r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6874
Expires: Thu, 10 Nov 2022 04:40:03 GMT
Date: Thu, 10 Nov 2022 02:45:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3007
Cache-Control: max-age=117342
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:29 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 11:21:11 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3007
Cache-Control: max-age=117342
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:29 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 11:21:11 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10043
Expires: Thu, 10 Nov 2022 05:32:52 GMT
Date: Thu, 10 Nov 2022 02:45:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
Alt-Used: 0
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 10 Nov 2022 02:43:49 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nZDkEWmBdxEAJ3+eDS/Yf58tjlGlxyXQ0yZIkDUyxU4a+eXbqFd/icZmf40Nr1hMml2vZZYiyO4=
x-amz-request-id: NZTF19ADDRPT9WA7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 10 Nov 2022 01:49:12 GMT
age: 3377
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 02:45:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
workingtogethercol.org/
45.33.119.221301 Moved Permanently 0 B IP 45.33.119.221:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 10 Nov 2022 02:45:28 GMT
Server: Apache
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://workingtogethercol.org/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c59d06092401e375df491b06ee8e6dbc
2e27b8ff7c08a5349e27969bc2a08e5e19d0c1da
23ee4ab633fcf67dc5d4d1931450e365cec8d436ef1f9ba5f46b6bab974724c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4949
Cache-Control: max-age=114229
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:29 GMT
Etag: "636b6da9-1d7"
Expires: Fri, 11 Nov 2022 10:29:18 GMT
Last-Modified: Wed, 09 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.208.31.97101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.31.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oAE4SKPr4yPbptgSRQli+g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TN/luSM9CH6zb6o4pb+SdyRCl+g=
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2cc2a9c89cbd9d2da1fd4a79a7d8b1d8
b2a4971855e26ff842f71d5dd4fff2596a83bd59
3bdf6aea6d003d0b087c13a74034f422cb09a59fd5c97b2b48ce590dfca6109a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2cc2a9c89cbd9d2da1fd4a79a7d8b1d8
b2a4971855e26ff842f71d5dd4fff2596a83bd59
3bdf6aea6d003d0b087c13a74034f422cb09a59fd5c97b2b48ce590dfca6109a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 9cec7fd19118aaeb5702dd97a8dd2b0e
40769764dfe2e1d216aeb0f18b935ad9e2fd9b11
0d10421ffd21c60df554fc54330fb769ea6cf59b8a795c14500defff88f8b366
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
workingtogethercol.org/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0
45.33.119.221200 OK 4.9 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0
IP 45.33.119.221:0
File type ASCII text, with very long lines (4933), with no line terminators
Hash e372df47bd19e1563b557d7bdb817188
4efdf4050a78bdbd88aa255955b7423105895dd0
4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:36 GMT
accept-ranges: bytes
content-length: 4933
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-includes/css/classic-themes.min.css?ver=1
45.33.119.221200 OK 217 B URL HTTP/2 workingtogethercol.org/wp-includes/css/classic-themes.min.css?ver=1
IP 45.33.119.221:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 04:09:30 GMT
accept-ranges: bytes
content-length: 217
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
45.33.119.221200 OK 2.6 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
IP 45.33.119.221:0
File type ASCII text, with very long lines (2630), with no line terminators
Hash eade318fbed91c096467dffa56406638
69d306a2097e792f99c80a5e0bb8863260399cad
d589803f3ab380582ab137b22493c2bacaa92424fa88cee212e80288cac11fbb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:42 GMT
accept-ranges: bytes
content-length: 2630
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=3.1.6
45.33.119.221200 OK 9.3 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=3.1.6
IP 45.33.119.221:0
File type ASCII text, with very long lines (9281), with no line terminators
Hash 57a347480fbe0b3d235993f4f1ec3b2c
ec01673e887c236765156496c7d00111238554d8
9097a2c579616889e829be95554ebf90ec5900045f4d2282cce31d5a999acc03
GET /wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=3.1.6 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:36 GMT
accept-ranges: bytes
content-length: 9281
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 9cec7fd19118aaeb5702dd97a8dd2b0e
40769764dfe2e1d216aeb0f18b935ad9e2fd9b11
0d10421ffd21c60df554fc54330fb769ea6cf59b8a795c14500defff88f8b366
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
workingtogethercol.org/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css?ver=4.7.0
45.33.119.221200 OK 31 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css?ver=4.7.0
IP 45.33.119.221:0
File type ASCII text, with very long lines (30441)
Hash d3ec229e04c8634c88cc4cb3f2934c11
785cb4beecaad98329fff0a54f9a5536cda200ab
73835f9dd494931cd0562ab2d4db8aaf3d54dca375abade1794ad1a12ae0d97c
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css?ver=4.7.0 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:42 GMT
accept-ranges: bytes
content-length: 30603
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.7.0
45.33.119.221200 OK 29 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.7.0
IP 45.33.119.221:0
File type ASCII text, with very long lines (29253), with no line terminators
Hash 0826f9aa4b7e761ea6044f29ba8e432a
7d3bec8f54ca99e00442ca3ae0026153376f80be
1cc1d2811dc382e9ea8c475cd9ad79b20227fb8a33e6b5225587f58134d99b77
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.7.0 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:42 GMT
accept-ranges: bytes
content-length: 29253
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-includes/css/dist/block-library/style.min.css?ver=6.1
45.33.119.221200 OK 95 kB URL HTTP/2 workingtogethercol.org/wp-includes/css/dist/block-library/style.min.css?ver=6.1
IP 45.33.119.221:0
File type ASCII text, with very long lines (47826)
Hash 4cdcd4a2c77fccb74825eaf2d6733091
00d4ad404f681af9044bb4cc6ed5e2e9f641cc4a
187af6783dd59cd3b9dd90e77b3daa1509c1c3c18f5ce5d6fe2133f9bc3828df
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 04:09:30 GMT
accept-ranges: bytes
content-length: 94821
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0
45.33.119.221200 OK 210 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0
IP 45.33.119.221:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size 210 kB (209831 bytes)
Hash 9ed8fcb16418ff477a6c93fe33f86563
47be642692139a2ce63cf655cba31767cb7e8074
3f7c8f55c3c421a6f14efb39bf07abb73d1d244f194e133a2453913330e38819
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:36 GMT
accept-ranges: bytes
content-length: 209831
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=1.4.21
45.33.119.221200 OK 3.8 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=1.4.21
IP 45.33.119.221:0
Hash 9c6b63558e5de592c160563dbe08dd0d
e4969ab55cc566759623f6b4e1c7d6b3bcdc21cd
14a77bc82e039ce4be0d9ba9b0237495b0a9578d34eb92d444093d440f6190ba
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=1.4.21 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:40 GMT
accept-ranges: bytes
content-length: 3812
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.8.0
45.33.119.221200 OK 992 B URL HTTP/2 workingtogethercol.org/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.8.0
IP 45.33.119.221:0
Hash 787fe4f547a6cb7f4ce4934641085910
c2dee88d5bdfef214ce9c56f71a1df51cda0f328
654aaebdea944313257827be97eb196a8218a2cdfc9ba399db23e2cd4c02bd79
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.8.0 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:34 GMT
accept-ranges: bytes
content-length: 992
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.3.1
45.33.119.221200 OK 18 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.3.1
IP 45.33.119.221:0
File type ASCII text, with very long lines (17809), with no line terminators
Hash 1ddf23fcfd1b2941c456ce01da8180a6
156ef5cc77061010e3f4123a47fa415c6391e5ff
dd18a408a35aa5d393458657eb24fb56ab754ece3f88bd78a038e5793d3f6991
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.3.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:36 GMT
accept-ranges: bytes
content-length: 17809
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
45.33.119.221200 OK 2.7 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
IP 45.33.119.221:0
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:26 GMT
accept-ranges: bytes
content-length: 2731
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/themes/save-life/css/font-face/GoodDog/stylesheet.css?ver=6.1
45.33.119.221200 OK 284 B URL HTTP/2 workingtogethercol.org/wp-content/themes/save-life/css/font-face/GoodDog/stylesheet.css?ver=6.1
IP 45.33.119.221:0
Hash 8e40f1e57ed67b7f3dc20d23ee0d1985
b97cf2b12ab4550ec6bd644ffaaf8dc53a7a5a13
c0a1bcf4b149ea89eb106cb7fd293f5cf07b380cb65513df57c76ca8bd713830
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/save-life/css/font-face/GoodDog/stylesheet.css?ver=6.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:00:50 GMT
accept-ranges: bytes
content-length: 284
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1
45.33.119.221200 OK 4.2 kB URL HTTP/2 workingtogethercol.org/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1
IP 45.33.119.221:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash ea958276b7de454bd3c2873f0dc47e5f
b143f6e8e8f79d8f104c26b0057ef5514d763219
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 08 Jun 2019 07:15:02 GMT
accept-ranges: bytes
content-length: 4186
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-includes/js/wp-emoji-release.min.js?ver=6.1
45.33.119.221200 OK 19 kB URL HTTP/2 workingtogethercol.org/wp-includes/js/wp-emoji-release.min.js?ver=6.1
IP 45.33.119.221:0
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 04:26:25 GMT
accept-ranges: bytes
content-length: 18617
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1
45.33.119.221200 OK 3.0 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1
IP 45.33.119.221:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 8bc2109ef48cabf7a26b73d7c3536c5f
0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:36 GMT
accept-ranges: bytes
content-length: 3037
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/trx_addons/js/magnific/magnific-popup.css
45.33.119.221200 OK 7.3 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/trx_addons/js/magnific/magnific-popup.css
IP 45.33.119.221:0
File type ASCII text, with CRLF line terminators
Hash c03fe8704d90e35eba342d2ca2c5a530
74a41372d833195b77dd9e167f82ca395cc4702d
1155981e8193622f58553eed0bba2fa43512af362a3d54dedef64c46970bb371
GET /wp-content/plugins/trx_addons/js/magnific/magnific-popup.css HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:25 GMT
accept-ranges: bytes
content-length: 7302
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1
45.33.119.221200 OK 9.5 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1
IP 45.33.119.221:0
File type ASCII text, with very long lines (9139)
Hash 87c54edf7dad7dfdfde015f6eee45ff1
96ec1a06ea3093c47e1e2fc4444ada7f4456135d
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:36 GMT
accept-ranges: bytes
content-length: 9533
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=3.0.14
45.33.119.221200 OK 13 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=3.0.14
IP 45.33.119.221:0
Hash 4045fbc98e0caae7e213f52330c52c21
253b81dc846081e189174789220a296d96849681
168642741cf6acd34501d09c8cc1c7e6be332ca9222f3223419bd1664b381839
GET /wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=3.0.14 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:26 GMT
accept-ranges: bytes
content-length: 12663
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
45.33.119.221200 OK 11 kB URL HTTP/2 workingtogethercol.org/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP 45.33.119.221:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash 2b0dd7eecea03b4bdedb94ba622fdb03
703becba85161118dd6fc66af465428ef43f561c
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Sep 2020 02:23:06 GMT
accept-ranges: bytes
content-length: 11256
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
45.33.119.221200 OK 11 kB URL HTTP/2 workingtogethercol.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 45.33.119.221:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-length: 11224
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/trx_addons/js/swiper/swiper.css
45.33.119.221200 OK 20 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/trx_addons/js/swiper/swiper.css
IP 45.33.119.221:0
File type ASCII text, with very long lines (1468), with CRLF line terminators
Hash 743fe7521d0b6e061e08b8a0b9b68d03
4a734584e843d64b9af3c6e208172275fbed152a
03dd1f03727f2ab5db6796a4dbdbb0f30ca200a1ea626295ef346920e840c674
GET /wp-content/plugins/trx_addons/js/swiper/swiper.css HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:25 GMT
accept-ranges: bytes
content-length: 20516
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1
45.33.119.221200 OK 1.2 kB URL HTTP/2 workingtogethercol.org/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1
IP 45.33.119.221:0
File type ASCII text, with very long lines (1191), with no line terminators
Hash 51300497928562f8c86c7aaba99237cd
e5826832b85c6afc6502b74cbb8ac5394b04c363
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 04:26:25 GMT
accept-ranges: bytes
content-length: 1191
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1
45.33.119.221200 OK 906 B URL HTTP/2 workingtogethercol.org/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1
IP 45.33.119.221:0
File type HTML document, ASCII text, with very long lines (906), with no line terminators
Hash 2c6d3b562a48e0df5474999dd47e58fb
945220e990eb176c14e53cc663fb01e04e31b59f
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 21 Jan 2021 00:05:18 GMT
accept-ranges: bytes
content-length: 906
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1
45.33.119.221200 OK 2.1 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1
IP 45.33.119.221:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash b72c1cbb1530a011a27bd9800f26765a
27b825c5d8255f33b8427a059d4545ebd65e1746
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:36 GMT
accept-ranges: bytes
content-length: 2139
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1
45.33.119.221200 OK 1.8 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1
IP 45.33.119.221:0
File type ASCII text, with very long lines (1668)
Hash d0a6d8547c66b0d7b0172466558d1208
ff93916519c7b9483251f609e4d29f38c30a66e3
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:36 GMT
accept-ranges: bytes
content-length: 1834
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1
45.33.119.221200 OK 2.9 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1
IP 45.33.119.221:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash 0fd625c3991a4015814cffdc88e2fc82
d7c2f53e058210ff3ea773297641008bab71a5f3
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:36 GMT
accept-ranges: bytes
content-length: 2938
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
45.33.119.221200 OK 9.7 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
IP 45.33.119.221:0
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash cfb428c02811f0cbe515d5f3dca61de6
e95f8696fbe29a706e66ccf582b36d9bd650ab9f
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:26 GMT
accept-ranges: bytes
content-length: 9720
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
45.33.119.221200 OK 18 kB URL HTTP/2 workingtogethercol.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 45.33.119.221:0
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash e495a4709e3eae31c67f8263f25d2d39
d43ba6a092e4823a71f3bff75d5ed279a481636b
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 04:09:30 GMT
accept-ranges: bytes
content-length: 17823
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.12.0
45.33.119.221200 OK 4.6 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.12.0
IP 45.33.119.221:0
File type ASCII text, with very long lines (4605), with no line terminators
Hash 835ad06a1628a86c8c14947160caff1a
cdb2b9bc32e1961567a38537aa38e004de3a6d42
5b5ffd94d5fe01f62fcd7fbf7d2fa4b479b169409ef2238c043face232183492
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.12.0 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:40 GMT
accept-ranges: bytes
content-length: 4605
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
45.33.119.221200 OK 12 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
IP 45.33.119.221:0
File type ASCII text, with very long lines (11827)
Hash 06a3b48689b0314af6c5da5b6ff27bfd
a98a815d90cba195409d39bd74d31b1e6f9dbf95
4cd7a0d2c9eb03966a0dc60658526c20fa4e8ee4a0660da469f55edaf9a18c9f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:40 GMT
accept-ranges: bytes
content-length: 11900
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/themes/save-life/js/superfish.js
45.33.119.221200 OK 7.0 kB URL HTTP/2 workingtogethercol.org/wp-content/themes/save-life/js/superfish.js
IP 45.33.119.221:0
Hash f9d05e09e25decde14b866e111961d9c
8e158e5e21983ae63784fccbe5b80809a8df68a0
2dfe5caba27a4d6bb517de3a082ec7889b732919945586f4a7aae68116fed632
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/save-life/js/superfish.js HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:00:50 GMT
accept-ranges: bytes
content-length: 6993
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
45.33.119.221200 OK 15 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
IP 45.33.119.221:0
File type Unicode text, UTF-8 text, with very long lines (14924), with no line terminators
Hash 157f18464a93eab7fb62a7f3e618ac2c
f47727e80d529d6e4941fea32f2e8a8ee5008b8a
9ed8f2a0e573467348e64fb1945eeac1698f32af9e9c723153eb7142d6a43306
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:42 GMT
accept-ranges: bytes
content-length: 14927
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12.2
45.33.119.221200 OK 6.0 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12.2
IP 45.33.119.221:0
File type ASCII text, with very long lines (6020), with no line terminators
Hash f0e02d544fa357e252f4d540618e7883
49efe8720be45685368287d6340611ec5c4f19ee
17f79ec17f9831fb729101c6df2d4bc41aba6d671cb05d3dd8dd53fdabd7a8bf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12.2 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Sep 2022 02:42:37 GMT
accept-ranges: bytes
content-length: 6020
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
45.33.119.221200 OK 6.5 kB URL HTTP/2 workingtogethercol.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 45.33.119.221:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 61449413a42d2daaa79dbe7298b40e21
d86c474164c603084397bdc50fb0e469d28b5772
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 04:26:25 GMT
accept-ranges: bytes
content-length: 6475
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=3.0.14
45.33.119.221200 OK 52 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=3.0.14
IP 45.33.119.221:0
Hash 0980d41921dd19f587a756dfd37f7241
33e2dfde06f0d59907363cfd44e92530ec57d7da
55be0279a70e3fba10c1bac51f946a69e2d3dcf03c9e1ede467b7fd20e2e0f5d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=3.0.14 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:26 GMT
accept-ranges: bytes
content-length: 51945
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.8.0
45.33.119.221200 OK 34 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.8.0
IP 45.33.119.221:0
File type ASCII text, with very long lines (34217)
Hash ffb96099720dde6483d7cab290c543ee
1a6ece8eee36923d795cdf78674b47e7f1b8e94f
cdfdf586f38cfb19c6264343cc6a64adce7ff0961834e96a2f912f01dc29e3f0
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.8.0 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:34 GMT
accept-ranges: bytes
content-length: 34399
content-type: text/css
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/trx_addons/js/magnific/jquery.magnific-popup.min.js
45.33.119.221200 OK 20 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/trx_addons/js/magnific/jquery.magnific-popup.min.js
IP 45.33.119.221:0
File type ASCII text, with very long lines (20087), with CRLF line terminators
Hash b37d7edf99565d3858eaa1ad80df3cff
786a4343711e9af5e5dfcc493e7d2331b48875bb
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/trx_addons/js/magnific/jquery.magnific-popup.min.js HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:25 GMT
accept-ranges: bytes
content-length: 20219
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/revslider/public/assets/assets/dummy.png
45.33.119.221200 OK 68 B URL HTTP/2 workingtogethercol.org/wp-content/plugins/revslider/public/assets/assets/dummy.png
IP 45.33.119.221:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:28 GMT
accept-ranges: bytes
content-length: 68
content-type: image/png
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16347
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 02:45:31 GMT
Connection: keep-alive
workingtogethercol.org/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.8.0
45.33.119.221200 OK 20 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.8.0
IP 45.33.119.221:0
File type ASCII text, with very long lines (19905)
Hash 596d6e5d8400fd1e913f9adc21071f93
fee2d7a4ac08d5a522c2298a5ad3ed30ac9e62ec
159faf7827be43b4c85a35fc941924a9de59a169d42d600b49161f60debf9dff
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.8.0 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:34 GMT
accept-ranges: bytes
content-length: 20124
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16347
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 02:45:31 GMT
Connection: keep-alive
workingtogethercol.org/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.7.0
45.33.119.221200 OK 25 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.7.0
IP 45.33.119.221:0
File type HTML document, ASCII text, with very long lines (24731), with no line terminators
Hash 502ca2250b797193ecc051d0c323cbdd
3ba0ac15dad090633ddd4ac81472360692ad8bee
93a3315f4ee582595965f888b1381ac13f8fecb6b53df998495fbb4e759a5b1e
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.7.0 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:42 GMT
accept-ranges: bytes
content-length: 24731
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.3.1
45.33.119.221200 OK 63 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.3.1
IP 45.33.119.221:0
File type Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Hash 979b8b56e801469d95453055366ef54c
cb8a0bb5f00fee130a289ea4dfafc00fa53e1c04
d3322ccb3912f7a9485eb1d75971fd5e1eb49c6575ff5ad985fb5496333e8c8b
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.3.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:36 GMT
accept-ranges: bytes
content-length: 62755
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.14
45.33.119.221200 OK 58 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.14
IP 45.33.119.221:0
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash 11188e3c0006d83216e161ae1d59c86e
158c7818f4d65b85bd613b35f81a5ff62972522b
6540abd4143b1bce02006ebb345dd9a4c6bb18e5580c529361b6e3e1b7b8522c
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.14 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:28 GMT
accept-ranges: bytes
content-length: 57704
content-type: text/css
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2917b487c605eb7f53d20ff3b4fbfef0
5dd8989fb1129638361c16ad2a1fde93a4c4aafd
aaf620d791f23829e15a454b3faf5b47a0f00ff37ada91d6de5c62c322fe90ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8875
x-amzn-requestid: 1374243f-4fd8-4405-8f8a-946a8f92c457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniEw2oAMFtfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-195c58a826eae13b58d21aa0;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NPKM_A-uSrNtoT6ScKmBXTdMNsunt3d6UAWSzhLPsSPewThG_a0N8Q==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 18141
etag: "5dd8989fb1129638361c16ad2a1fde93a4c4aafd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
45.33.119.221200 OK 22 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
IP 45.33.119.221:0
File type HTML document, ASCII text, with very long lines (21538), with no line terminators
Hash d017e13d65b4c79d9a22a4ab9e6bcdf6
f766dedd77e0f910742439a102a23dbeade89299
2ef1fc50a9d78f044028f3ba7378c5bbec0188de74a5217491040f9ba435fca4
GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:36 GMT
accept-ranges: bytes
content-length: 21538
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.8.0
45.33.119.221200 OK 56 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.8.0
IP 45.33.119.221:0
File type ASCII text, with very long lines (56243)
Hash f7409f91a34ea35236d98702f4e69f4c
3a3c16cbb1114f8e210b87cf3102a99968bf6a26
04950e48cd4097fb4a540c3abcf445cd92d59bdf9ba40f49cfb180cc94387a2f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.8.0 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:34 GMT
accept-ranges: bytes
content-length: 56425
content-type: text/css
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16347
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 02:45:31 GMT
Connection: keep-alive
workingtogethercol.org/wp-content/plugins/trx_addons/css/trx_addons.animation.css?ver=6.1
45.33.119.221200 OK 86 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/trx_addons/css/trx_addons.animation.css?ver=6.1
IP 45.33.119.221:0
File type ASCII text, with CRLF line terminators
Hash d15378bff4238d25a916814f09dfedc2
659fce1e18a5a97762a0e7c4ca7f217c46581488
b321ff6d68390b2e2414b729d7e1836300ec0420cc34b7c0b4eef10ff1d3f3f1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/trx_addons/css/trx_addons.animation.css?ver=6.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:25 GMT
accept-ranges: bytes
content-length: 85785
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74db090f-5da5-464b-91b1-7fac90d3e5eb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74db090f-5da5-464b-91b1-7fac90d3e5eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d68ac59950c3276cd8f92b777a004df1
94c0ee5c14e8e8cdf95883582ba8084cc5867f93
b02d6d61c1fae8260d1fc30c0a78ebbc3482a3aa0acafb58d8269942ff8e732b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74db090f-5da5-464b-91b1-7fac90d3e5eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7987
x-amzn-requestid: 6a465dcd-6a4e-49fb-9fa9-169678d39b5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlo7HBFIAMFSQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9f-4ffe8f2534aeaef73329a8cd;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:19 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gbK3hyzE9RBuLiIQHUrouV-Kqe6r2cTMLYauv9W0ych9irxQexKWAQ==
via: 1.1 637ef0a7bc474e9a314fa064b65e8082.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:53:35 GMT
age: 17516
etag: "94c0ee5c14e8e8cdf95883582ba8084cc5867f93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
workingtogethercol.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
45.33.119.221200 OK 90 kB URL HTTP/2 workingtogethercol.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 45.33.119.221:0
File type ASCII text, with very long lines (65447)
Hash 17738318d61d394f1de8890d589afaec
f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 04:09:30 GMT
accept-ranges: bytes
content-length: 89684
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 848af62ec10d0c297922f8600b6ad12d
4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: paNICiysr9pIOxtqOqjnIOValYbM8InQZ9SmEOUIJirFQd03IN6eRw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 18141
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16347
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 02:45:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16347
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 02:45:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0d37511-5958-42ab-acd0-aed0c04a0e2c.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0d37511-5958-42ab-acd0-aed0c04a0e2c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61e58563ce83ab22c1604920db81f8e5
71dc8a32634a72c2092ef90a4f46250599b523f6
ddbb9d12368a95d38b94398274524862a28da41f22062d0096ac0c7052e2ca3b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0d37511-5958-42ab-acd0-aed0c04a0e2c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9360
x-amzn-requestid: ab27926c-6cd1-4817-a5ff-aa47f666f337
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpOGmjoAMFU4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca1-5835f3a814659500346d44e8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MrUvpMcxRPmksSmHQv-VIavSGtumJjPbrn4wleWN-9EXk-IUctJsgg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:57:48 GMT
age: 17263
etag: "71dc8a32634a72c2092ef90a4f46250599b523f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash feb275cc5fa7b13e70522cb76f001bbc
80ca9cf6cbbc73a884c3a839ace9a7aa191a8504
a5680637b55669355967b87fd4be4881a3e4dea746b7c420acf4dcb46b8a28de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8242
x-amzn-requestid: 1ab9c180-7e6b-4eae-a6cf-6a45c96fdc4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlrkE_2oAMFk2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1cb0-0089846803d11bb649874507;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6xhB_vy5Aj6ScBQuTwWX93HFG5eS3SZHr7dP2Qsz-Q1P1pcXk339gQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 18141
etag: "80ca9cf6cbbc73a884c3a839ace9a7aa191a8504"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bbc8b-170e-44bf-9cf8-490e5ad231ac.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bbc8b-170e-44bf-9cf8-490e5ad231ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 27a7615d7b9bd0b91421dc5942e35225
e54517b318fb3c290c836e40acbaf35f3fc5fd73
ab609c243e8fbb3c736f0d202e93af8c3ee55ff264812f0e48e727051ec261cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bbc8b-170e-44bf-9cf8-490e5ad231ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6169
x-amzn-requestid: a52c3f4e-2125-490b-84d9-409e99cdca1a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlngHg7IAMF8ZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-64d32efe3d8d095255a1ea74;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: c_EL4tcBHaQ7zi3oWHkOOT6iWLMFWTi4wBSCywWzuK3IfhXvFBeH5A==
via: 1.1 332ef4544bd8b531e8f11abaa4197c08.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 18141
etag: "e54517b318fb3c290c836e40acbaf35f3fc5fd73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/trx_addons/js/swiper/swiper.jquery.min.js
45.33.119.221200 OK 69 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/trx_addons/js/swiper/swiper.jquery.min.js
IP 45.33.119.221:0
File type ASCII text, with very long lines (32072), with CRLF line terminators
Hash f2f89081adcc0eabba52280466f3bb36
4380050e6b3ff059b19dec13d65ca02a916e7df5
edd1d42602d9c5cfae9967751ee3945607c80c24f946b063376458cfa169cb03
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/trx_addons/js/swiper/swiper.jquery.min.js HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:25 GMT
accept-ranges: bytes
content-length: 68628
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/themes/save-life/js/__scripts.js
45.33.119.221200 OK 80 kB URL HTTP/2 workingtogethercol.org/wp-content/themes/save-life/js/__scripts.js
IP 45.33.119.221:0
File type ASCII text, with very long lines (65384)
Hash 30f917f476a49936213b4a6f58eb345a
79b2714adf8f8331f5c15bc5aef699c930b75325
448f3515e293dd74bc413a269efab6137bbb37d4de4e2dd3ae52955de5017b24
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/save-life/js/__scripts.js HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 20:42:24 GMT
accept-ranges: bytes
content-length: 79689
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/trx_addons/css/trx_addons.css
45.33.119.221200 OK 188 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/trx_addons/css/trx_addons.css
IP 45.33.119.221:0
File type ASCII text, with very long lines (65389)
Size 188 kB (187567 bytes)
Hash 4853fcc2572ae1fc20306eeb0f15ac59
5412cda5d96a895cf8c6e577794009f977aa0d3e
949d46afe08a3c56e8021dac0edd866a912bad6c548d284ddb99fddcc2e31241
GET /wp-content/plugins/trx_addons/css/trx_addons.css HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:25 GMT
accept-ranges: bytes
content-length: 187567
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/trx_addons/js/trx_addons.js
45.33.119.221200 OK 116 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/trx_addons/js/trx_addons.js
IP 45.33.119.221:0
File type ASCII text, with very long lines (65389)
Size 116 kB (115603 bytes)
Hash 30ff015fb6084e01e0d5afbc2ed4e7cf
7e22a4429d9f5b01ecd014a6c5a1b6c4906d347b
29e1ea749f9ff7cb19aeca9519c2c2494e2bff2b4edc4d3a7474bad5eb52bb42
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/trx_addons/js/trx_addons.js HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:25 GMT
accept-ranges: bytes
content-length: 115603
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/essential-grid/public/assets/js/rbtools.min.js?ver=6.5.14
45.33.119.221200 OK 129 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/essential-grid/public/assets/js/rbtools.min.js?ver=6.5.14
IP 45.33.119.221:0
File type ASCII text, with very long lines (45108)
Size 129 kB (128668 bytes)
Hash 13c0e15e77282cb9a81d7ab1f7f6b956
a19812785e6871612d7e936b5d2889d10149637b
82c6e9fccae16e121eb4fd7800a79bca62d9bcfb760ca55e26bb4b441d48cb67
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/essential-grid/public/assets/js/rbtools.min.js?ver=6.5.14 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:26 GMT
accept-ranges: bytes
content-length: 128668
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/themes/save-life/css/responsive.css?ver=6.1
45.33.119.221200 OK 177 kB URL HTTP/2 workingtogethercol.org/wp-content/themes/save-life/css/responsive.css?ver=6.1
IP 45.33.119.221:0
File type assembler source, ASCII text, with very long lines (652)
Size 177 kB (177430 bytes)
Hash cb0b7321e6b92c01f8ab7676e3bf91b8
493da5bca82ebdeea57476050ac0a74a677d1736
1ade4319a9e4c5d8d3cc3e059c3a8d0587f773fb3def1872d01499847724126f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/save-life/css/responsive.css?ver=6.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:00:50 GMT
accept-ranges: bytes
content-length: 177430
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/themes/save-life/css/__styles.css?ver=6.1
45.33.119.221200 OK 221 kB URL HTTP/2 workingtogethercol.org/wp-content/themes/save-life/css/__styles.css?ver=6.1
IP 45.33.119.221:0
File type ASCII text, with very long lines (65384)
Size 221 kB (221232 bytes)
Hash 25c0e81931b9e802d3089002b7a22e89
588a7cebc2f4872330bdbdd52d37865ff77fbb15
ca825b0a58a96e930c5843e0fe305faf239f290af4821cd20218d6d3b114c63d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/save-life/css/__styles.css?ver=6.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 20:42:24 GMT
accept-ranges: bytes
content-length: 221232
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
45.33.119.221200 OK 158 kB URL HTTP/2 workingtogethercol.org/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
IP 45.33.119.221:0
File type ASCII text, with very long lines (65266)
Size 158 kB (158005 bytes)
Hash e53ec3d6e21be78115810135f5e956fe
523892839b88351523e0498ba881c4431197b54e
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 04:09:30 GMT
accept-ranges: bytes
content-length: 158005
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/
45.33.119.221200 OK 93 kB IP 45.33.119.221:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash d4143e88c2977b48f671a4c5b9395bb2
1d24b1fbbb86b764e245c7cea6e5f041a7a7b572
344419dda23291c9785bbd6f8c441cb2c071593a7370ffe0c90a8319323ed686
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <https://workingtogethercol.org/wp-json/>; rel="https://api.w.org/", <https://workingtogethercol.org/wp-json/wp/v2/pages/421>; rel="alternate"; type="application/json", <https://workingtogethercol.org/>; rel=shortlink
x-tec-api-version: v1
x-tec-api-root: https://workingtogethercol.org/wp-json/tribe/events/v1/
x-tec-api-origin: https://workingtogethercol.org
content-type: text/html; charset=UTF-8
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.14
45.33.119.221200 OK 385 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.14
IP 45.33.119.221:0
File type ASCII text, with very long lines (64288)
Size 385 kB (385173 bytes)
Hash e1127efba608518ff2ac4976e3706232
88214af265c867a3955d6b96619c6f614cb311fa
b893d1b1e1836ef5731a8e15b1a4e1536d147dfd9c9815414347a0c7db199119
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.14 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:28 GMT
accept-ranges: bytes
content-length: 385173
content-type: application/javascript
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.8.0
45.33.119.221200 OK 486 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.8.0
IP 45.33.119.221:0
File type ASCII text, with very long lines (65358)
Size 486 kB (485521 bytes)
Hash 78622094275696078e4f06007407e11d
d7f583d841c46bd24bd9134e20c645b14e6ec713
521457922129a04fbc4524021ac47021659a1e1931c5dfe1a0e13be5dcaaefba
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.8.0 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:34 GMT
accept-ranges: bytes
content-length: 485521
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/themes/save-life/css/__colors.css?ver=6.1
45.33.119.221200 OK 577 kB URL HTTP/2 workingtogethercol.org/wp-content/themes/save-life/css/__colors.css?ver=6.1
IP 45.33.119.221:0
File type ASCII text, with very long lines (65384)
Size 577 kB (577263 bytes)
Hash f5c90f92293e6e5424f91814c8819c57
645051d31da27e54b12db920331c0deeb1c3e125
d3817022ee87c317f94025865cbb17cc8f2bc5890ef4635fdaf76afbc6285649
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/save-life/css/__colors.css?ver=6.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 20:42:24 GMT
accept-ranges: bytes
content-length: 577263
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/uploads/2022/03/Recurso-1.png
45.33.119.221200 OK 401 kB URL HTTP/2 workingtogethercol.org/wp-content/uploads/2022/03/Recurso-1.png
IP 45.33.119.221:0
File type PNG image data, 8258 x 2386, 8-bit/color RGBA, non-interlaced\012- data
Size 401 kB (401058 bytes)
Hash f110a19c91e51601399dc02bfcfecc6c
d3901bc993d875600d8dcaa29ad93f5028b5f850
e4257ab58fa510c157ae299ed44a0471c9fc1f107a2b94dc020d0e2bdefefca4
GET /wp-content/uploads/2022/03/Recurso-1.png HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 20:05:00 GMT
accept-ranges: bytes
content-length: 401058
content-type: image/png
date: Thu, 10 Nov 2022 02:45:31 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f0c1ba8782042e64d296c64158811a67
ae25bf491e6f7381e4eecfead2a61e95489c850f
eb70540a2e2a591edb02abefb7ba5e08d35fe532db6469c1df9e45e5c4bb9983
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
workingtogethercol.org/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.3.1
45.33.119.221200 OK 7.0 kB URL HTTP/2 workingtogethercol.org/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.3.1
IP 45.33.119.221:0
File type ASCII text, with very long lines (7043), with no line terminators
Hash 456663a286a204386735fd775542a59e
0a61620b88f4ae0fa7d71e2c7a014ea2c3ab5749
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.3.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:36 GMT
accept-ranges: bytes
content-length: 7043
content-type: text/css
date: Thu, 10 Nov 2022 02:45:32 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f0c1ba8782042e64d296c64158811a67
ae25bf491e6f7381e4eecfead2a61e95489c850f
eb70540a2e2a591edb02abefb7ba5e08d35fe532db6469c1df9e45e5c4bb9983
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://workingtogethercol.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 05:42:51 GMT
expires: Fri, 03 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 594161
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
216.58.207.195200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://workingtogethercol.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 21:14:39 GMT
expires: Tue, 07 Nov 2023 21:14:39 GMT
cache-control: public, max-age=31536000
age: 192653
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f0c1ba8782042e64d296c64158811a67
ae25bf491e6f7381e4eecfead2a61e95489c850f
eb70540a2e2a591edb02abefb7ba5e08d35fe532db6469c1df9e45e5c4bb9983
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
workingtogethercol.org/wp-content/uploads/2022/04/GOPR2187_1640275535609_2-scaled.jpg?id=1453
45.33.119.221200 OK 2.0 MB URL HTTP/2 workingtogethercol.org/wp-content/uploads/2022/04/GOPR2187_1640275535609_2-scaled.jpg?id=1453
IP 45.33.119.221:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95", baseline, precision 8, 2560x1920, components 3\012- data
Size 2.0 MB (1952638 bytes)
Hash 99f90fe5c460de98e96594a78d354676
d57cc4c6679f5db10559efd5cbfa2b7cdc040102
a6d8c5cb6d87f2a970cc0d7ee190b90f5fb1f0c31adb371321a3bc2c4c045f10
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/04/GOPR2187_1640275535609_2-scaled.jpg?id=1453 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 07 Apr 2022 17:28:49 GMT
accept-ranges: bytes
content-length: 1952638
content-type: image/jpeg
date: Thu, 10 Nov 2022 02:45:32 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 2d46cc53a1538ba2f6bb280da629e041
2ef714b4f668272bd5ab9c1a27a7e5441c975b53
178465070084aced449db36199915decc6517938c9261ca1a9a0bf5b7d95a94d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 2d46cc53a1538ba2f6bb280da629e041
2ef714b4f668272bd5ab9c1a27a7e5441c975b53
178465070084aced449db36199915decc6517938c9261ca1a9a0bf5b7d95a94d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 10 Nov 2022 02:45:33 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash fa6287d10d5416e3eba31e22f29e0309
c1256c8ae9d50f959f6db1a639332cd85616a173
619c87f1827c9fda48ad5699290d402cf5375a71ac6c4f4135e7d7395852ea1f
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 10 Nov 2022 02:45:33 GMT
server: ESF
cache-control: private
content-length: 31006
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 2d46cc53a1538ba2f6bb280da629e041
2ef714b4f668272bd5ab9c1a27a7e5441c975b53
178465070084aced449db36199915decc6517938c9261ca1a9a0bf5b7d95a94d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 952f908d8283855a70460d2f6bbcaf22
be97447f1f50f0ad67d15aa07425979da1a12694
6337d6ace429d0bc53cfebab8592c92c449ae969d92545d87f432321b4b494c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
workingtogethercol.org/wp-content/uploads/2022/04/GOPR2386_1640457096575-scaled.jpg?id=1450
45.33.119.221200 OK 1.4 MB URL HTTP/2 workingtogethercol.org/wp-content/uploads/2022/04/GOPR2386_1640457096575-scaled.jpg?id=1450
IP 45.33.119.221:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95", baseline, precision 8, 2560x1920, components 3\012- data
Size 1.4 MB (1366572 bytes)
Hash 719bb98968b5a7938946f8e10ebbef02
b5b7d755d226c6a8a1788387b116782b21f20804
7fe1dc16cc552f863c9f27b3c086ee9eb3ae8256158ab009973e74e9e651b0c3
GET /wp-content/uploads/2022/04/GOPR2386_1640457096575-scaled.jpg?id=1450 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 07 Apr 2022 16:44:21 GMT
accept-ranges: bytes
content-length: 1366572
content-type: image/jpeg
date: Thu, 10 Nov 2022 02:45:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.google.com/js/th/gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js
142.250.74.132200 OK 14 kB URL HTTP/2 www.google.com/js/th/gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (36070)
Hash 7d6dc2989ad5a0a0590a37f1e0d2fb53
d8a8adcb74248ab834fa21e83d4935dd9a1ff4aa
92dfcdcf42525cfbe070b98ead507fa1cb2db11b4e5d390b64f04fc661c6515c
GET /js/th/gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:57:47 GMT
expires: Thu, 09 Nov 2023 18:57:47 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
content-type: text/javascript
age: 28066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash bc576df12b61c9f920027c2aceb222eb
5f0dae8bff170339152888be7c8f15bc5a12a300
ec659bea707181e6f6527bd6e52e8f434fe6df7b2c22e8b75b8dcf37c764361f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
workingtogethercol.org/wp-content/uploads/2022/04/GOPR2378_1640457096575-scaled.jpg?id=1462
45.33.119.221200 OK 1.5 MB URL HTTP/2 workingtogethercol.org/wp-content/uploads/2022/04/GOPR2378_1640457096575-scaled.jpg?id=1462
IP 45.33.119.221:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95", baseline, precision 8, 2560x1920, components 3\012- data
Size 1.5 MB (1491320 bytes)
Hash a496125f957f074f38283c8d9175b918
c35799ecbebb9082c7a2925cfa47a618cd586c55
8c11a665270e435023c20eb4deb2fe715bd8a820da67083f22a41ee6357f183d
GET /wp-content/uploads/2022/04/GOPR2378_1640457096575-scaled.jpg?id=1462 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 07 Apr 2022 19:12:11 GMT
accept-ranges: bytes
content-length: 1491320
content-type: image/jpeg
date: Thu, 10 Nov 2022 02:45:32 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/revslider/public/assets/assets/transparent.png
45.33.119.221200 OK 122 B URL HTTP/2 workingtogethercol.org/wp-content/plugins/revslider/public/assets/assets/transparent.png
IP 45.33.119.221:0
File type PNG image data, 300 x 200, 1-bit grayscale, non-interlaced\012- data
Hash 86c58b484b48eac285e131e8b55d2ce7
3d3ee4c137a6f36e5fbee31e21a4d08f2c38d20e
9603ffeb6772f1cf745e0097d5d6c046eaf16151e5bc521f20764bba5ddb7713
GET /wp-content/plugins/revslider/public/assets/assets/transparent.png HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:28 GMT
accept-ranges: bytes
content-length: 122
content-type: image/png
date: Thu, 10 Nov 2022 02:45:32 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/uploads/2022/03/cropped-Recurso-7-32x32.png
45.33.119.221200 OK 1.5 kB URL HTTP/2 workingtogethercol.org/wp-content/uploads/2022/03/cropped-Recurso-7-32x32.png
IP 45.33.119.221:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 27d9dc8a5e318cf63e654bb6b1d8e91e
abe680c9f3720e7166957fd45a42f5075ca936f3
a7f0d80d8d07b8023189b01b6681ec5d1667fe2e44b616bf73a4b0d89eb75d85
GET /wp-content/uploads/2022/03/cropped-Recurso-7-32x32.png HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 20:03:37 GMT
accept-ranges: bytes
content-length: 1544
content-type: image/png
date: Thu, 10 Nov 2022 02:45:33 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/uploads/2022/03/cropped-Recurso-7-192x192.png
45.33.119.221200 OK 13 kB URL HTTP/2 workingtogethercol.org/wp-content/uploads/2022/03/cropped-Recurso-7-192x192.png
IP 45.33.119.221:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 7d067e24c99b3d6f1cd7391bec19e9eb
27a0e6cda3fe938640addeb68359f84d202a4555
edce40b6d8b2b1eb7006f2355d7a9d008c6c3ed3aa8f2799b261e69db305028c
GET /wp-content/uploads/2022/03/cropped-Recurso-7-192x192.png HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 20:03:37 GMT
accept-ranges: bytes
content-length: 12763
content-type: image/png
date: Thu, 10 Nov 2022 02:45:33 GMT
server: Apache
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 10 Nov 2022 02:45:34 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 65c854479d99fefa14aeb66e7ce8d957
2ff7a98008a3893bc0588eb73364f44de183fb9f
c3d81a90759b99c2fe4fca549e65fd97c60a4e96a72d914c220a4e52018d05c4
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1012
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 10 Nov 2022 02:45:34 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Nov 2022 12:31:58 GMT
expires: Sun, 05 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 396816
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
workingtogethercol.org/wp-admin/admin-ajax.php
45.33.119.221200 OK 16 kB URL HTTP/2 workingtogethercol.org/wp-admin/admin-ajax.php
IP 45.33.119.221:0
Hash da773564c36b6342b2713e8b1ada3561
5999394a41bd70ec7fc9bc417a7a4e44052c3e33
72091659aa4ccd5df9b2e330c20a68c745fd14f31601049ab4ec96b513ae5feb
Analyzer Verdict Alert fortinet Phishing
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 56
Origin: https://workingtogethercol.org
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://workingtogethercol.org
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
date: Thu, 10 Nov 2022 02:45:32 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/?wc-ajax=get_refreshed_fragments
45.33.119.221200 OK 967 B URL HTTP/2 workingtogethercol.org/?wc-ajax=get_refreshed_fragments
IP 45.33.119.221:0
Hash c77465ab04fee76f9bbe7f9d0e9204e9
f8810086988987675fb315d07b52fceb33d40243
d96bc1f2a802510e8f1ffbe2ca739d13e6042487487821696b5bfa9a66043686
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://workingtogethercol.org
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://workingtogethercol.org
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
content-type: application/json; charset=UTF-8
date: Thu, 10 Nov 2022 02:45:32 GMT
server: Apache
X-Firefox-Spdy: h2
i.ytimg.com/vi/YroIxCY448U/default.jpg?sqp=-oaymwEkCHgQWvKriqkDGvABAfgB_gmAAtAFigIMCAAQARhlIE8oTjAP&rs=AOn4CLDvQgytbTE7QU3HSVnoQOwpQjA3Iw
142.250.74.54200 OK 1.9 kB URL HTTP/2 i.ytimg.com/vi/YroIxCY448U/default.jpg?sqp=-oaymwEkCHgQWvKriqkDGvABAfgB_gmAAtAFigIMCAAQARhlIE8oTjAP&rs=AOn4CLDvQgytbTE7QU3HSVnoQOwpQjA3Iw
IP 142.250.74.54:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash d79b7c437f3584d7f99ab610ade70e8d
8e0b0e7d2b9f4b1f3374f54813251f56f56f7c46
fb47fe3db41e8a38879a2441daa04cd27f8c92b32a60160b552f31e4716cc96e
GET /vi/YroIxCY448U/default.jpg?sqp=-oaymwEkCHgQWvKriqkDGvABAfgB_gmAAtAFigIMCAAQARhlIE8oTjAP&rs=AOn4CLDvQgytbTE7QU3HSVnoQOwpQjA3Iw HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 1942
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 02:45:34 GMT
expires: Thu, 10 Nov 2022 04:45:34 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 24f7571e306d068f1f196a316eb95c9b
b0afe7bf2d22d3e30eb97ef7ee160e1fe1e0c114
82e26881a116c8484b307b9b45aac1c09078231c57941bbaa506b1708e1389b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/YroIxCY448U/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgTyhOMA8=&rs=AOn4CLAtNiyUF0w2gMf3C2SN9hirRjoBjg
142.250.74.54200 OK 81 kB URL HTTP/2 i.ytimg.com/vi/YroIxCY448U/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgTyhOMA8=&rs=AOn4CLAtNiyUF0w2gMf3C2SN9hirRjoBjg
IP 142.250.74.54:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash 5ce33af3ab4367e51f5c0c0d68345b98
e9ee20ce8ea581eac5b5d1ea70472ac042b3ed87
5460e4f5c669ae91a38f4f6a44a15a95be9979369763881d2e52d85684ae4777
GET /vi/YroIxCY448U/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgTyhOMA8=&rs=AOn4CLAtNiyUF0w2gMf3C2SN9hirRjoBjg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 80875
date: Thu, 10 Nov 2022 02:45:34 GMT
expires: Thu, 10 Nov 2022 04:45:34 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 28 kB IP 142.250.74.35:0
Hash 4f33a486f4192ff6e446a1eedebc9e2c
dfdf72a90e20b803028997eed9cf852ee883ca12
a035c3176ed3f2a275345c00deaeaf0f8a0a6e54142a21c5ed62261f4d73d5d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 6eb5b256d7c784a3faa5f56e8121b525
7e65b818717b3ccbafccdce93a0bccd1a2b31431
ab9a5d697036184bd72389bbb1d6eea64036868805fa2c31a0eb2161e38f0e8c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 6eb5b256d7c784a3faa5f56e8121b525
7e65b818717b3ccbafccdce93a0bccd1a2b31431
ab9a5d697036184bd72389bbb1d6eea64036868805fa2c31a0eb2161e38f0e8c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=3k&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=video%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&otf=1&otfp=1&dur=0.000&lmt=1663708562771024&mt=1668047516&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgTXBUn8x7aGVXlOvQnA0jGO0V18kepVuutiODgvU3igUCIGmbhJelsR7CGtGdJS9ucPLbCVDjbCsUx3249ctnmJ1b&alr=yes&sig=AOq0QJ8wRQIhAIz_fPDUWXkOad1uOW8fJQ3WeST1aFqxMbdf6LcablvDAiADzg-SlguBGQthXh7LD-SuEBc93ro9yTC_zTB2n8bfrw%3D%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&sq=0&rn=1&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M=
91.90.45.172200 OK 1.2 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=3k&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=video%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&otf=1&otfp=1&dur=0.000&lmt=1663708562771024&mt=1668047516&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgTXBUn8x7aGVXlOvQnA0jGO0V18kepVuutiODgvU3igUCIGmbhJelsR7CGtGdJS9ucPLbCVDjbCsUx3249ctnmJ1b&alr=yes&sig=AOq0QJ8wRQIhAIz_fPDUWXkOad1uOW8fJQ3WeST1aFqxMbdf6LcablvDAiADzg-SlguBGQthXh7LD-SuEBc93ro9yTC_zTB2n8bfrw%3D%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&sq=0&rn=1&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M=
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1232), with no line terminators
Hash 57223d15a92a6b9d245799e76502c4e2
29cddc3dcd7c13893251f6a5517ba50fa45de741
530d052b55285e3acbdea2b18b3743bb17737f873eb6b23c33af181728331efe
GET /videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=3k&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=video%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&otf=1&otfp=1&dur=0.000&lmt=1663708562771024&mt=1668047516&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgTXBUn8x7aGVXlOvQnA0jGO0V18kepVuutiODgvU3igUCIGmbhJelsR7CGtGdJS9ucPLbCVDjbCsUx3249ctnmJ1b&alr=yes&sig=AOq0QJ8wRQIhAIz_fPDUWXkOad1uOW8fJQ3WeST1aFqxMbdf6LcablvDAiADzg-SlguBGQthXh7LD-SuEBc93ro9yTC_zTB2n8bfrw%3D%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&sq=0&rn=1&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M= HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 10 Nov 2022 02:45:34 GMT
Expires: Thu, 10 Nov 2022 02:45:34 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1232
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=251&source=youtube&requiressl=yes&mh=3k&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=audio%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&gir=yes&clen=2783178&otfp=1&dur=149.221&lmt=1663708516148875&mt=1668047516&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhANj2W4IGJR_xUzztXKpL9ziq0Dr8OO4gsKqKffrlx07pAiBtCr6T3Z668PgUOcX0H-31IT-c_D65PqCdiPJzqnts7A%3D%3D&alr=yes&sig=AOq0QJ8wRgIhAKRUBfX6sIuOKJe3BPcBEhEuCMyHNa_OPtBDwIsbdmKEAiEA3eJsDMLbsUUyf_NMLvbZNWMvpYURTKRMcJUvzc_JE5M%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&range=0-66053&rn=2&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M=
91.90.45.172200 OK 1.2 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=251&source=youtube&requiressl=yes&mh=3k&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=audio%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&gir=yes&clen=2783178&otfp=1&dur=149.221&lmt=1663708516148875&mt=1668047516&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhANj2W4IGJR_xUzztXKpL9ziq0Dr8OO4gsKqKffrlx07pAiBtCr6T3Z668PgUOcX0H-31IT-c_D65PqCdiPJzqnts7A%3D%3D&alr=yes&sig=AOq0QJ8wRgIhAKRUBfX6sIuOKJe3BPcBEhEuCMyHNa_OPtBDwIsbdmKEAiEA3eJsDMLbsUUyf_NMLvbZNWMvpYURTKRMcJUvzc_JE5M%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&range=0-66053&rn=2&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M=
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1183), with no line terminators
Hash d7e8c704a20327e19c126ae4229586df
83f1c8943d9da7119cfecb3490b8176f00d489a5
a93bebfb42af7a8f8d4f4a23451baa9ade5bd94d14732d08e38e439accbf4fec
GET /videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=251&source=youtube&requiressl=yes&mh=3k&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=audio%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&gir=yes&clen=2783178&otfp=1&dur=149.221&lmt=1663708516148875&mt=1668047516&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhANj2W4IGJR_xUzztXKpL9ziq0Dr8OO4gsKqKffrlx07pAiBtCr6T3Z668PgUOcX0H-31IT-c_D65PqCdiPJzqnts7A%3D%3D&alr=yes&sig=AOq0QJ8wRgIhAKRUBfX6sIuOKJe3BPcBEhEuCMyHNa_OPtBDwIsbdmKEAiEA3eJsDMLbsUUyf_NMLvbZNWMvpYURTKRMcJUvzc_JE5M%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&range=0-66053&rn=2&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M= HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 10 Nov 2022 02:45:34 GMT
Expires: Thu, 10 Nov 2022 02:45:34 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1183
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 6eb5b256d7c784a3faa5f56e8121b525
7e65b818717b3ccbafccdce93a0bccd1a2b31431
ab9a5d697036184bd72389bbb1d6eea64036868805fa2c31a0eb2161e38f0e8c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3a2307fb817a4d1ae41160f47d87c5c5
3a2128f97fa2247df57b8b7ea25c85511d6dae83
a0db529b659f396a20bbe6033e0d2517a11519fbd6a1a4b350430c82047c1c01
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3a2307fb817a4d1ae41160f47d87c5c5
3a2128f97fa2247df57b8b7ea25c85511d6dae83
a0db529b659f396a20bbe6033e0d2517a11519fbd6a1a4b350430c82047c1c01
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-5goeenes.googlevideo.com/videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=251&source=youtube&requiressl=yes&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=audio%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&gir=yes&clen=2783178&otfp=1&dur=149.221&lmt=1663708516148875&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAKRUBfX6sIuOKJe3BPcBEhEuCMyHNa_OPtBDwIsbdmKEAiEA3eJsDMLbsUUyf_NMLvbZNWMvpYURTKRMcJUvzc_JE5M%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=3k&mm=29&mn=sn-5goeenes&ms=rdu&mt=1668047746&mv=u&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAMMoh_MZ0wEZvt7oEVKOTVNh_9wXOndLKLlqzUaOUdQ8AiEArGgLDTvDdXd-Uu0WuyyzUYnZShNGWG9FPIIQK-CFtvQ%3D&range=0-66053&rn=4&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M=
74.125.108.230200 OK 1.2 kB URL HTTP/1.1 rr1---sn-5goeenes.googlevideo.com/videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=251&source=youtube&requiressl=yes&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=audio%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&gir=yes&clen=2783178&otfp=1&dur=149.221&lmt=1663708516148875&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAKRUBfX6sIuOKJe3BPcBEhEuCMyHNa_OPtBDwIsbdmKEAiEA3eJsDMLbsUUyf_NMLvbZNWMvpYURTKRMcJUvzc_JE5M%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=3k&mm=29&mn=sn-5goeenes&ms=rdu&mt=1668047746&mv=u&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAMMoh_MZ0wEZvt7oEVKOTVNh_9wXOndLKLlqzUaOUdQ8AiEArGgLDTvDdXd-Uu0WuyyzUYnZShNGWG9FPIIQK-CFtvQ%3D&range=0-66053&rn=4&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M=
IP 74.125.108.230:0
File type ASCII text, with very long lines (1188), with no line terminators
Hash b56d916bbfad455de07e8af7a5c81b5a
62a55cba1266a5cfbc6e49c875cfdb51bcee1a99
fdfb41d5ce65b057e462e9ca0e11ee12ab58c55d122cdff942365250857816e7
GET /videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=251&source=youtube&requiressl=yes&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=audio%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&gir=yes&clen=2783178&otfp=1&dur=149.221&lmt=1663708516148875&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAKRUBfX6sIuOKJe3BPcBEhEuCMyHNa_OPtBDwIsbdmKEAiEA3eJsDMLbsUUyf_NMLvbZNWMvpYURTKRMcJUvzc_JE5M%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=3k&mm=29&mn=sn-5goeenes&ms=rdu&mt=1668047746&mv=u&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAMMoh_MZ0wEZvt7oEVKOTVNh_9wXOndLKLlqzUaOUdQ8AiEArGgLDTvDdXd-Uu0WuyyzUYnZShNGWG9FPIIQK-CFtvQ%3D&range=0-66053&rn=4&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M= HTTP/1.1
Host: rr1---sn-5goeenes.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 10 Nov 2022 02:45:34 GMT
Expires: Thu, 10 Nov 2022 02:45:34 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1188
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-5goeenes.googlevideo.com/videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=video%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&otf=1&otfp=1&dur=0.000&lmt=1663708562771024&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRQIhAIz_fPDUWXkOad1uOW8fJQ3WeST1aFqxMbdf6LcablvDAiADzg-SlguBGQthXh7LD-SuEBc93ro9yTC_zTB2n8bfrw%3D%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=3k&mm=29&mn=sn-5goeenes&ms=rdu&mt=1668047746&mv=u&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgaoNXaK-tQ90z10qvNzz7xzdHrAirUmPkXAT8IR1QRhECIQC7kpvS0x9Nvf-EP711qcHmiPemAu0gKH2n2X6i5ms0dw%3D%3D&sq=0&rn=3&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M=
74.125.108.230200 OK 1.2 kB URL HTTP/1.1 rr1---sn-5goeenes.googlevideo.com/videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=video%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&otf=1&otfp=1&dur=0.000&lmt=1663708562771024&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRQIhAIz_fPDUWXkOad1uOW8fJQ3WeST1aFqxMbdf6LcablvDAiADzg-SlguBGQthXh7LD-SuEBc93ro9yTC_zTB2n8bfrw%3D%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=3k&mm=29&mn=sn-5goeenes&ms=rdu&mt=1668047746&mv=u&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgaoNXaK-tQ90z10qvNzz7xzdHrAirUmPkXAT8IR1QRhECIQC7kpvS0x9Nvf-EP711qcHmiPemAu0gKH2n2X6i5ms0dw%3D%3D&sq=0&rn=3&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M=
IP 74.125.108.230:0
File type ASCII text, with very long lines (1241), with no line terminators
Hash 8311dce0ed4caf0e1f41ccfacfbe96e8
c4064477f01cc5b0016697655a878cb05484e8e2
c6747f74e2068d8aae03b75f8a6aae28d4de5d8d2dd895794e1c333f5d621d12
GET /videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=video%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&otf=1&otfp=1&dur=0.000&lmt=1663708562771024&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRQIhAIz_fPDUWXkOad1uOW8fJQ3WeST1aFqxMbdf6LcablvDAiADzg-SlguBGQthXh7LD-SuEBc93ro9yTC_zTB2n8bfrw%3D%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=3k&mm=29&mn=sn-5goeenes&ms=rdu&mt=1668047746&mv=u&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgaoNXaK-tQ90z10qvNzz7xzdHrAirUmPkXAT8IR1QRhECIQC7kpvS0x9Nvf-EP711qcHmiPemAu0gKH2n2X6i5ms0dw%3D%3D&sq=0&rn=3&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M= HTTP/1.1
Host: rr1---sn-5goeenes.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 10 Nov 2022 02:45:34 GMT
Expires: Thu, 10 Nov 2022 02:45:34 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1241
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
workingtogethercol.org/wp-content/uploads/2022/04/GOPR2348_1640457096575-scaled.jpg?id=1460
45.33.119.221200 OK 1.2 kB URL HTTP/2 workingtogethercol.org/wp-content/uploads/2022/04/GOPR2348_1640457096575-scaled.jpg?id=1460
IP 45.33.119.221:0
File type ASCII text, with very long lines (1232), with no line terminators
Hash b9d61a1ca9608f849aa6c4feb87f245d
a9ad4dfc9ccce32f6e66b014065f3b9ead9570f2
0c14724bcfda76cebaea57254c99b89e323d9bba018e397df861245d356665b4
GET /wp-content/uploads/2022/04/GOPR2348_1640457096575-scaled.jpg?id=1460 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 07 Apr 2022 19:09:54 GMT
accept-ranges: bytes
content-length: 1493834
content-type: image/jpeg
date: Thu, 10 Nov 2022 02:45:32 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3a2307fb817a4d1ae41160f47d87c5c5
3a2128f97fa2247df57b8b7ea25c85511d6dae83
a0db529b659f396a20bbe6033e0d2517a11519fbd6a1a4b350430c82047c1c01
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-5goeenes.googlevideo.com/videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=video%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&otf=1&otfp=1&dur=0.000&lmt=1663708562771024&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRQIhAIz_fPDUWXkOad1uOW8fJQ3WeST1aFqxMbdf6LcablvDAiADzg-SlguBGQthXh7LD-SuEBc93ro9yTC_zTB2n8bfrw%3D%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=3k&mm=29&mn=sn-5goeenes&ms=rdu&mt=1668047746&mv=u&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANdCpnQMrMTAxMM3jIcbLeafGVMqyy-veahfAQVGk4QEAiBmNW3iZmyN2J_ft69RaV4kW_RIgLc08LnhIc-h-fsntw%3D%3D&sq=0&rn=7&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M=
74.125.108.230200 OK 1.2 kB URL HTTP/1.1 rr1---sn-5goeenes.googlevideo.com/videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=video%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&otf=1&otfp=1&dur=0.000&lmt=1663708562771024&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRQIhAIz_fPDUWXkOad1uOW8fJQ3WeST1aFqxMbdf6LcablvDAiADzg-SlguBGQthXh7LD-SuEBc93ro9yTC_zTB2n8bfrw%3D%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=3k&mm=29&mn=sn-5goeenes&ms=rdu&mt=1668047746&mv=u&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANdCpnQMrMTAxMM3jIcbLeafGVMqyy-veahfAQVGk4QEAiBmNW3iZmyN2J_ft69RaV4kW_RIgLc08LnhIc-h-fsntw%3D%3D&sq=0&rn=7&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M=
IP 74.125.108.230:0
File type ASCII text, with very long lines (1243), with no line terminators
Hash f1ee73bdab7a6c97427bc1ffcfe96f3a
db5545708f9102b1e432a371395729ea8ba3f78e
db7c4ddba65c8a20810f4424e1dee2b11db9511c30165372e956c54a82dda7c1
GET /videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=video%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&otf=1&otfp=1&dur=0.000&lmt=1663708562771024&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRQIhAIz_fPDUWXkOad1uOW8fJQ3WeST1aFqxMbdf6LcablvDAiADzg-SlguBGQthXh7LD-SuEBc93ro9yTC_zTB2n8bfrw%3D%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=3k&mm=29&mn=sn-5goeenes&ms=rdu&mt=1668047746&mv=u&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANdCpnQMrMTAxMM3jIcbLeafGVMqyy-veahfAQVGk4QEAiBmNW3iZmyN2J_ft69RaV4kW_RIgLc08LnhIc-h-fsntw%3D%3D&sq=0&rn=7&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M= HTTP/1.1
Host: rr1---sn-5goeenes.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 10 Nov 2022 02:45:34 GMT
Expires: Thu, 10 Nov 2022 02:45:34 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1243
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
yt3.ggpht.com/ytc/AMLnZu9CVdve0vOWsVklHM5VA-uM6baR7PTwjm0wVC_u=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 4.5 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu9CVdve0vOWsVklHM5VA-uM6baR7PTwjm0wVC_u=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 48eeaa8d2dd8169abb27acca99196c63
a193cb3597c69e1d5bec0fa3684344a536cd92d6
3c431047701838c874765b3d98e448b32e184c170ec3553b8c99cf829249e264
GET /ytc/AMLnZu9CVdve0vOWsVklHM5VA-uM6baR7PTwjm0wVC_u=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v9"
expires: Fri, 11 Nov 2022 02:45:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 10 Nov 2022 02:45:34 GMT
server: fife
content-length: 4457
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f9746abd865e363c8ec59d1ce415d671
269ab2a272319239e3140c87b015d3fe553285ca
c28c2ea2fd722c4f05b13b83e74b578be4b0aeed251a37dd7553d8d2927da31e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:45:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr3---sn-5hne6nsk.googlevideo.com/videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=251&source=youtube&requiressl=yes&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=audio%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&gir=yes&clen=2783178&otfp=1&dur=149.221&lmt=1663708516148875&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAKRUBfX6sIuOKJe3BPcBEhEuCMyHNa_OPtBDwIsbdmKEAiEA3eJsDMLbsUUyf_NMLvbZNWMvpYURTKRMcJUvzc_JE5M%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&cm2rm=sn-capm-vnae7e,sn-5goly7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=3k&mm=34&mn=sn-5hne6nsk&ms=ltu&mt=1668047786&mv=u&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIfFT7Y9N8ebrruCkeP-GISQPAs1RXnO3AuAv_dS7bSuwIhANi1ggtx8zngPmeAePw3kOA5b5oE-XJPYkkRwak7C0VW&range=0-66053&rn=5&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M=
172.217.132.40200 OK 66 kB URL HTTP/1.1 rr3---sn-5hne6nsk.googlevideo.com/videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=251&source=youtube&requiressl=yes&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=audio%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&gir=yes&clen=2783178&otfp=1&dur=149.221&lmt=1663708516148875&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAKRUBfX6sIuOKJe3BPcBEhEuCMyHNa_OPtBDwIsbdmKEAiEA3eJsDMLbsUUyf_NMLvbZNWMvpYURTKRMcJUvzc_JE5M%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&cm2rm=sn-capm-vnae7e,sn-5goly7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=3k&mm=34&mn=sn-5hne6nsk&ms=ltu&mt=1668047786&mv=u&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIfFT7Y9N8ebrruCkeP-GISQPAs1RXnO3AuAv_dS7bSuwIhANi1ggtx8zngPmeAePw3kOA5b5oE-XJPYkkRwak7C0VW&range=0-66053&rn=5&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M=
IP 172.217.132.40:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 0e88187dc13b922808bd29b5de5f86e5
32e878ceeea0e1d0de0a21fb732f4218ba09b733
0259c598b013d91d64bcba968882027261d2c4dce3c2dc7c2ed5a76c17ffb1a1
GET /videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=251&source=youtube&requiressl=yes&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=audio%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&gir=yes&clen=2783178&otfp=1&dur=149.221&lmt=1663708516148875&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAKRUBfX6sIuOKJe3BPcBEhEuCMyHNa_OPtBDwIsbdmKEAiEA3eJsDMLbsUUyf_NMLvbZNWMvpYURTKRMcJUvzc_JE5M%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&cm2rm=sn-capm-vnae7e,sn-5goly7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=3k&mm=34&mn=sn-5hne6nsk&ms=ltu&mt=1668047786&mv=u&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIfFT7Y9N8ebrruCkeP-GISQPAs1RXnO3AuAv_dS7bSuwIhANi1ggtx8zngPmeAePw3kOA5b5oE-XJPYkkRwak7C0VW&range=0-66053&rn=5&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M= HTTP/1.1
Host: rr3---sn-5hne6nsk.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 20 Sep 2022 21:15:16 GMT
Content-Type: audio/webm
Date: Thu, 10 Nov 2022 02:45:35 GMT
Expires: Thu, 10 Nov 2022 02:45:35 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 66054
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr3---sn-5hne6nsk.googlevideo.com/videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=video%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&otf=1&otfp=1&dur=0.000&lmt=1663708562771024&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRQIhAIz_fPDUWXkOad1uOW8fJQ3WeST1aFqxMbdf6LcablvDAiADzg-SlguBGQthXh7LD-SuEBc93ro9yTC_zTB2n8bfrw%3D%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&cm2rm=sn-capm-vnae7e,sn-5goly7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=3k&mm=34&mn=sn-5hne6nsk&ms=ltu&mt=1668047786&mv=u&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPWPvo6KxzsdDjHz6dAwJjFP0NQoHWWlt34qd_SDVui5AiBMJlZypuo6WNmQTuy2zxJanN_O_srOFqK4yiuG5vw-lw%3D%3D&sq=0&rn=8&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M=
172.217.132.40200 OK 406 B URL HTTP/1.1 rr3---sn-5hne6nsk.googlevideo.com/videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=video%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&otf=1&otfp=1&dur=0.000&lmt=1663708562771024&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRQIhAIz_fPDUWXkOad1uOW8fJQ3WeST1aFqxMbdf6LcablvDAiADzg-SlguBGQthXh7LD-SuEBc93ro9yTC_zTB2n8bfrw%3D%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&cm2rm=sn-capm-vnae7e,sn-5goly7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=3k&mm=34&mn=sn-5hne6nsk&ms=ltu&mt=1668047786&mv=u&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPWPvo6KxzsdDjHz6dAwJjFP0NQoHWWlt34qd_SDVui5AiBMJlZypuo6WNmQTuy2zxJanN_O_srOFqK4yiuG5vw-lw%3D%3D&sq=0&rn=8&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M=
IP 172.217.132.40:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash e5016f6d05cc3d56cd55f6c065e8a785
54e897a547e71d4f19b2d042b3d81fa8e992aee6
2d9f4cbfe0808591388ee3da9ee569edf6f09188d977d4c4389e0b1acaf6f719
GET /videoplayback?expire=1668069934&ei=zmVsY6inH9vKyQWsxJLgCQ&ip=91.90.42.154&id=o-AGpCdf7KRkUkspHvht6uBwWUP6013tRnhDTaBuVSrPrB&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=SFxXNq7qkkW24_fbDIOeGugNtvzzfuI&vprv=1&mime=video%2Fwebm&ns=NXMLGWulxoV8F6_gZ9Oe0tYJ&otf=1&otfp=1&dur=0.000&lmt=1663708562771024&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=84_l4hw8Y5l3_Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRQIhAIz_fPDUWXkOad1uOW8fJQ3WeST1aFqxMbdf6LcablvDAiADzg-SlguBGQthXh7LD-SuEBc93ro9yTC_zTB2n8bfrw%3D%3D&cpn=9XbD7YsH_wV5_mL9&cver=1.20221106.00.00&cm2rm=sn-capm-vnae7e,sn-5goly7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=3k&mm=34&mn=sn-5hne6nsk&ms=ltu&mt=1668047786&mv=u&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPWPvo6KxzsdDjHz6dAwJjFP0NQoHWWlt34qd_SDVui5AiBMJlZypuo6WNmQTuy2zxJanN_O_srOFqK4yiuG5vw-lw%3D%3D&sq=0&rn=8&rbuf=0&pot=D24-g6OPju4dbgZRTADU4qhOqGpbnv54bBehtU_-BoNfn0tx5Z7YTCXb2V8fiJcVpHfMd5uu6oL8zlwOIq1C28sG0rinyWCw_4vpNTgemSGLQnOI1L32lzwaG65GEU6qQz3JB8M= HTTP/1.1
Host: rr3---sn-5hne6nsk.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Mon, 07 Nov 2022 21:31:07 GMT
Content-Type: video/webm
Date: Thu, 10 Nov 2022 02:45:35 GMT
Expires: Thu, 10 Nov 2022 02:45:35 GMT
Cache-Control: private, max-age=21299
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
workingtogethercol.org/wp-content/themes/save-life/style.css
45.33.119.221200 OK 0 B URL HTTP/2 workingtogethercol.org/wp-content/themes/save-life/style.css
IP 45.33.119.221:0
GET /wp-content/themes/save-life/style.css HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:00:50 GMT
accept-ranges: bytes
content-length: 131776
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/plugins/trx_addons/css/font-icons/css/trx_addons_icons-embedded.css?ver=6.1
45.33.119.221200 OK 0 B URL HTTP/2 workingtogethercol.org/wp-content/plugins/trx_addons/css/font-icons/css/trx_addons_icons-embedded.css?ver=6.1
IP 45.33.119.221:0
GET /wp-content/plugins/trx_addons/css/font-icons/css/trx_addons_icons-embedded.css?ver=6.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:03:25 GMT
accept-ranges: bytes
content-length: 160406
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
142.250.74.110200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.110:0
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Thu, 10 Nov 2022 02:45:30 GMT
date: Thu, 10 Nov 2022 02:45:30 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=-PGGg7BU3Jc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=7tg6Wn2v3eQ; Domain=.youtube.com; Expires=Tue, 09-May-2023 02:45:30 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+369; expires=Sat, 09-Nov-2024 02:45:30 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7COswald%3A300%2C400%2C700&subset=latin%2Clatin-ext&ver=6.1
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7COswald%3A300%2C400%2C700&subset=latin%2Clatin-ext&ver=6.1
IP 142.250.74.10:0
GET /css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7COswald%3A300%2C400%2C700&subset=latin%2Clatin-ext&ver=6.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 10 Nov 2022 02:45:30 GMT
date: Thu, 10 Nov 2022 02:45:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
workingtogethercol.org/wp-content/themes/save-life/css/fontello/css/fontello-embedded.css?ver=6.1
45.33.119.221200 OK 0 B URL HTTP/2 workingtogethercol.org/wp-content/themes/save-life/css/fontello/css/fontello-embedded.css?ver=6.1
IP 45.33.119.221:0
GET /wp-content/themes/save-life/css/fontello/css/fontello-embedded.css?ver=6.1 HTTP/1.1
Host: workingtogethercol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://workingtogethercol.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Mar 2022 19:00:50 GMT
accept-ranges: bytes
content-length: 282916
content-type: text/css
date: Thu, 10 Nov 2022 02:45:30 GMT
server: Apache
X-Firefox-Spdy: h2