r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8564
Expires: Mon, 06 Feb 2023 06:18:44 GMT
Date: Mon, 06 Feb 2023 03:56:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11780
Expires: Mon, 06 Feb 2023 07:12:20 GMT
Date: Mon, 06 Feb 2023 03:56:00 GMT
Connection: keep-alive
theforceawakenstoys.com/vBulletin/core/cach
104.21.10.134301 Moved Permanently 259 B URL HTTP/1.1 theforceawakenstoys.com/vBulletin/core/cach
IP 104.21.10.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 91425501ae08e7591ccf52f2bc5f8c2c
68eb526e0ab0f66b4786b15fd52964626f82df9f
34552280454512bd52003730abd0ff67ec68125e28e21df247d8e14af0c5e720
Analyzer Verdict Alert fortinet Malware
GET /vBulletin/core/cach HTTP/1.1
Host: theforceawakenstoys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Feb 2023 03:56:00 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://theforceawakenstoys.com/vBulletin/core/cach
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xb1xW2HeAu9q%2F2cFzPexk3LYK8jKtvfvad7CY%2FpurDS6SUdXIaM71Q35xRmanutS%2BQaR2eKAvtO3GP%2FeIe1zLQXo2mXZGovioMMdcWKgxUuw2kAZzj2UJKpMA5qSN00nm4jiO4bo5T14Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7950f4135d0bb4ed-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 03:34:01 GMT
content-type: application/json
age: 1319
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18509
Expires: Mon, 06 Feb 2023 09:04:29 GMT
Date: Mon, 06 Feb 2023 03:56:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vs+tlwdOGxkEuKukvB7fjahVu1SOLebB/OSkJ87BbqE5qVYj8UrFuhcahUX6OE5K9VUKCwa3V4w=
x-amz-request-id: 0DE108T3BEE90A50
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 03:53:33 GMT
age: 147
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 03:56:00 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1c226f87a6ceef3923aaa0a84c06b608
d1c2dbf1d397471a11df963372b36e369069d223
4bcfb12d67093b77b3ca6fe4dabe8b4eeb1e28373375e32271a2a1989428cca9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:56:00 GMT
Server: ECS (amb/6B9D)
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 03:07:20 GMT
age: 2920
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2410
Expires: Mon, 06 Feb 2023 04:36:10 GMT
Date: Mon, 06 Feb 2023 03:56:00 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:56:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
theforceawakenstoys.com/wp-content/plugins/scVBConnector/scVBConnectorOverrideWP.css?ver=5.4.2
172.67.131.123200 OK 29 B URL HTTP/2 theforceawakenstoys.com/wp-content/plugins/scVBConnector/scVBConnectorOverrideWP.css?ver=5.4.2
IP 172.67.131.123:0
Hash b8d2c08012a21bdd0463f9326ac0f283
ec2b6ff509cced0cb80d3c6e9376371bd05f4928
e65c0b5214b5b45306fa04ae09d0cf03ecb44429ec0a75e1715707e06be51aae
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/scVBConnector/scVBConnectorOverrideWP.css?ver=5.4.2 HTTP/1.1
Host: theforceawakenstoys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/vBulletin/core/cach
Cookie: PHPSESSID=qa378eet92skj8dctf5uev5mq3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:56:00 GMT
content-type: text/css
content-length: 29
last-modified: Thu, 16 Jul 2020 20:07:29 GMT
etag: "1d-5aa949706e446"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfhYZQ69qTaZrPeldhEEItLD2eZwXtkYnv74zGmCw8iA%2FApy6%2Bn%2FLhE050KucKQ2cTvGm4Kb6wVk3L%2FFXw3V3i2j%2FdzqCmEN6dgo%2B4M6JU9cNXKlVTM5WbaBKj90YBI5Dji64BJU70fZzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7950f4190b851c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800&subset=latin,latin-ext
142.250.74.138200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800&subset=latin,latin-ext
IP 142.250.74.138:0
Hash db7b529740243dd2137d36927ca419e0
5415d780378030ff0fd1df6e7ac6f91e029f4b4b
fffd6d31bd69dadc12cf164339735fea08d421d612992c676c7e4753139a6b79
GET /css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 03:56:00 GMT
date: Mon, 06 Feb 2023 03:56:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.210.143.205101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.143.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MOYuxH5029hldLWJf2uGOA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jTXlKAvpNKN2OUWzyS6YNT/j1aE=
theforceawakenstoys.com/wp-content/uploads/2015/06/Force-Awakens-logo-large-01.jpg
172.67.131.123200 OK 1.4 MB URL HTTP/2 theforceawakenstoys.com/wp-content/uploads/2015/06/Force-Awakens-logo-large-01.jpg
IP 172.67.131.123:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 7535x2755, components 3\012- data
Size 1.4 MB (1364194 bytes)
Hash 7723d368c325a5ad833f111958200dfd
3f6a8c014a0c87d9cbf0e6fc50f47544fe8daf9b
dcbfbd0d62c35d964a280f7b411f8c64dab27d0651f67b264f5bc602de13825c
GET /wp-content/uploads/2015/06/Force-Awakens-logo-large-01.jpg HTTP/1.1
Host: theforceawakenstoys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/vBulletin/core/cach
Cookie: PHPSESSID=qa378eet92skj8dctf5uev5mq3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:56:01 GMT
content-type: image/jpeg
content-length: 1364194
last-modified: Fri, 19 Jun 2015 19:08:49 GMT
etag: "14d0e2-518e3a76af240"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWVIRt8CyuDdP%2FAXANiyShPJHpx9sq9QVe7%2Bfi%2F4sZjnR%2FMYGK9NkLsHdfvGivzq8YWeTIvigSGT6QleVQ1aaG8AewxUDA9c8387FHyoU1kpXKSGrTfB0eR1gnV9J%2Byn4hfOvJgMAo5zJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7950f4196ba01c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:56:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
theforceawakenstoys.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
172.67.131.123200 OK 52 kB URL HTTP/2 theforceawakenstoys.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
IP 172.67.131.123:0
File type ASCII text, with very long lines (10942)
Hash ba8ed515a898db758e0508c7c590d63b
9422f56347d69730dc2da43e7d0b65e41ef178e1
a796c8b184593f14efe6e1e8f40828a907188cba4df56723cde0f657392e008b
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.4.2 HTTP/1.1
Host: theforceawakenstoys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/vBulletin/core/cach
Cookie: PHPSESSID=qa378eet92skj8dctf5uev5mq3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:56:01 GMT
content-type: application/javascript
last-modified: Fri, 17 Jul 2020 05:06:23 GMT
etag: W/"364d-5aa9c1e4da118"
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzuLENZWjPGv9xkUAl9F3NKudnWRAZNK5w25SsX%2BfXFbaxTOVdiy%2FcWmRNvUgaBpgPXw4noKaOZAQQia4bLDqtH2Pb8tUgGLPD%2B%2FyYhHZWuiDxHB5DkTIh351PcJIL099VQ8SzF%2FPqlbnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7950f4196b9f1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:56:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
theforceawakenstoys.com/wp-content/plugins/simple-embed-code/css/video-container.min.css?ver=5.4.2
172.67.131.123200 OK 577 B URL HTTP/2 theforceawakenstoys.com/wp-content/plugins/simple-embed-code/css/video-container.min.css?ver=5.4.2
IP 172.67.131.123:0
File type ASCII text, with no line terminators
Hash d9f082a70046866ebf63f9bd9b14873e
4b2775fc4caf536db385083c3026df521c47d56d
7dac2743c386e57bae7cf9e347d8acbb8caea5c3badaf79d586a974522f77c69
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/simple-embed-code/css/video-container.min.css?ver=5.4.2 HTTP/1.1
Host: theforceawakenstoys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/vBulletin/core/cach
Cookie: PHPSESSID=qa378eet92skj8dctf5uev5mq3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:56:00 GMT
content-type: text/css
last-modified: Fri, 18 Jun 2021 19:31:04 GMT
etag: W/"dd-5c50f5d52ea57"
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLslNRvipcJ%2Fe%2F8pg%2FK8bXoQFvshg4VK7f0uDBGt68Fcf5FYlKnWLcrUyAUBGkfiSskWmpn5RZ0qD0J6YZKA5zIdKHMhXhCvhMOqEFRLEE%2B96clkcyrU4Y8KDw0o7hq1V74KWkcxMGF6lg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7950f4190b861c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theforceawakenstoys.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2
172.67.131.123200 OK 53 kB URL HTTP/2 theforceawakenstoys.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2
IP 172.67.131.123:0
File type ASCII text, with very long lines (28088)
Hash 575fc0ecdb5517866736420316648067
275ee53bbbb25f72d3be6bc0b88e249264174725
25ffb5645abbeca7196a1f4a399640e375abc616b8977bd066bbd5261b9f96d9
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.4.2 HTTP/1.1
Host: theforceawakenstoys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/vBulletin/core/cach
Cookie: PHPSESSID=qa378eet92skj8dctf5uev5mq3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:56:01 GMT
content-type: text/css
last-modified: Fri, 17 Jul 2020 05:06:23 GMT
etag: W/"d159-5aa9c1e4c418a"
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iW5dbk7XqTFDF0CquEUDfoAptec3LFfR0ltcOG2NXCkyb9rk4bUXJ7gGiXUpStcKVsCogFxghcRL%2BIsBlXJo8mArIEsZhukluKSbA8Q6%2BaMyUxVJEfE7%2FiDNLT%2B69ERx4PO4lHf0p%2Bc8Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7950f4190b821c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theforceawakenstoys.com/wp-content/themes/Divi/js/jquery.magnific-popup.js?ver=2.3.5
172.67.131.123200 OK 15 kB URL HTTP/2 theforceawakenstoys.com/wp-content/themes/Divi/js/jquery.magnific-popup.js?ver=2.3.5
IP 172.67.131.123:0
Hash 196b25b4299cec12bb0a4aa03f708d23
b23e3578fc51ea3cdb45d0d2a46fdc3ef0820b10
5f6b875cf44e94fb5ef2c2df01400c22d847f19471e7700a607ba2760078b0ae
GET /wp-content/themes/Divi/js/jquery.magnific-popup.js?ver=2.3.5 HTTP/1.1
Host: theforceawakenstoys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/vBulletin/core/cach
Cookie: PHPSESSID=qa378eet92skj8dctf5uev5mq3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:56:01 GMT
content-type: application/javascript
last-modified: Fri, 18 Jun 2021 19:31:22 GMT
etag: W/"b266-5c50f5e6d5b5d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dI2SvrTKx2D2q%2FrKWDAu%2FaO5YFMNZ0L13yTC8wH8WWBn0KTyklqtvvabTHgqJcPSavCYZEUSjKOqx7xzosGbm6wW6Ql6W7dbOdTbEu3i4LRUu6EoDiFJ14JX6Iw6%2FWIFlDwDMI4Gq4qnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7950f4197ba31c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.viglink.com/api/vglnk.js?key=669ce2e45e24dc22161c28d9b1c71950
54.230.111.60200 OK 29 kB URL HTTP/2 cdn.viglink.com/api/vglnk.js?key=669ce2e45e24dc22161c28d9b1c71950
IP 54.230.111.60:0
File type ASCII text, with very long lines (693)
Hash 5ba7d3fdae893214c48304ec6b0ac421
6743dfb5e963666faad66f2c5929be1631c209c7
711e737460423dcc8a878e2f8bf955eb781558eeac55fe9d2529410c27aaff2a
GET /api/vglnk.js?key=669ce2e45e24dc22161c28d9b1c71950 HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 28945
date: Thu, 02 Feb 2023 11:52:48 GMT
last-modified: Thu, 02 Feb 2023 11:51:40 GMT
etag: "5ba7d3fdae893214c48304ec6b0ac421"
cache-control: public, max-age=604800
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _XlkbtAfOeHBoy5rEi0b2E4Hg1hcnnSEJ05fhHv_2ylLrijP24UoMQ==
age: 316994
X-Firefox-Spdy: h2
theforceawakenstoys.com/wp-content/uploads/2015/06/2000px-Dueling_lightsabers.png
172.67.131.123200 OK 538 kB URL HTTP/2 theforceawakenstoys.com/wp-content/uploads/2015/06/2000px-Dueling_lightsabers.png
IP 172.67.131.123:0
File type PNG image data, 2000 x 1600, 8-bit/color RGBA, non-interlaced\012- data
Size 538 kB (538289 bytes)
Hash a4b7177381f1f9ee0b03e85671bb02d8
75eadad270b759ac8906bf06e50a75c17d4b7038
9d960de7fc4cac9a0e8af89958d0a112f066cbb8ddcacb7a5feec6502e95cc9a
GET /wp-content/uploads/2015/06/2000px-Dueling_lightsabers.png HTTP/1.1
Host: theforceawakenstoys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/vBulletin/core/cach
Cookie: PHPSESSID=qa378eet92skj8dctf5uev5mq3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:56:01 GMT
content-type: image/png
content-length: 538289
last-modified: Fri, 19 Jun 2015 17:27:54 GMT
etag: "836b1-518e23e82fa80"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNBcz7KBPCR5hACZfx1hsjeYcRQeOf0lTghTfxNawip3yVXiBLgsTePv6NGG3w%2BxjmoQ35YJ1YMV04utSBUszXdxvxuR6rnLHKA88UIvmcDqL2rUWRTGREIis2JXndr6hti6YJFQQPksJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7950f41f0cc61c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash a05d7cb77db8ffd262ce14192b30872d
695f872bbd5da33d3f0ffcd454b21c5fd3879e9a
959f689a609dd2384320cec09f7e3c5b58fcb2e12147de2118ddbf2893b37d57
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 06 Feb 2023 03:56:01 GMT
Last-Modified: Mon, 06 Feb 2023 03:06:09 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Bkpz4ZINTMwCQZAW1tGHHh_MuXK3gvW-nv5WXYBPVwMDQQ7g9PQM4w==
Age: 2992
api.viglink.com/api/ping
34.247.143.21200 OK 242 B IP 34.247.143.21:0
File type ASCII text, with no line terminators
Hash 970e91673b25bf0caf2b6f9c9f74bc37
0bc77625d2448cfc43d38dd9e5c706dff61c28a2
15e921a16666251cd1734e1ebb2bdf0e6432e4f1399ea5c015a3784ae7ac43f5
POST /api/ping HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 155
Origin: https://theforceawakenstoys.com
Connection: keep-alive
Referer: https://theforceawakenstoys.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://theforceawakenstoys.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Mon, 06 Feb 2023 03:56:01 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 242
Connection: keep-alive
api.viglink.com/api/sync.js?key=669ce2e45e24dc22161c28d9b1c71950
34.247.143.21200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.js?key=669ce2e45e24dc22161c28d9b1c71950
IP 34.247.143.21:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.js?key=669ce2e45e24dc22161c28d9b1c71950 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Mon, 06 Feb 2023 03:56:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
api.viglink.com/api/domains
34.247.143.21200 OK 41 B URL HTTP/1.1 api.viglink.com/api/domains
IP 34.247.143.21:0
File type ASCII text, with no line terminators
Hash dde1eca1b07e5304bf0ba34257281954
df511130b4d97b310b8321781fa4c8343b60178f
c4cb4c2bb679fa49c4a67cd5b488a7752839ed53a5fcce1ca2bc709709626b7a
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 232
Origin: https://theforceawakenstoys.com
Connection: keep-alive
Referer: https://theforceawakenstoys.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://theforceawakenstoys.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Mon, 06 Feb 2023 03:56:01 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive
api.viglink.com/api/domains
34.247.143.21200 OK 57 B URL HTTP/1.1 api.viglink.com/api/domains
IP 34.247.143.21:0
File type ASCII text, with no line terminators
Hash 31796a9c9e9dc65e9559584b999cec15
ad35850a2b2c7940c2b460e049a66e00f35d25d8
6692acedb07ea9bfdc708f224db16b62fa97d9024800698975e6dc9d8cb51c6a
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 184
Origin: https://theforceawakenstoys.com
Connection: keep-alive
Referer: https://theforceawakenstoys.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://theforceawakenstoys.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Mon, 06 Feb 2023 03:56:01 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 57
Connection: keep-alive
api.viglink.com/api/sync.gif?key=669ce2e45e24dc22161c28d9b1c71950
34.247.143.21200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.gif?key=669ce2e45e24dc22161c28d9b1c71950
IP 34.247.143.21:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=669ce2e45e24dc22161c28d9b1c71950 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Mon, 06 Feb 2023 03:56:01 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13590
Expires: Mon, 06 Feb 2023 07:42:32 GMT
Date: Mon, 06 Feb 2023 03:56:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13590
Expires: Mon, 06 Feb 2023 07:42:32 GMT
Date: Mon, 06 Feb 2023 03:56:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13590
Expires: Mon, 06 Feb 2023 07:42:32 GMT
Date: Mon, 06 Feb 2023 03:56:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13590
Expires: Mon, 06 Feb 2023 07:42:32 GMT
Date: Mon, 06 Feb 2023 03:56:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13590
Expires: Mon, 06 Feb 2023 07:42:32 GMT
Date: Mon, 06 Feb 2023 03:56:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a24cf7b2db6d65c3fe5daf78b3309ced
a3653a9a7baea412808dd91572ff21e1a505c26f
f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nvfp0sEYw5bxnFHisq80WCXh6T-LdFlPqs95tyX2epjMfhM_hjUj0A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 21959
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 352e4166a431e781e56cc7f169c7f8ca
866b76c34076cf2e18c6a071336fcf4f581f3c4d
75ba13b601f4b00c5b091eb29e7f6739ffee3e127bd6d3c4b35cc967bb6d354a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9779
x-amzn-requestid: 101b984b-9c04-4d07-b1fe-3d888f4bcd49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftcNRFV_oAMF2_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba721-72679ba0378015034e17b8ca;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 12:05:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FRZf4nkQyttwihy5BBbuHzT9lYQvBPqcOTdT5esu46vqMTvXAi5aQw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:57:24 GMT
age: 21518
etag: "866b76c34076cf2e18c6a071336fcf4f581f3c4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd67ec8ef-bdc5-4f9b-a7be-c0d8b932923a.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd67ec8ef-bdc5-4f9b-a7be-c0d8b932923a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f267c5cee67458c0f6ef42c4feb5217e
f5092ce77834e8f1f245b987204ff6a194c38ef6
84c5cde3d7e06e6dd32d1c98172606c8d912c7032a4677f8851e42e4b195e420
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd67ec8ef-bdc5-4f9b-a7be-c0d8b932923a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9451
x-amzn-requestid: 3f95347b-f0bf-43dd-90fc-5087bf0de607
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4okJGUCoAMF0sA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0214d-53d6a2de41af72770b086196;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jmGGGqJoMe4zt4RqNID5Xo7SVaWVAIAYf9s9YcduklkfdFnYniULOA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:51:03 GMT
age: 21899
etag: "f5092ce77834e8f1f245b987204ff6a194c38ef6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e717762-1012-4c44-9171-7c40ae8127ca.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e717762-1012-4c44-9171-7c40ae8127ca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c145b7d4f95cca98f9b942a291c9d60
967e1da2df2ce864b1c67e28099c8b161810e240
01f3a9d99b735eb512dd8a251b926eccb05a960e03056fe0a50d4bad7fc4b5b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e717762-1012-4c44-9171-7c40ae8127ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6116
x-amzn-requestid: d6d032ad-c788-4b63-aab5-fdb9f110f86a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4okcGmOoAMFp-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0214f-172d50bc478a1fac5d4442cd;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2Hl7AlAxp405wt3wk8fRiEr3xMyslJjpKXgSlyU8Hvv23HogWQFvUg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:10:45 GMT
age: 20717
etag: "967e1da2df2ce864b1c67e28099c8b161810e240"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:10:54 GMT
age: 20708
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d63833d-c4af-4746-a163-2d9da6b2bf67.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d63833d-c4af-4746-a163-2d9da6b2bf67.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 27b516a4bb5fa5512a31aa8de5f9706e
03aeba4fafc64130967d3645081426f81b5f7dd1
7e5d809bf4e1b6f7f25bf604c1e5efcaf2a442ebfb53397d65820ebb1eaf754a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d63833d-c4af-4746-a163-2d9da6b2bf67.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8845
x-amzn-requestid: 4cae7b8e-f650-4d61-9f3d-8cce7410ba1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pOKFamIAMF4gQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0225a-51cd8f5b2d810ad94f52a5e3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:40:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yaNeTyb18mHlIYKaEkTlsEcWsaofUSyTj-Y1FgeTNj3S1VRQ2U3agw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:01:13 GMT
age: 21289
etag: "03aeba4fafc64130967d3645081426f81b5f7dd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
theforceawakenstoys.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
172.67.131.123200 OK 0 B URL HTTP/2 theforceawakenstoys.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 172.67.131.123:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: theforceawakenstoys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/vBulletin/core/cach
Cookie: PHPSESSID=qa378eet92skj8dctf5uev5mq3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:56:01 GMT
content-type: application/javascript
last-modified: Fri, 17 Jul 2020 05:06:23 GMT
etag: W/"2748-5aa9c1e4d870d"
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQhKvtdWdZLFMNhy1PKvVh%2BKW9UVsMyuDLpxeUmIg9QmdqJUZMtVMGoOYLgqmUjiryvbjk%2BhuJ2ZVA4TEnMxhCLre9Ko99XpZhoKkNHamL26XQOr2BaobLUmtupRuuGKCjpbejLw6mIGUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7950f4191b8d1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theforceawakenstoys.com/wp-content/themes/tfat/style.css?ver=2.3.5
172.67.131.123200 OK 0 B URL HTTP/2 theforceawakenstoys.com/wp-content/themes/tfat/style.css?ver=2.3.5
IP 172.67.131.123:0
GET /wp-content/themes/tfat/style.css?ver=2.3.5 HTTP/1.1
Host: theforceawakenstoys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/vBulletin/core/cach
Cookie: PHPSESSID=qa378eet92skj8dctf5uev5mq3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:56:01 GMT
content-type: text/css
last-modified: Thu, 16 Jul 2020 19:49:19 GMT
etag: W/"49eb4-5aa945617229e"
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bd2WSJC6%2FerERToAGNuwgw1zEATSQ%2FXA%2FbEY9gXW7JcByRghmRgp3K3Pl794Vly57VgwEbKxzFrKXcA0bFBeJWlpkREE0p90ooa%2BcE%2FjdvwHwxURiFVSvkoiAIS9fYK0ivljg9Yi%2BWfzcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7950f4190b891c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theforceawakenstoys.com/wp-content/plugins/scVBConnector/scVBConnectorCustom.css?ver=5.4.2
172.67.131.123200 OK 0 B URL HTTP/2 theforceawakenstoys.com/wp-content/plugins/scVBConnector/scVBConnectorCustom.css?ver=5.4.2
IP 172.67.131.123:0
GET /wp-content/plugins/scVBConnector/scVBConnectorCustom.css?ver=5.4.2 HTTP/1.1
Host: theforceawakenstoys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/vBulletin/core/cach
Cookie: PHPSESSID=qa378eet92skj8dctf5uev5mq3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:56:00 GMT
content-type: text/css
last-modified: Thu, 16 Jul 2020 20:07:29 GMT
etag: W/"c6-5aa949706f14b"
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFOr1pPeBgFQYq35AECJ9ZC8tv30A9xH5gHfJjQHmXw05CIGYiycu%2FWhLX9Djhtbqkxn4wPEoIT%2F5%2B5Nll76LUVeCvytcnYCAf8%2BexjB4S9muUz6XnCH7lWkhwFmWyIs2lfTOQTvuZ1LRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7950f4190b841c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theforceawakenstoys.com/wp-content/themes/Divi/js/jquery.fitvids.js?ver=2.3.5
172.67.131.123200 OK 0 B URL HTTP/2 theforceawakenstoys.com/wp-content/themes/Divi/js/jquery.fitvids.js?ver=2.3.5
IP 172.67.131.123:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/js/jquery.fitvids.js?ver=2.3.5 HTTP/1.1
Host: theforceawakenstoys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/vBulletin/core/cach
Cookie: PHPSESSID=qa378eet92skj8dctf5uev5mq3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:56:01 GMT
content-type: application/javascript
last-modified: Fri, 18 Jun 2021 19:31:22 GMT
etag: W/"b28-5c50f5e6d5b5d"
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9Nhd4Vnmbp8ReeAkNKUJ82pmj1mDWIW%2FV4nWq9W54xuQMfRb3Vnd8GL1UrW7i7ZYgmyoAQhJIOzpmgiJEg8KEPEMcVX6jwUoPqJvY3VAqfM%2BEbqv7VoFeBVZGxbOt0ykCy1XSKmwQ4iiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7950f4197ba11c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theforceawakenstoys.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
172.67.131.123200 OK 0 B URL HTTP/2 theforceawakenstoys.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 172.67.131.123:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: theforceawakenstoys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/vBulletin/core/cach
Cookie: PHPSESSID=qa378eet92skj8dctf5uev5mq3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:56:01 GMT
content-type: application/javascript
last-modified: Fri, 17 Jul 2020 05:06:23 GMT
etag: W/"17a69-5aa9c1e4d7a08"
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZrZBxsAKJgIkAswb3qvxPjAVqgBNKpXIAJEK6%2F9Pqz0IWjTp5DH%2BklarGDHoOgCnusSOhOvSz9jfVBRjcronuxFl5E8mMzQi0SAKPafZMAHhd5rKWrrpLDagCcA%2F6j90bXx%2FydNv5VE9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7950f4191b8c1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theforceawakenstoys.com/wp-content/themes/Divi/js/waypoints.min.js?ver=2.3.5
172.67.131.123200 OK 0 B URL HTTP/2 theforceawakenstoys.com/wp-content/themes/Divi/js/waypoints.min.js?ver=2.3.5
IP 172.67.131.123:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/js/waypoints.min.js?ver=2.3.5 HTTP/1.1
Host: theforceawakenstoys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/vBulletin/core/cach
Cookie: PHPSESSID=qa378eet92skj8dctf5uev5mq3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:56:01 GMT
content-type: application/javascript
last-modified: Fri, 18 Jun 2021 19:31:22 GMT
etag: W/"1f73-5c50f5e6d5b5d"
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGRzht64Z43nN%2FGCruLMfkiU1Get89lvGlOLCFkhB5tdJT2PuQNgnijk6fFox%2BkFd2gqxRh7F1B%2B0hVMZK%2FFdNGjwA6JQwzlWvrAsuV6FSgZTE25bs0RDyzmzfZJpkX%2FVlF4oVLyfNsKZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7950f4197ba21c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theforceawakenstoys.com/wp-content/plugins/scVBConnector/scVBConnector.css?ver=5.4.2
172.67.131.123200 OK 0 B URL HTTP/2 theforceawakenstoys.com/wp-content/plugins/scVBConnector/scVBConnector.css?ver=5.4.2
IP 172.67.131.123:0
GET /wp-content/plugins/scVBConnector/scVBConnector.css?ver=5.4.2 HTTP/1.1
Host: theforceawakenstoys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/vBulletin/core/cach
Cookie: PHPSESSID=qa378eet92skj8dctf5uev5mq3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:56:01 GMT
content-type: text/css
last-modified: Thu, 16 Jul 2020 20:07:29 GMT
etag: W/"7ca-5aa949706e446"
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUetJR67G3Pcb4%2B0O0Atg9Pk3Bm5qToIquxSX4EaeEAt7IVC2i4kbXJmq9bfBo73gKipf3gbNddiL4alOsOSsObht3QRBneFlPmdQulTbXCOmqVxukw7aUK9tmHGEtZX01LBLPdIfJZZ1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7950f4190b831c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theforceawakenstoys.com/vBulletin/core/cach
172.67.131.123404 Not Found 0 B URL HTTP/2 theforceawakenstoys.com/vBulletin/core/cach
IP 172.67.131.123:0
Analyzer Verdict Alert fortinet Malware
GET /vBulletin/core/cach HTTP/1.1
Host: theforceawakenstoys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
date: Mon, 06 Feb 2023 03:56:00 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.40
link: <https://theforceawakenstoys.com/wp-json/>; rel="https://api.w.org/"
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=qa378eet92skj8dctf5uev5mq3; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWfUb5jh2LCWW%2Fx92nPNiXcZukw%2FiHBKMBONrAwGIYBT9jTusEMbMK%2Fq52svGJuk2vH882%2FfxQq6OsbyDO6AhjfW%2FnnBWbjj2sLtF%2B7AgAb8ttsaTHftjbJFcXGlL6NAX2NWV1zoHOUu0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7950f415bac51c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theforceawakenstoys.com/wp-includes/js/wp-embed.min.js?ver=5.4.2
172.67.131.123200 OK 0 B URL HTTP/2 theforceawakenstoys.com/wp-includes/js/wp-embed.min.js?ver=5.4.2
IP 172.67.131.123:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=5.4.2 HTTP/1.1
Host: theforceawakenstoys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/vBulletin/core/cach
Cookie: PHPSESSID=qa378eet92skj8dctf5uev5mq3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:56:01 GMT
content-type: application/javascript
last-modified: Fri, 17 Jul 2020 05:06:23 GMT
etag: W/"59a-5aa9c1e4d9412"
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5ezHnOyMU%2F4TXC7M1CEq31y%2BUQCcAL63UlL4jwHESJZ5Ko5Mf3lHue8gWFoKRABnY%2BXF%2BOlQjUESRUi%2FynX9v240RLwECvq8BDsvdzDI4vg02mYQCGeadS1plR2iACylvSyJ2oEPxSzJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7950f4197ba51c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theforceawakenstoys.com/wp-content/themes/Divi/js/custom.js?ver=2.3.5
172.67.131.123200 OK 0 B URL HTTP/2 theforceawakenstoys.com/wp-content/themes/Divi/js/custom.js?ver=2.3.5
IP 172.67.131.123:0
GET /wp-content/themes/Divi/js/custom.js?ver=2.3.5 HTTP/1.1
Host: theforceawakenstoys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/vBulletin/core/cach
Cookie: PHPSESSID=qa378eet92skj8dctf5uev5mq3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:56:01 GMT
content-type: application/javascript
last-modified: Fri, 18 Jun 2021 19:31:22 GMT
etag: W/"17fe3-5c50f5e6d5b5d"
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsmUvqZjusKvBA%2Bqy5g4fCgEL3QSQojsr1W7pIlBSM%2FAX4c78ybnJBQIbIHE47qvGdrHIhWBnuuSNbIm278%2FBR6UkHqyZCmIwkr5LI8ZfBkebDEwExzSMka9sKRg3cXZUd2D%2F8XQzDXS9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7950f4197ba41c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theforceawakenstoys.com/wp-content/themes/Divi/epanel/shortcodes/css/shortcodes_responsive.css?ver=3.0
172.67.131.123200 OK 0 B URL HTTP/2 theforceawakenstoys.com/wp-content/themes/Divi/epanel/shortcodes/css/shortcodes_responsive.css?ver=3.0
IP 172.67.131.123:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/epanel/shortcodes/css/shortcodes_responsive.css?ver=3.0 HTTP/1.1
Host: theforceawakenstoys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theforceawakenstoys.com/vBulletin/core/cach
Cookie: PHPSESSID=qa378eet92skj8dctf5uev5mq3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:56:01 GMT
content-type: text/css
last-modified: Fri, 18 Jun 2021 19:31:22 GMT
etag: W/"f8e-5c50f5e6da97d"
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2B5Apdu3VjxeakK%2F9oPC7gfIuH6uBnIbXpi9IVjguS3WO14eXTyFnF%2FaXvC5GaaA6UKxpTOf2JUiweA0xpLUqdCocaKYHAWyrsiPGx9cdTaeO6psn3DCBDoR2lxmoqmHQIpUM8BoRXAMZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7950f4191b8b1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2