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 11:05:57 GMT
etag: "1480711858"
cache-control: max-age=30
content-encoding: gzip
content-length: 1806
content-type: image/svg+xml
last-modified: Fri, 02 Dec 2016 20:50:58 GMT
accept-ranges: bytes
x-proxy-cache: MISS
x-robots-tag: noindex, nofollow, noarchive, nosnippet
strict-transport-security: max-age=31536000; includeSubDomains
server: fbs
x-sp-metadata: HS256.CKXA5Z0GEocBCiQwNjg4MjAxOS1mNGYyLTQyYzQtYTM5Mi04MTE0NDVhMTljMTEQ2J+KgafZ+wIaBgiUpOWdBiIMOTEuOTAuNDIuMTU0KOvIAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGIyZTMyMTQ2MDdjMjc0ZTNiNzJmMTQ0NzFhMGFkZDlkGikSJDFkNTdmNWE5LThhNGYtNGM4Ni04NmIzLTkxZTU4NWE1OWQ4ZRiODiIaCAISFGNkczAxNi5zazEuaHdjZG4ubmV0GAg=.KDA7CJi1dMnwAK53doqVzCrQR7peOwFQVcYd8rX57b8=
x-hw: 1673089556.cds213.sk1.hc,1673089556.cds016.sk1.sc,1673089557.cds016.sk1.pr
link: <https://demo2.cloudwp.dev/images/boldgrid-logo-vertical-black.svg>; rel="canonical"
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| demo2.cloudwp.dev/trial-46961z22/wp-content/plugins | 151.139.128.10 | 200 OK | 0 B |
URL HTTP/2demo2.cloudwp.dev/trial-46961z22/wp-content/plugins IP151.139.128.10:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /trial-46961z22/wp-content/plugins HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 07 Jan 2023 11:05:54 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html
last-modified: Fri, 02 Jan 1970 08:00:00 GMT
set-cookie: DSR=y2UR3uTfTU0eMM3ZHgTo9YhJOwcgyTETNhsd6kjvC8bO5CfxODucbdDtRzTDsXM07WfjGYd/TSH1KZS57egyqQ==; path=/; SameSite=Lax;
DCSS=D79EEAFC7E3680AE84E7916F220A7DD2EE0D147; path=/; SameSite=Lax;
x-accel-expires: 0
server: fbs
link: <https://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins>; rel="canonical"
x-hw: 1673089554.cds262.sk1.hn,1673089554.cds261.sk1.sc,1673089554.cdn2-wafbe01-arn1.stackpath.systems.-.w,1673089554.cds261.sk1.p
access-control-allow-origin: *
x-sp-metadata: HS256.CKLA5Z0GEoYBCiQwYmRiZjRjNy00N2E0LTQyZjUtOWY2ZC03MmUwMzY0M2ExNzgQ2J+KgafZ+wIaBgiSpOWdBiIMOTEuOTAuNDIuMTU0KPtqMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaJhIkODIzOGQyNjctYWJmZC00NTBjLTk3ODItZGMxYzI1MjZiYTJmIhoIAhIUY2RzMjYxLnNrMS5od2Nkbi5uZXQYCA==.DFOTde1LAjaJklSQiECYxgOtpmvVO907k48Vo4qu9cI=
X-Firefox-Spdy: h2
|
|
| demo2.cloudwp.dev/trial-46961z22/wp-content/plugins | 151.139.128.10 | 301 Moved Permanently | 0 B |
URL HTTP/2demo2.cloudwp.dev/trial-46961z22/wp-content/plugins IP151.139.128.10:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /trial-46961z22/wp-content/plugins HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: DSR=y2UR3uTfTU0eMM3ZHgTo9YhJOwcgyTETNhsd6kjvC8bO5CfxODucbdDtRzTDsXM07WfjGYd/TSH1KZS57egyqQ==; DCSS=D79EEAFC7E3680AE84E7916F220A7DD2EE0D147; DGCC=fUS
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Sat, 07 Jan 2023 11:05:55 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=iso-8859-1
set-cookie: DCST=pE9; path=/; HttpOnly; SameSite=Lax;
SPSI=c91310fae7a3908f05f0cad1fa112252; path=/; HttpOnly; SameSite=Lax;
SPSE=+24cU10j1Hmu9Bc7kT0rI0sgLhfOHd4b6fUd6hE/CCN0UH5M7sdnOmkpH0+pCew+dSRDupgrZuF+jtRUTwXE7A==; path=/; HttpOnly; SameSite=Lax;
spcsrf=58dd3b53e1d56ada3ea794572f5fa054; path=/; SameSite=Strict; HttpOnly; expires=Sat, 07-Jan-23 13:05:54 GMT
adOtr=obsvl; path=/; SameSite=Lax; expires=Thu, 2 Aug 2001 20:47:11 UTC
UTGv2=D-h4466528f0c08b97a76ca4fb7097f3c2ff28; path=/; SameSite=Lax; expires=Thu, 06-Jul-23 11:05:54 GMT
location: https://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins/
x-proxy-cache: MISS
x-robots-tag: noindex, nofollow, noarchive, nosnippet
strict-transport-security: max-age=31536000; includeSubDomains
server: fbs
link: <https://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins>; rel="canonical"
x-hw: 1673089554.cds203.sk1.hc,1673089554.cds261.sk1.sc,1673089555.cdn2-wafbe01-arn1.stackpath.systems.-.wx,1673089555.cds261.sk1.p
access-control-allow-origin: *
x-sp-metadata: HS256.CKPA5Z0GEocBCiRhMjM0Y2RjNy02MzdhLTRkM2YtOTQwOS1mMDUzYWZiY2Q2MDAQ2J+KgafZ+wIaBgiSpOWdBiIMOTEuOTAuNDIuMTU0KNCrAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGIyZTMyMTQ2MDdjMjc0ZTNiNzJmMTQ0NzFhMGFkZDlkGikSJGE0OTE1YjdmLTBiY2QtNGI5ZS1iMzQ0LTg0ODI0MmUwMWI0NhiMAiIaCAISFGNkczI2MS5zazEuaHdjZG4ubmV0GAg=.VMJqQ4Blg6O1n8PjFen20zmGNbeYqdGFPqOwiIKjI4I=
X-Firefox-Spdy: h2
|
|
| demo2.cloudwp.dev/sbbi/?sbbpg=sbbShell&gprid=em&sbbgs=h4306285e0f5dcb26d78e28e25c600386e65&ddl=-10 | 151.139.128.10 | 200 OK | 0 B |
URL HTTP/2demo2.cloudwp.dev/sbbi/?sbbpg=sbbShell&gprid=em&sbbgs=h4306285e0f5dcb26d78e28e25c600386e65&ddl=-10 IP151.139.128.10:0
GET /sbbi/?sbbpg=sbbShell&gprid=em&sbbgs=h4306285e0f5dcb26d78e28e25c600386e65&ddl=-10 HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins/
Cookie: DSR=y2UR3uTfTU0eMM3ZHgTo9YhJOwcgyTETNhsd6kjvC8bO5CfxODucbdDtRzTDsXM07WfjGYd/TSH1KZS57egyqQ==; DCSS=D79EEAFC7E3680AE84E7916F220A7DD2EE0D147; DGCC=fUS; DCST=pE9; SPSI=00299b984332e3709833f890eaed0468; SPSE=+24cU10j1Hmu9Bc7kT0rI5JUwBM7qA+F1NwfltfG/engg5I4Yr7e48n3naF541qdM9vfWgcArzpT68lSmpkQIw==; spcsrf=eacf9d8ad9e9c130d56a601f80bb844b; UTGv2=h4306285e0f5dcb26d78e28e25c600386e65; sp_lit=eqp5Hxn6xZ/utpAuz3DYWA==; PRLST=em
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 11:05:56 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
link: <https://demo2.cloudwp.dev/sbbi/>; rel="canonical"
x-hw: 1673089556.cds213.sk1.hc,1673089556.cds220.sk1.sc,1673089556.cdn2-wafbe04-arn1.stackpath.systems.-.i,1673089556.cds220.sk1.p
access-control-allow-origin: *
x-sp-metadata: HS256.CKTA5Z0GEocBCiQ2NTdkNTAwOC1kOGNmLTQyNzItOTc1MC05ZGVlOWM5NjFiYWUQ2J+KgafZ+wIaBgiUpOWdBiIMOTEuOTAuNDIuMTU0KOvIAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGIyZTMyMTQ2MDdjMjc0ZTNiNzJmMTQ0NzFhMGFkZDlkGiYSJGFiZDZmZjdkLTQ0YTAtNDgyNi04ZDk5LTNmYjQwZmE2OTBkYSIaCAISFGNkczIyMC5zazEuaHdjZG4ubmV0GAg=.rfQrYPGOF6yzGiKr4Y9/7k8Dw3fgm1n6Tb32q3F3QLk=
X-Firefox-Spdy: h2
|
|
| demo2.cloudwp.dev/sbbi/?sbbpg=utMedia&vii=ch9413301602f8a5ee70af359d0c8bf2065df708cea2d81ef2a51c1620205328m6oem6q5 | 151.139.128.10 | 200 OK | 0 B |
URL HTTP/2demo2.cloudwp.dev/sbbi/?sbbpg=utMedia&vii=ch9413301602f8a5ee70af359d0c8bf2065df708cea2d81ef2a51c1620205328m6oem6q5 IP151.139.128.10:0
GET /sbbi/?sbbpg=utMedia&vii=ch9413301602f8a5ee70af359d0c8bf2065df708cea2d81ef2a51c1620205328m6oem6q5 HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/trial-46961z22/wp-content/plugins/
Cookie: DSR=y2UR3uTfTU0eMM3ZHgTo9YhJOwcgyTETNhsd6kjvC8bO5CfxODucbdDtRzTDsXM07WfjGYd/TSH1KZS57egyqQ==; DCSS=D79EEAFC7E3680AE84E7916F220A7DD2EE0D147; DGCC=fUS; DCST=pE9; SPSI=00299b984332e3709833f890eaed0468; SPSE=+24cU10j1Hmu9Bc7kT0rI5JUwBM7qA+F1NwfltfG/engg5I4Yr7e48n3naF541qdM9vfWgcArzpT68lSmpkQIw==; spcsrf=eacf9d8ad9e9c130d56a601f80bb844b; UTGv2=h4306285e0f5dcb26d78e28e25c600386e65; sp_lit=eqp5Hxn6xZ/utpAuz3DYWA==; PRLST=em
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 11:05:56 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-type: image/gif
server: fbs
x-accel-expires: 0
link: <https://demo2.cloudwp.dev/sbbi/>; rel="canonical"
x-hw: 1673089556.cds213.sk1.hc,1673089556.cds009.sk1.sc,1673089556.cdn2-wafbe04-arn1.stackpath.systems.-.i,1673089556.cds009.sk1.p
access-control-allow-origin: *
x-sp-metadata: HS256.CKTA5Z0GEocBCiRmZDQwMjI1MC1jZjk0LTRjNTEtYjM2OC1lMzJlMzFkMjU5N2YQ2J+KgafZ+wIaBgiUpOWdBiIMOTEuOTAuNDIuMTU0KOvIAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGIyZTMyMTQ2MDdjMjc0ZTNiNzJmMTQ0NzFhMGFkZDlkGiYSJGEwYjNhZGNmLWYzMTktNDU2YS05Y2MyLTJkNjg1ZWI5ZTkyNiIaCAISFGNkczAwOS5zazEuaHdjZG4ubmV0GAg=.Z66+9p+ESBoS4J7qyxn1b0u04TuZ5uzK7xOpR3fiaqA=
X-Firefox-Spdy: h2
|
|
0.0.0.0