r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11066
Expires: Fri, 25 Nov 2022 19:13:54 GMT
Date: Fri, 25 Nov 2022 16:09:28 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4419
Cache-Control: max-age=156925
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:09:28 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 11:44:53 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9126
Expires: Fri, 25 Nov 2022 18:41:34 GMT
Date: Fri, 25 Nov 2022 16:09:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 15:19:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3019
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: feI48djxUHf8G++wEjCagWLVIakaLRPB1PvpWeDK6rsYInQTv1y0O4KiTgxUmv4aIlSj+j4k/xdolK/gqOD8xg==
x-amz-request-id: 6KR5QN1Q49H6JHQZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 15:40:51 GMT
age: 1717
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:09:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 15:11:11 GMT
cache-control: public,max-age=3600
age: 3497
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
t-gardens.com/which-one-is-best-digital-perm-and-regular-perm/
183.181.88.27200 OK 16 kB URL HTTP/1.1 t-gardens.com/which-one-is-best-digital-perm-and-regular-perm/
IP 183.181.88.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 27b3ee3e65ef53bd645693b18fa8f3e5
25c78d1f9552a4acb3136c61889973f6678efbbc
a47b7ffb16cb1e1943660b0151c9f405662f1a6a99c2f50d078f482564cd282e
Analyzer Verdict Alert fortinet Phishing
GET /which-one-is-best-digital-perm-and-regular-perm/ HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 16:09:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Pingback: http://t-gardens.com/C4tzCdFjq_SZbG6/xmlrpc.php
Link: <https://t-gardens.com/wp-json/>; rel="https://api.w.org/", <https://t-gardens.com/wp-json/wp/v2/posts/1635>; rel="alternate"; type="application/json", <https://t-gardens.com/?p=1635>; rel=shortlink
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6048
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:09:29 GMT
Last-Modified: Fri, 25 Nov 2022 14:28:41 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
183.181.88.27200 OK 3.2 kB URL HTTP/1.1 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 183.181.88.27:0
File type ASCII text, with very long lines (9937), with no line terminators
Hash 50eaf36f7940e643f5bbf1f877738a34
fb256a8aa37c693b470cb914a6956bfb38461cec
0092804c99d6e1bab6dce06e497295ad70eac0041c4094c80578f294cfbc4fd5
Analyzer Verdict Alert fortinet Phishing
GET /C4tzCdFjq_SZbG6/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://t-gardens.com/which-one-is-best-digital-perm-and-regular-perm/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 16:09:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 10 Nov 2022 03:00:02 GMT
ETag: W/"26d1-5ed14f82d738d"
Expires: Fri, 02 Dec 2022 16:09:29 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
t-gardens.com/C4tzCdFjq_SZbG6/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
183.181.88.27200 OK 16 kB URL HTTP/1.1 t-gardens.com/C4tzCdFjq_SZbG6/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 183.181.88.27:0
File type ASCII text, with very long lines (47826)
Hash 96c22528091b782abd39cef4c9749e52
fa8eef2e605ccb20adce4ea4faffb4442b7133e7
d2b99764aef94d6ac8450097e100a213ea3b7470cad3a940fcc631c1f21b94b1
Analyzer Verdict Alert fortinet Phishing
GET /C4tzCdFjq_SZbG6/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://t-gardens.com/which-one-is-best-digital-perm-and-regular-perm/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 16:09:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 16 Nov 2022 00:52:40 GMT
ETag: W/"172a9-5ed8be3c1fb55"
Expires: Fri, 02 Dec 2022 16:09:28 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/assets/css/slick-theme.min.css?ver=6.1.1
183.181.88.27200 OK 797 B URL HTTP/1.1 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/assets/css/slick-theme.min.css?ver=6.1.1
IP 183.181.88.27:0
File type Unicode text, UTF-8 text, with very long lines (2179), with CRLF line terminators
Hash 4894f1d14b811632ba83e66182923f01
e9d942dd2d3e4454d34791188bb2c531f643320c
d376d211eefb7651a8ec82c198ca050bf65eecb54030e33c03175f0ed15c719c
GET /C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/assets/css/slick-theme.min.css?ver=6.1.1 HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://t-gardens.com/which-one-is-best-digital-perm-and-regular-perm/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 16:09:29 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 15 Apr 2022 13:49:00 GMT
ETag: W/"88d-5dcb1ac355c88"
Expires: Fri, 02 Dec 2022 16:09:29 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
t-gardens.com/C4tzCdFjq_SZbG6/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
183.181.88.27200 OK 4.6 kB URL HTTP/1.1 t-gardens.com/C4tzCdFjq_SZbG6/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 183.181.88.27:0
File type ASCII text, with very long lines (11126)
Hash 413654fdfa9b24fbd3d747482e3971c9
c23c501d5f668cd83443a4847197717536d55ab8
48470f972b6a6afef4cdb0177dae59d5c891353d995e76c47c9cb142fe45766e
Analyzer Verdict Alert fortinet Phishing
GET /C4tzCdFjq_SZbG6/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://t-gardens.com/which-one-is-best-digital-perm-and-regular-perm/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 16:09:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
ETag: W/"2bd8-5b45debe27b80"
Expires: Fri, 02 Dec 2022 16:09:29 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 434ae129436b17a69e304811d8bba08b
47b5b74cb5bd7690382afe68b0bd9b5e068edc77
606592410b216a4a38e824291b5d1de294abeac2389788a48c10730c613141ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "606592410B216A4A38E824291B5D1DE294ABEAC2389788A48C10730C613141AD"
Last-Modified: Thu, 24 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 25 Nov 2022 22:09:29 GMT
Date: Fri, 25 Nov 2022 16:09:29 GMT
Connection: keep-alive
push.services.mozilla.com/
52.43.228.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.228.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: d4nSMiyY4tg+F+8qE3Aa4Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sjZBkTSfe/qaNDtx//UQGSo81nI=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 434ae129436b17a69e304811d8bba08b
47b5b74cb5bd7690382afe68b0bd9b5e068edc77
606592410b216a4a38e824291b5d1de294abeac2389788a48c10730c613141ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "606592410B216A4A38E824291B5D1DE294ABEAC2389788A48C10730C613141AD"
Last-Modified: Thu, 24 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21578
Expires: Fri, 25 Nov 2022 22:09:07 GMT
Date: Fri, 25 Nov 2022 16:09:29 GMT
Connection: keep-alive
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/assets/js/slick.min.js?ver=1.6.2
183.181.88.27200 OK 13 kB URL HTTP/1.1 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/assets/js/slick.min.js?ver=1.6.2
IP 183.181.88.27:0
File type ASCII text, with very long lines (32076), with CRLF line terminators
Hash 2daaf7a871cad4e9f8a4d663fd324250
2efe0932b4619fa68665aff69db2993084efd1d3
5f0732d79a24caf2658123d16639e6cf9e47582c0df31b86d16ba1887a574eae
Analyzer Verdict Alert fortinet Phishing
GET /C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/assets/js/slick.min.js?ver=1.6.2 HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://t-gardens.com/which-one-is-best-digital-perm-and-regular-perm/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 16:09:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 15 Apr 2022 13:49:00 GMT
ETag: W/"a3f2-5dcb1ac356c28"
Expires: Fri, 02 Dec 2022 16:09:29 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/style.css?ver=1.6.2
183.181.88.27200 OK 28 kB URL HTTP/1.1 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/style.css?ver=1.6.2
IP 183.181.88.27:0
File type Unicode text, UTF-8 text, with very long lines (494), with CRLF line terminators
Hash a6cfed47db534f9ffd47254dd74dadbc
17ac4fd31712e47b95d7d1f6725e3ec7394995f6
a85b963f492adac11df4b5e208f3c8ce0b041fff5b1c49c419cf507df03b8636
GET /C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/style.css?ver=1.6.2 HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://t-gardens.com/which-one-is-best-digital-perm-and-regular-perm/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 16:09:29 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 15 Apr 2022 13:49:00 GMT
ETag: W/"1eef2-5dcb1ac35aaa9"
Expires: Fri, 02 Dec 2022 16:09:29 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
t-gardens.com/C4tzCdFjq_SZbG6/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
183.181.88.27200 OK 36 kB URL HTTP/1.1 t-gardens.com/C4tzCdFjq_SZbG6/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 183.181.88.27:0
File type ASCII text, with very long lines (65447)
Hash 3799a6be94d7facfc78f066e18773e22
5d97b0e2565712331b1d73be1581159bf282cd4f
e208eb0b972a9d1bdd741669ae120b4555f33ea138d69d012f99de9aaec1c9be
GET /C4tzCdFjq_SZbG6/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://t-gardens.com/which-one-is-best-digital-perm-and-regular-perm/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 16:09:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 02 Nov 2022 12:53:39 GMT
ETag: W/"15e54-5ec7c54660b61"
Expires: Fri, 02 Dec 2022 16:09:29 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
t-gardens.com/C4tzCdFjq_SZbG6/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
183.181.88.27200 OK 5.8 kB URL HTTP/1.1 t-gardens.com/C4tzCdFjq_SZbG6/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 183.181.88.27:0
File type ASCII text, with very long lines (15660)
Hash 9821563af79d0fbd798c5a96f11cb775
d7ad769f21b6cdbd3602ba2512449e5febe7a2ee
3a372dc0de21ae3d1a2e8d08c2d38599823eb332d06f35ec1eefd1afbbbe9f12
GET /C4tzCdFjq_SZbG6/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://t-gardens.com/which-one-is-best-digital-perm-and-regular-perm/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 16:09:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Sep 2022 12:54:07 GMT
ETag: W/"48b9-5e829ecc4b34d"
Expires: Fri, 02 Dec 2022 16:09:29 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
183.181.88.27200 OK 1.1 kB URL HTTP/1.1 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 183.181.88.27:0
Hash 1669cc2bc1ff7a87815789630fba92f5
dfd9314fbd884bb7552fcfdcc6fd4d82e533dd22
f63a8121b6767f28cef6dadd5083c08f8abfbff972de1ba6b89f12d8702d9b15
Analyzer Verdict Alert fortinet Phishing
GET /C4tzCdFjq_SZbG6/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://t-gardens.com/which-one-is-best-digital-perm-and-regular-perm/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 16:09:29 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 10 Nov 2022 03:00:02 GMT
ETag: W/"aab-5ed14f82d63ed"
Expires: Fri, 02 Dec 2022 16:09:29 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/assets/css/slick.min.css?ver=6.1.1
183.181.88.27200 OK 508 B URL HTTP/1.1 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/assets/css/slick.min.css?ver=6.1.1
IP 183.181.88.27:0
File type ASCII text, with very long lines (1249), with CRLF line terminators
Hash 182288be8c03afc8bc33061bc52b7425
0293a6c919121f553ce175e1028d4aa5d9ffbb13
e686841c466a8b7aaa0db566312e39398fe404968d2fcba952ac855c488a85ad
GET /C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/assets/css/slick.min.css?ver=6.1.1 HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://t-gardens.com/which-one-is-best-digital-perm-and-regular-perm/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 16:09:29 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 15 Apr 2022 13:49:00 GMT
ETag: W/"4e3-5dcb1ac355c88"
Expires: Fri, 02 Dec 2022 16:09:29 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
183.181.88.27200 OK 4.4 kB URL HTTP/1.1 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 183.181.88.27:0
File type HTML document, ASCII text, with very long lines (12310), with no line terminators
Hash 17ddaa3459f67e7200a39c497d4d293c
6267da9c83e724ba1afa3e6b7ec6196f52b674fe
24f9c0a42e16b47c8e289525d0134ecabc30392db09bbb720c6a3b85d3dee201
Analyzer Verdict Alert fortinet Phishing
GET /C4tzCdFjq_SZbG6/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://t-gardens.com/which-one-is-best-digital-perm-and-regular-perm/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 16:09:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 10 Nov 2022 03:00:02 GMT
ETag: W/"3016-5ed14f82d738d"
Expires: Fri, 02 Dec 2022 16:09:29 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/assets/js/functions.min.js?ver=1.6.2
183.181.88.27200 OK 773 B URL HTTP/1.1 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/assets/js/functions.min.js?ver=1.6.2
IP 183.181.88.27:0
File type ASCII text, with very long lines (1957), with no line terminators
Hash 84c42e616147aed29cd2905a4f98d89b
0a17ec4d6846bd8363b7724474ab63e7dc77ed27
e41f37cc5dd0c7c75cf09f212d8e683115e87fe3a8050777973284da7b4e6372
Analyzer Verdict Alert fortinet Phishing
GET /C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/assets/js/functions.min.js?ver=1.6.2 HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://t-gardens.com/which-one-is-best-digital-perm-and-regular-perm/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 16:09:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 15 Apr 2022 13:49:00 GMT
ETag: W/"7a5-5dcb1ac356c28"
Expires: Fri, 02 Dec 2022 16:09:29 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/assets/js/comment.js?ver=1.6.2
183.181.88.27200 OK 817 B URL HTTP/1.1 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/assets/js/comment.js?ver=1.6.2
IP 183.181.88.27:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 49039a718687a10bec76103279490e30
ae8b1c0dfd04dc0bffb13b60a5a7d73a41f47af5
7f2b0ba1a1d8ec2ae24b4caf37976f9d6bc26e99d836be9377ed2c941a1464db
Analyzer Verdict Alert fortinet Phishing
GET /C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/assets/js/comment.js?ver=1.6.2 HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://t-gardens.com/which-one-is-best-digital-perm-and-regular-perm/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 16:09:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 15 Apr 2022 13:49:00 GMT
ETag: W/"942-5dcb1ac356c28"
Expires: Fri, 02 Dec 2022 16:09:29 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
t-gardens.com/C4tzCdFjq_SZbG6/wp-includes/js/wp-embed.min.js?ver=6.1.1
183.181.88.27200 OK 818 B URL HTTP/1.1 t-gardens.com/C4tzCdFjq_SZbG6/wp-includes/js/wp-embed.min.js?ver=6.1.1
IP 183.181.88.27:0
File type ASCII text, with very long lines (1491)
Hash 2758ccee341d2b7bba824f121adbc75b
6d036ea79c3d1e5c86148ac395d90def485077e2
a6bf83d30d6833f1421a16fc8b5406ba94888ce431280dc30a3cd778a71b6b5e
Analyzer Verdict Alert fortinet Phishing
GET /C4tzCdFjq_SZbG6/wp-includes/js/wp-embed.min.js?ver=6.1.1 HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://t-gardens.com/which-one-is-best-digital-perm-and-regular-perm/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 16:09:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Sep 2022 12:54:07 GMT
ETag: W/"5f6-5e829ecc4b34d"
Expires: Fri, 02 Dec 2022 16:09:29 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4014b3f4adf5c5373118894c244afb12
1198e79d0e1e14408e3c0084a3f479122020a723
affc5983ee364e0310c082b225a90cff4ba2d01b68d2cdaf6b5ecbe780cad66d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6491
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:09:29 GMT
Last-Modified: Fri, 25 Nov 2022 14:21:18 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/01/2018y08m03d_135520975-e1595917065825.jpg
183.181.88.27200 OK 36 kB URL HTTP/2 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/01/2018y08m03d_135520975-e1595917065825.jpg
IP 183.181.88.27:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x341, components 3\012- data
Hash ac0ae70b4d96ee2b1143811f167d0c3d
6fcd8cdb25b39097fd6c985f56882bb65d136c47
1e04c827c03f1823cc15b1b4cf6c31a3d961f59529a4b07e21916533b3b22d1f
GET /C4tzCdFjq_SZbG6/wp-content/uploads/2020/01/2018y08m03d_135520975-e1595917065825.jpg HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://t-gardens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:09:29 GMT
content-type: image/jpeg
content-length: 35531
last-modified: Tue, 28 Jul 2020 06:17:45 GMT
etag: "8acb-5ab7a65c01440"
expires: Fri, 02 Dec 2022 16:09:29 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
www.baroque-hn.com/wp/wp-content/uploads/2021/01/2402373_s.jpg
217.160.0.118200 OK 24 kB URL HTTP/2 www.baroque-hn.com/wp/wp-content/uploads/2021/01/2402373_s.jpg
IP 217.160.0.118:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 640x434, components 3\012- data
Hash 38580c6555390e10ee8a88aa4e4db5ba
1edfc5ab6ad006c53c3414b2a1c1f4f01b66687f
b0f22b1d0eb77e499ea4aa280aa903e697c77b415252f0d41b2ed6c8f1225916
GET /wp/wp-content/uploads/2021/01/2402373_s.jpg HTTP/1.1
Host: www.baroque-hn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://t-gardens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 23989
date: Fri, 25 Nov 2022 16:09:29 GMT
server: Apache
last-modified: Fri, 08 Jan 2021 05:35:10 GMT
etag: "5db5-5b85ceb7e733c"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.baroque-hn.com/wp/wp-content/uploads/2021/01/112665_s.jpg
217.160.0.118200 OK 45 kB URL HTTP/2 www.baroque-hn.com/wp/wp-content/uploads/2021/01/112665_s.jpg
IP 217.160.0.118:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 640x427, components 3\012- data
Hash 9b35f8dd5f049689dbc4d0a0106f037d
a71cb318fbdcf653af41f9ff8bf220f2d66d540b
621cd1807e7f6785d1828352ebbd58a555716f13c1e85b58bedd83dff9bc26de
GET /wp/wp-content/uploads/2021/01/112665_s.jpg HTTP/1.1
Host: www.baroque-hn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://t-gardens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 45302
date: Fri, 25 Nov 2022 16:09:29 GMT
server: Apache
last-modified: Fri, 08 Jan 2021 05:35:06 GMT
etag: "b0f6-5b85ceb33fc09"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4014b3f4adf5c5373118894c244afb12
1198e79d0e1e14408e3c0084a3f479122020a723
affc5983ee364e0310c082b225a90cff4ba2d01b68d2cdaf6b5ecbe780cad66d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6492
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 16:09:30 GMT
Last-Modified: Fri, 25 Nov 2022 14:21:18 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/assets/fonts/design_plus.woff?v=1.0
183.181.88.27200 OK 26 kB URL HTTP/1.1 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/assets/fonts/design_plus.woff?v=1.0
IP 183.181.88.27:0
File type Web Open Font Format, TrueType, length 25892, version 1.0\012- data
Hash 3d5f853d01b444719b8c98d1f090fafd
6fca5547af9ee5171266f2a05de24ca6ae56cb81
ac4b86db82706fe813fb3a3b5c4eef27e927307903a6e48d27cbe106b62d2126
Analyzer Verdict Alert fortinet Phishing
GET /C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/assets/fonts/design_plus.woff?v=1.0 HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://t-gardens.com/C4tzCdFjq_SZbG6/wp-content/themes/beauty_tcd054/style.css?ver=1.6.2
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 16:09:30 GMT
Content-Type: application/font-woff
Content-Length: 25892
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 15 Apr 2022 13:49:00 GMT
ETag: "6524-5dcb1ac356c28"
Expires: Fri, 02 Dec 2022 16:09:30 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/oJI2v4nsT1A.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 5.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/oJI2v4nsT1A.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4431)
Hash 1edd6626ecc1fe1c708fe86319f5bc22
dd58cc72446f8658aac8f9c46075874d5df96b6a
afb2ce31a60811eac42759964232e5b0f6d23463b318c21677bff49f1ef71b9c
GET /rsrc.php/v3/yp/l/0,cross/oJI2v4nsT1A.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 24 Nov 2023 18:45:23 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Ht1mJuzB/hxwj+hjGfW8Ig==
x-fb-debug: Ne8hjCb1Wi8nV30MsIucv1btJPTzvPzf0BPF4YklJfmkDr6VcEK7+MJSceq5ShE19wiwjTayjaDbWg2TZp11QA==
priority: u=2
content-length: 5146
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 16:09:30 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 338 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (327)
Hash 76f593e842677f73cd0a06232874b2c3
25a13f79478d5a0e286a2299dca2f3b296463079
74dcbe026002f10b703960a500b50dabe518862e568a9e689dec7afa243fa44d
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 04:07:54 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dvWT6EJnf3PNCgYjKHSyww==
x-fb-debug: GDGRfZeyuE1OHpy9ahIhaU0kclOXpFQYQ7/1M/D5cI7JUQ4Ew0DXCSWEFfX2Lc8mzeEZzI90+YEWxbLFPyoGUw==
content-length: 338
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 16:09:30 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iLl54/yh/l/en_US/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 8.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iLl54/yh/l/en_US/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (2905)
Hash 7734711815478192096a4df90abbfa01
ea16129c6f54227d9d01bf3421e68863e75ffd7a
22cf4b88ca3b9208f44974e02dc6f784021871877121c7d03b310d7264ced0e3
GET /rsrc.php/v3iLl54/yh/l/en_US/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 04:17:26 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dzRxGBVHgZIJak35Crv6AQ==
x-fb-debug: SwZtxprWZfXl+rO+YaOOqR2xLBF38ZPg8Y+cP7WtlQTkjvtMYyRnl3hNc9Mm0TJ9+/36SgDNG/isJ/X1ydzT6w==
priority: u=3,i
content-length: 8360
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 16:09:30 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y-/r/y841rZ2iNa0.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 8.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y-/r/y841rZ2iNa0.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (9885)
Hash 71e8e93b5e55f2010013b0814f4e3ae5
4732ba3acc539a0e9ff12d08c1b5a16f535bd594
b710ea52f812ac39c5195f0c170142bfcfcc274aa6b250a29a1ed1c59ea58556
GET /rsrc.php/v3/y-/r/y841rZ2iNa0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 04:39:12 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: cejpO15V8gEAE7CBT0465Q==
x-fb-debug: H2PI3oGS9Y4J9xsW92eZpy446nXHTXfc0oS1Ip5KPRUh1uSqu1kjsSpEPgFjjn+tiZ3P/nPgRYBruWBygKDW9g==
content-length: 8748
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 16:09:30 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yW/r/0aTHA2C1d6g.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 7.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yW/r/0aTHA2C1d6g.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4057)
Hash 571700b5a1e8db88d5d79007a910b962
07102cc5f2b19f190830664e1ec6718efb33c011
ecccefedaf39e094079b22880aba987993015fbf1b70fd3c63bc57dc10685f11
GET /rsrc.php/v3/yW/r/0aTHA2C1d6g.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 04:13:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: VxcAtaHo24jV15AHqRC5Yg==
x-fb-debug: toyuB3SAldiJbPiFmTzqS82YUXCgo1xj24kbDL0MQa9hnhIbaWdcJ2i2753fIkvf+ZVJbaC46+TMmqv8MGguuA==
content-length: 7238
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 16:09:30 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yt/l/en_US/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 24 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEpO4/yt/l/en_US/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (42048)
Hash 3051900d03a657ddbbc9afa8ac11cdbd
557f26734897e137a6678f6d2a81672fc6a34ad2
038035ce01be57324c7e251c8834229b4910f27e3a042912fd7276947e5750df
GET /rsrc.php/v3iEpO4/yt/l/en_US/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 03:32:37 GMT
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-fb-rlafr: 0
content-md5: MFGQDQOmV927ya+orBHNvQ==
x-fb-debug: bYJtwnmxjXNN/5yVzx0xIPOgUd6Q8v8AOjtZxr+sBc5dyqixEfG4vUGd0PG5yIVM8WsyOnRU3pNCX33EeE2n6Q==
content-length: 23455
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 16:09:30 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 830 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (724)
Hash d63a02ce87c07ffcfa869fef7fc5f233
cae745fef84088abe3525bb77f75c55cd1d4cc2c
bf9d4d71541a0a1f31b10be351add847ee935da6de355756314c8ca96512444d
GET /rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 18 Nov 2023 18:24:38 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 1joCzofAf/z6hp/vf8XyMw==
x-fb-debug: Kj7wDR4ZUhOCqpydHIir3jrZeY0lgM+7J9w/C7ydajKnbRQOLDivzqfww/dDUDhdoi+4Uz0SpoApq3vwuwWS0A==
content-length: 830
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 16:09:30 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FTGardensNewYork&tabs=timeline&width=350&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
157.240.200.35200 OK 106 kB URL HTTP/2 www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FTGardensNewYork&tabs=timeline&width=350&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
IP 157.240.200.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18809)
Size 106 kB (105499 bytes)
Hash f1936169b15cc5cf6e1c50405556fe3c
bc0978235855b1410fba928e5c4ebaedb1968c1c
cc64a75dfed42cfb21419491683f6eec489e0214f82c69452aa46f2a6ca0a5fd
GET /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FTGardensNewYork&tabs=timeline&width=350&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://t-gardens.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: tBchC0DPsFo21jmfMrflg1RAroco2MvoqbTRnoyo0zSNNKWQINqyObYCHTRJo9tOFrs+V06jXVgf1DUmr2XX8Q==
date: Fri, 25 Nov 2022 16:09:30 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/01/480784_503023689764614_1372636611_n-1-e1579161026500.jpg
183.181.88.27200 OK 14 kB URL HTTP/2 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/01/480784_503023689764614_1372636611_n-1-e1579161026500.jpg
IP 183.181.88.27:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 250x253, components 3\012- data
Hash 80860d9d930b6dff2951d0a5b45d1256
00a243e12928b8f669af817d09427f21866e62ee
9a5a85b8843f52c22dd03ec9c91011a673e5599f033def54a2cf427f5e08952e
GET /C4tzCdFjq_SZbG6/wp-content/uploads/2020/01/480784_503023689764614_1372636611_n-1-e1579161026500.jpg HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://t-gardens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:09:29 GMT
content-type: image/jpeg
content-length: 13500
last-modified: Tue, 28 Jul 2020 05:44:42 GMT
etag: "34bc-5ab79ef8de680"
expires: Fri, 02 Dec 2022 16:09:29 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (1984)
Hash 16f083b23b565db9d2f20d1ad75933c1
6d74ad139c96b1e3fc9d541419788b5b4893ec9a
36b909cd9132a8996a1bbb221d05217c31506a6951bb408deeea6aa612dc4200
GET /rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 06:07:00 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
x-fb-debug: bP7Hn62kFAjWr7jSa5xbIHjvtrymCc5+/BWiU8jmZWvoE9UNywvxV+fazhrnkAfvO75toNN1+8hqwJRQpK4bpw==
content-length: 1657
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 16:09:30 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (5542)
Hash 0765d76d746716156d53d36ee6f80836
17e1546f87cc6417615caa10dcbbcb699c59471a
f1e6af63ae9ff0385126b72a492b0d34709514dd4c00074a1be28272c253d4f8
GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 03:38:47 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: B2XXbXRnFhVtU9Nu5vgINg==
x-fb-debug: wiiQpSv+hINmxdmDh50qRYLH0Cc0/G7L/Ii7uM69ujJ9255olUBP7wXxq1ttCrD/GuMczOSWMrxFCttWIBEa7Q==
priority: u=3,i
content-length: 12369
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 16:09:30 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type C source, ASCII text, with very long lines (8741)
Hash dfb29285817fca7b068ba0ec98aa2392
78cd49585da28a245a096781c8e0fada59cf2b72
2c4a3a46d7dfaf97bbc16a2b93470d1b3382c0da3f44dca0c987a3384cee43d3
GET /rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 06:07:01 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 37KShYF/ynsGi6DsmKojkg==
x-fb-debug: W8oNQ20RRci19DZRKo9uDRApdh+0a2rAY6qTH85H4Hi9P5kV6tLh8k37VYg3Sb5ZwVDl6wz3D24n8ZMMRcEPrQ==
content-length: 16262
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 16:09:30 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/02/IMG_2663-scaled-e1595916548312.jpg
183.181.88.27200 OK 38 kB URL HTTP/2 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/02/IMG_2663-scaled-e1595916548312.jpg
IP 183.181.88.27:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x375, components 3\012- data
Hash c91e482468b92ce82144539f75e15c9e
e2ae2dc7eec5f00fb3403dd460b8def240bf58fb
7a2d90b7743c9519d2627cce4bc3a11a2630e43a9f2409715d4cd007f8de5504
GET /C4tzCdFjq_SZbG6/wp-content/uploads/2020/02/IMG_2663-scaled-e1595916548312.jpg HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://t-gardens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:09:29 GMT
content-type: image/jpeg
content-length: 37607
last-modified: Tue, 28 Jul 2020 06:09:08 GMT
etag: "92e7-5ab7a46ef4900"
expires: Fri, 02 Dec 2022 16:09:29 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 1.0 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8adf2aedf9c2717ceb97681f04dc60ba
91235c89019372d9deaee06f4e32162263f6f548
9ec8b14aa5953d5b6f2fd3089c3543e96dfd6166677da1cbab1c47414f1071d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10233
Expires: Fri, 25 Nov 2022 19:00:03 GMT
Date: Fri, 25 Nov 2022 16:09:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 602 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e00fd16ac6623c1cd0ef944a85b7c343
367e95fb775f1ee4e850f8243a19be36c015f55a
b95f58ab719066f18a1bf3be3f405a67514df337b564b6d3088754ccedf20b39
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10233
Expires: Fri, 25 Nov 2022 19:00:03 GMT
Date: Fri, 25 Nov 2022 16:09:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10233
Expires: Fri, 25 Nov 2022 19:00:03 GMT
Date: Fri, 25 Nov 2022 16:09:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10233
Expires: Fri, 25 Nov 2022 19:00:03 GMT
Date: Fri, 25 Nov 2022 16:09:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: q53jN1uOtSdeThbk2_0UF6Rl3g4_-_TW7uK1_6Z5oDwSTSRk8XRjyQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:08 GMT
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
age: 66862
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 02:07:28 GMT
age: 50522
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:38:44 GMT
age: 41446
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:47:08 GMT
age: 66142
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6673267df195141739d1018c17101368
b80047da428636adb7027f12718c8d11bd461da4
de30af07eed7326a1326c831e04727649a112c20d0c485a7e973edd96f91bfaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11954
x-amzn-requestid: c2484616-009c-47c4-b52a-36b956c7b207
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8JzaHXLoAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2348-01d4a7be526475d31fce3c13;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:44 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 3KRN_6gYmJqP-Ehaxdu5iwp9xKOOg-dhtGdUcSaho56NVWqVCtyiFA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 08:05:57 GMT
age: 29013
etag: "b80047da428636adb7027f12718c8d11bd461da4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8784bb7a8b88736a6016f712e3183bf3
b0ddc1555d2506177adcdcea77864d75f1245d07
8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 65685
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/01/alina-kovalchuk-BdrUHhkPA0M-unsplash-scaled-e1595917069847.jpg
183.181.88.27200 OK 30 kB URL HTTP/2 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/01/alina-kovalchuk-BdrUHhkPA0M-unsplash-scaled-e1595917069847.jpg
IP 183.181.88.27:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x313, components 3\012- data
Hash 4a40f0fe900f207b749f59404cc5a1c3
7cd163dcc9598f66367a69220bf3b34255924543
11edb9815b566fae06dbb80627690511a4838199370f24a896c3ff7aed6c6d06
GET /C4tzCdFjq_SZbG6/wp-content/uploads/2020/01/alina-kovalchuk-BdrUHhkPA0M-unsplash-scaled-e1595917069847.jpg HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://t-gardens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:09:29 GMT
content-type: image/jpeg
content-length: 29595
last-modified: Tue, 28 Jul 2020 06:17:49 GMT
etag: "739b-5ab7a65fd1d40"
expires: Fri, 02 Dec 2022 16:09:29 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d0413f50c8755e365affd5e7e17671ec
d12b70b9dd1aef46c1c5960a4281117b89c2afae
f4078e9f074a456b2235242f8d5fbf49d2f2b2bdd6c9f4465b02b091fb696fda
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4078E9F074A456B2235242F8D5FBF49D2F2B2BDD6C9F4465B02B091FB696FDA"
Last-Modified: Wed, 23 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 25 Nov 2022 22:09:30 GMT
Date: Fri, 25 Nov 2022 16:09:30 GMT
Connection: keep-alive
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/01/480784_503023689764614_1372636611_n-2-e1579160239582.jpg
183.181.88.27200 OK 3.6 kB URL HTTP/2 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/01/480784_503023689764614_1372636611_n-2-e1579160239582.jpg
IP 183.181.88.27:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 110x112, components 3\012- data
Hash a481c0e17586e8bc30eaa80285b3ec6e
7f57e9c9ac6bd91c42a176c0da9715758254e751
19ee933dcaf620a8431820295d0c857862c11878fda3cab70aeaf55ba8a14c24
GET /C4tzCdFjq_SZbG6/wp-content/uploads/2020/01/480784_503023689764614_1372636611_n-2-e1579160239582.jpg HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://t-gardens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:09:29 GMT
content-type: image/jpeg
content-length: 3575
last-modified: Tue, 28 Jul 2020 05:44:39 GMT
etag: "df7-5ab79ef601fc0"
expires: Fri, 02 Dec 2022 16:09:29 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
t-gardens.com/wp-content/uploads/2020/03/fullsizeoutput_f7e-1024x768.jpeg
183.181.88.27200 OK 160 kB URL HTTP/2 t-gardens.com/wp-content/uploads/2020/03/fullsizeoutput_f7e-1024x768.jpeg
IP 183.181.88.27:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 1024x768, components 3\012- data
Size 160 kB (160029 bytes)
Hash 0ec64031b37897017b965fcc02453a1e
8653dfe9ca49b09fdc12a24ede7bea1a2848f494
0409a63162cf2a1f7563808726be447442c5c7bd482057d1da481cbfff15fa93
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/03/fullsizeoutput_f7e-1024x768.jpeg HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://t-gardens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:09:29 GMT
content-type: image/jpeg
content-length: 160029
last-modified: Thu, 12 Mar 2020 07:53:53 GMT
etag: "2711d-5a0a3a7817393"
expires: Fri, 02 Dec 2022 16:09:29 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/02/IMG_2578-1024x1024.jpg
183.181.88.27200 OK 204 kB URL HTTP/2 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/02/IMG_2578-1024x1024.jpg
IP 183.181.88.27:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1024x1024, components 3\012- data
Size 204 kB (203700 bytes)
Hash cc37d0471e4954b34cea616e9d84f3ec
d7756ee06e2a33eb9059a2974c0c0b72a7ddae51
72bc0f03a7815f9ebe12f6072d419ad76d101e54015a7b1a7408d93aecc727fd
GET /C4tzCdFjq_SZbG6/wp-content/uploads/2020/02/IMG_2578-1024x1024.jpg HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://t-gardens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:09:29 GMT
content-type: image/jpeg
content-length: 203700
last-modified: Mon, 24 Feb 2020 09:23:04 GMT
etag: "31bb4-59f4eeb176e00"
expires: Fri, 02 Dec 2022 16:09:29 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2021/05/IMG_0702-760x1024.jpg
183.181.88.27200 OK 186 kB URL HTTP/2 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2021/05/IMG_0702-760x1024.jpg
IP 183.181.88.27:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 760x1024, components 3\012- data
Size 186 kB (186233 bytes)
Hash 73ad73311c34a7544bc80c3e46c5f62a
0338ee3211251faa009242f5ccf6b07fd6ba52eb
13cfcb73df922b53afd5d30a4261c68e3031a3bf8c57b9623e108b13214de024
GET /C4tzCdFjq_SZbG6/wp-content/uploads/2021/05/IMG_0702-760x1024.jpg HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://t-gardens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:09:29 GMT
content-type: image/jpeg
content-length: 186233
last-modified: Wed, 26 May 2021 01:14:20 GMT
etag: "2d779-5c3315cb91300"
expires: Fri, 02 Dec 2022 16:09:29 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/07/IMG_4765-225x300.jpg
183.181.88.27200 OK 14 kB URL HTTP/2 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/07/IMG_4765-225x300.jpg
IP 183.181.88.27:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 225x300, components 3\012- data
Hash 4095d5647e198f570fb4a6c2197603ca
9e84183620621a57364097095d89eda0d20f9e53
a56ebc317eb7398d1f2d671b424b5ee735f3605d809387ed02fcea8e7c9a4b97
GET /C4tzCdFjq_SZbG6/wp-content/uploads/2020/07/IMG_4765-225x300.jpg HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://t-gardens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:09:30 GMT
content-type: image/jpeg
content-length: 14342
last-modified: Tue, 28 Jul 2020 11:35:00 GMT
etag: "3806-5ab7ed4532100"
expires: Fri, 02 Dec 2022 16:09:30 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2021/01/IMG_8768-768x1024.jpg
183.181.88.27200 OK 225 kB URL HTTP/2 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2021/01/IMG_8768-768x1024.jpg
IP 183.181.88.27:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 768x1024, components 3\012- data
Size 225 kB (225087 bytes)
Hash 65a4a8ceb8de258ea362b9801a6e0da4
4e89e63e2011a1ba0431dd61b6198af5c59d37c7
807a3c6da286d34c0896dbbb0e11b3d8e00b751bc1020168657b1b9dcbf6417b
GET /C4tzCdFjq_SZbG6/wp-content/uploads/2021/01/IMG_8768-768x1024.jpg HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://t-gardens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:09:29 GMT
content-type: image/jpeg
content-length: 225087
last-modified: Wed, 27 Jan 2021 02:01:14 GMT
etag: "36f3f-5b9d82555ae80"
expires: Fri, 02 Dec 2022 16:09:29 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/07/t-gardens4-e1598193091544.png
183.181.88.27200 OK 338 kB URL HTTP/2 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/07/t-gardens4-e1598193091544.png
IP 183.181.88.27:0
File type PNG image data, 800 x 350, 8-bit/color RGBA, non-interlaced\012- data
Size 338 kB (337594 bytes)
Hash 07e0246bb21a237151f66c566a352e76
e22e7a3cd51b0584127a60c74ff53d4f97b0e493
e7dea7d394f0978dd1d4832d992600c29f77a8db10a44e24fab06428180fd097
GET /C4tzCdFjq_SZbG6/wp-content/uploads/2020/07/t-gardens4-e1598193091544.png HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://t-gardens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:09:29 GMT
content-type: image/png
content-length: 337594
last-modified: Sun, 23 Aug 2020 14:31:32 GMT
etag: "526ba-5ad8c5387f900"
expires: Fri, 02 Dec 2022 16:09:29 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/07/t-gardens2-e1598193105474.png
183.181.88.27200 OK 519 kB URL HTTP/2 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/07/t-gardens2-e1598193105474.png
IP 183.181.88.27:0
File type PNG image data, 800 x 450, 8-bit/color RGBA, non-interlaced\012- data
Size 519 kB (518893 bytes)
Hash a489a4b88a56f67f6a848a4bf0dd9ffa
7bfb0e6ca986ba4db4a485461b06fa3ac93753fe
016fcb5dde332629d117314aed6cbe20b6ff36900a87ed4cae8309d061c7d7a6
GET /C4tzCdFjq_SZbG6/wp-content/uploads/2020/07/t-gardens2-e1598193105474.png HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://t-gardens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:09:29 GMT
content-type: image/png
content-length: 518893
last-modified: Sun, 23 Aug 2020 14:31:46 GMT
etag: "7eaed-5ad8c545d9880"
expires: Fri, 02 Dec 2022 16:09:29 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/07/gardens-2-e1598193119566.png
183.181.88.27200 OK 759 kB URL HTTP/2 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/07/gardens-2-e1598193119566.png
IP 183.181.88.27:0
File type PNG image data, 800 x 450, 8-bit/color RGBA, non-interlaced\012- data
Size 759 kB (758745 bytes)
Hash d4a26d7c45da81ed499c45a9b18d9e6c
60ff6d3749ffa5cb5f5e8a01f80f02e731b22760
8fda6f62ee021efd6d8639f132d0f54f236bc1e1ca9bcd7eda822a22b99a69ae
GET /C4tzCdFjq_SZbG6/wp-content/uploads/2020/07/gardens-2-e1598193119566.png HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://t-gardens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:09:29 GMT
content-type: image/png
content-length: 758745
last-modified: Sun, 23 Aug 2020 14:31:59 GMT
etag: "b93d9-5ad8c5523f5c0"
expires: Fri, 02 Dec 2022 16:09:29 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
goodvibeshair.jp/gaD7P_q5rLEhr2/wp-content/uploads/2021/10/cropped-good%E3%80%80%E3%83%AD%E3%82%B3%E3%82%99-32x32.png
183.181.88.27200 OK 933 B URL HTTP/2 goodvibeshair.jp/gaD7P_q5rLEhr2/wp-content/uploads/2021/10/cropped-good%E3%80%80%E3%83%AD%E3%82%B3%E3%82%99-32x32.png
IP 183.181.88.27:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash a4946fc955d2cce0175b7c07e3f948a5
f2029e5b117926c66b54d31c7dc0705a8c39f999
ffdf8d956b2cdbe2ea6c725481ddd3d48e1628696618c3d7317ec32c7f4e6b38
GET /gaD7P_q5rLEhr2/wp-content/uploads/2021/10/cropped-good%E3%80%80%E3%83%AD%E3%82%B3%E3%82%99-32x32.png HTTP/1.1
Host: goodvibeshair.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodvibeshair.jp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:09:31 GMT
content-type: image/png
content-length: 933
last-modified: Sun, 10 Oct 2021 05:10:27 GMT
etag: "3a5-5cdf8a166b6c0"
expires: Fri, 02 Dec 2022 16:09:31 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/ga.js
142.250.74.174200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://t-gardens.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Fri, 25 Nov 2022 15:05:57 GMT
Expires: Fri, 25 Nov 2022 17:05:57 GMT
Cache-Control: public, max-age=7200
Age: 3814
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=343581698&utmhn=t-gardens.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Which%20one%20is%20best%20between%20Digital%20perm%20and%20regular%20perm%3F%20%E2%80%93%20T-gardens%20New%20York%20Hair%20Salon&utmhid=370118563&utmr=-&utmp=%2Fwhich-one-is-best-digital-perm-and-regular-perm%2F&utmht=1669392571058&utmac=UA-40781273-1&utmcc=__utma%3D210245392.1533933333.1669392571.1669392571.1669392571.1%3B%2B__utmz%3D210245392.1669392571.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1412116389&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.174200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=343581698&utmhn=t-gardens.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Which%20one%20is%20best%20between%20Digital%20perm%20and%20regular%20perm%3F%20%E2%80%93%20T-gardens%20New%20York%20Hair%20Salon&utmhid=370118563&utmr=-&utmp=%2Fwhich-one-is-best-digital-perm-and-regular-perm%2F&utmht=1669392571058&utmac=UA-40781273-1&utmcc=__utma%3D210245392.1533933333.1669392571.1669392571.1669392571.1%3B%2B__utmz%3D210245392.1669392571.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1412116389&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=343581698&utmhn=t-gardens.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Which%20one%20is%20best%20between%20Digital%20perm%20and%20regular%20perm%3F%20%E2%80%93%20T-gardens%20New%20York%20Hair%20Salon&utmhid=370118563&utmr=-&utmp=%2Fwhich-one-is-best-digital-perm-and-regular-perm%2F&utmht=1669392571058&utmac=UA-40781273-1&utmcc=__utma%3D210245392.1533933333.1669392571.1669392571.1669392571.1%3B%2B__utmz%3D210245392.1669392571.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1412116389&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://t-gardens.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Fri, 25 Nov 2022 16:09:31 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/01/480784_503023689764614_1372636611_n-1-300x300.jpg
183.181.88.27200 OK 20 kB URL HTTP/2 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/01/480784_503023689764614_1372636611_n-1-300x300.jpg
IP 183.181.88.27:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 92", baseline, precision 8, 300x300, components 3\012- data
Hash c33272a4320657ba3943e0717e6be409
564e1b1336fdf09db8fa6e5af6de51b3e54c23c5
b3f05fa9d06140b3f3e62f2d3c9afce16094ca827592972b5ce8e800fcae4845
GET /C4tzCdFjq_SZbG6/wp-content/uploads/2020/01/480784_503023689764614_1372636611_n-1-300x300.jpg HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://t-gardens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:09:31 GMT
content-type: image/jpeg
content-length: 19545
last-modified: Thu, 09 Jan 2020 08:00:46 GMT
etag: "4c59-59bb068104780"
expires: Fri, 02 Dec 2022 16:09:31 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/01/480784_503023689764614_1372636611_n-1-120x120.jpg
183.181.88.27200 OK 5.2 kB URL HTTP/2 t-gardens.com/C4tzCdFjq_SZbG6/wp-content/uploads/2020/01/480784_503023689764614_1372636611_n-1-120x120.jpg
IP 183.181.88.27:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 92", baseline, precision 8, 120x120, components 3\012- data
Hash 4a89b72645ca45ace39cf539547ec71f
98805ad2b317aec6db8d97ec9f7a37a3ff29a166
80e214ea91fc4e78a084b0e6818482991735c993f150c8c4d82041583a13cb73
GET /C4tzCdFjq_SZbG6/wp-content/uploads/2020/01/480784_503023689764614_1372636611_n-1-120x120.jpg HTTP/1.1
Host: t-gardens.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://t-gardens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:09:31 GMT
content-type: image/jpeg
content-length: 5247
last-modified: Thu, 09 Jan 2020 08:00:46 GMT
etag: "147f-59bb068104780"
expires: Fri, 02 Dec 2022 16:09:31 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
goodvibeshair.jp/overseas-newyork-en/embed/
183.181.88.27200 OK 0 B URL HTTP/2 goodvibeshair.jp/overseas-newyork-en/embed/
IP 183.181.88.27:0
GET /overseas-newyork-en/embed/ HTTP/1.1
Host: goodvibeshair.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://t-gardens.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:09:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-pingback: https://goodvibeshair.jp/gaD7P_q5rLEhr2/xmlrpc.php
link: <https://goodvibeshair.jp/wp-json/>; rel="https://api.w.org/", <https://goodvibeshair.jp/wp-json/wp/v2/posts/878>; rel="alternate"; type="application/json", <https://goodvibeshair.jp/?p=878>; rel=shortlink
x-wp-embed: true
content-encoding: br
X-Firefox-Spdy: h2
goodvibeshair.jp/gaD7P_q5rLEhr2/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
183.181.88.27200 OK 0 B URL HTTP/2 goodvibeshair.jp/gaD7P_q5rLEhr2/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 183.181.88.27:0
GET /gaD7P_q5rLEhr2/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: goodvibeshair.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodvibeshair.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 16:09:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 25 May 2022 06:57:31 GMT
etag: W/"48b9-5dfd0964868b3"
expires: Fri, 02 Dec 2022 16:09:31 GMT
cache-control: max-age=604800
content-encoding: br
X-Firefox-Spdy: h2