my.signpost.com/external_link_click?url=https://mpalma.com/&link_target=website&link_source=message&source_type=email&sent_comm_fingerprint=01758538715a0a51fb228a94d22beb137b25da57
301 Moved Permanently 464 B URL HTTP/1.1 my.signpost.com/external_link_click?url=https://mpalma.com/&link_target=website&link_source=message&source_type=email&sent_comm_fingerprint=01758538715a0a51fb228a94d22beb137b25da57
IP
File type HTML document, ASCII text, with very long lines (464), with no line terminators
Hash 73f01e45d55d948aa2aa699f188ff3b2
878019f59e4c86acf26b4c626ea2c1c31ebfe053
42291c845965335a025bdca73d1ebb048fe01e4c4c594f104a5d02a9c6b2946c
GET /external_link_click?url=https://mpalma.com/&link_target=website&link_source=message&source_type=email&sent_comm_fingerprint=01758538715a0a51fb228a94d22beb137b25da57 HTTP/1.1
Host: my.signpost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 01:51:57 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 464
Connection: keep-alive
X-Powered-By: Express
Vary: Origin, Accept, Accept-Encoding
Strict-Transport-Security: max-age=31536000
Cache-Control: no-store
Location: https://my.signpost.com/external_link_click?url=https://mpalma.com/&link_target=website&link_source=message&source_type=email&sent_comm_fingerprint=01758538715a0a51fb228a94d22beb137b25da57
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4879
Expires: Mon, 30 Jan 2023 03:13:16 GMT
Date: Mon, 30 Jan 2023 01:51:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5585
Expires: Mon, 30 Jan 2023 03:25:02 GMT
Date: Mon, 30 Jan 2023 01:51:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 01:35:39 GMT
content-type: application/json
age: 978
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12483
Expires: Mon, 30 Jan 2023 05:20:00 GMT
Date: Mon, 30 Jan 2023 01:51:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gYZUGAMxU9pKL+RL3tGS7cfH6QCZMQdRdlhxRESsQycPv0aUavb+54SGh1Mg2kmoREfmE7usfXE=
x-amz-request-id: 04ETNJ1Q4RQ87JPY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 01:50:33 GMT
age: 84
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:57 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 406425deac06b0288a84ffd33767b79b
aa1758f73adaa5bd1fe1d15d5db3236783a4c54e
b22eee0d5f5275c63554efb05d6211ed5191f6179b8a7204fe0541326cc9ba75
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=138444
Date: Mon, 30 Jan 2023 01:51:58 GMT
Etag: "63d69c58-1d7"
Expires: Tue, 31 Jan 2023 16:19:22 GMT
Last-Modified: Sun, 29 Jan 2023 16:18:32 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JkMrnUeRVoL2sRp98OSD6V0wPQ64OklJkLbzKK-D-4pInVC6sjLgwA==
Age: 50
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 01:41:41 GMT
age: 617
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
my.signpost.com/external_link_click?url=https://mpalma.com/&link_target=website&link_source=message&source_type=email&sent_comm_fingerprint=01758538715a0a51fb228a94d22beb137b25da57
302 Found 82 B URL HTTP/2 my.signpost.com/external_link_click?url=https://mpalma.com/&link_target=website&link_source=message&source_type=email&sent_comm_fingerprint=01758538715a0a51fb228a94d22beb137b25da57
IP
File type HTML document, ASCII text, with no line terminators
Hash f7816e3d7c4d5e341d201c7a4a1a7d24
5aef226a414e063205c830e4d3708bbcebbd2b70
5f0530b264966c4a985906cb9fed5f330d14c943da6ab25d81a19aee243897b7
GET /external_link_click?url=https://mpalma.com/&link_target=website&link_source=message&source_type=email&sent_comm_fingerprint=01758538715a0a51fb228a94d22beb137b25da57 HTTP/1.1
Host: my.signpost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 30 Jan 2023 01:51:58 GMT
content-type: text/html; charset=utf-8
content-length: 82
location: https://mpalma.com/
x-powered-by: Express
vary: Origin, Accept, Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: no-store
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5390
Expires: Mon, 30 Jan 2023 03:21:48 GMT
Date: Mon, 30 Jan 2023 01:51:58 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CLDZkpNqibYBLnB1iFLfdA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WVpJUjehV790ZdJGh1kLL8rx6m8=
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 270555
expires: Sat, 20 Jan 2024 01:51:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ap9c2ffq6KWLP2ZGFHce86bxgIQ6U%2Br9WkYxpVmS%2F7k8O1MRwo7K7e%2Fk1mmh%2BxVoqPVC2BREkhVEnQJcLcLk8NlykeefA8iQGExiCr%2FDZPy%2BPicOgbo3JaSTiSOwp%2BQCXxvCuT3o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 791690ca5cb60afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 4f43bce4d132991fedec454aa5579541
ac50300f638e67e9c22c85bd62cad2fb2848f18a
dd4868fbd0fadba88cf8bae1aa864ff31ffd149d5da5b55522975b5d9498cffb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 897
Cache-Control: max-age=124190
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 01:51:59 GMT
Etag: "63d6615c-1d7"
Expires: Tue, 31 Jan 2023 12:21:49 GMT
Last-Modified: Sun, 29 Jan 2023 12:06:52 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 01:51:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 01:51:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-V3BTHVJ929
200 OK 79 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-V3BTHVJ929
IP
File type ASCII text, with very long lines (21849)
Hash b314ccb302339df6b01cd467b95d8537
226348fc7b5a2da46c9bc268dc0c0b456cb5c362
ed3de97089663b4816529267e511a46726008d9cf9da8021fc1ac6632db062ee
GET /gtag/js?id=G-V3BTHVJ929 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 01:51:59 GMT
expires: Mon, 30 Jan 2023 01:51:59 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78877
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b67335a8e235eacf68e4b7f98cc5dc40
887a9b34cf2ba9371bbe8c93e362c174668cf812
1ad2f6328af6d819acd85f4e4646afcafd945e17e555d5eeb54244db83cd48fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 01:51:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 01:51:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?hl=en&ver=6.1.1
200 OK 556 B URL HTTP/2 www.google.com/recaptcha/api.js?hl=en&ver=6.1.1
IP
File type ASCII text, with very long lines (850), with no line terminators
Hash f678bcfbe98b4039961065c12543bfd0
31a000bba532f910d036c24c795ef3636450e4c3
1dabb56e42c7b0a90264a0e7d8884e4111eed0e1b6321cab5f6e26440d63da8d
GET /recaptcha/api.js?hl=en&ver=6.1.1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 30 Jan 2023 01:51:59 GMT
date: Mon, 30 Jan 2023 01:51:59 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-736688956
200 OK 51 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-736688956
IP
File type ASCII text, with very long lines (1759)
Hash 3a7da9ef2ac69ae86680cd910382eeca
e0595b55e8cac99524aaf12fdb47b96cf28a92f5
4e959e2826473a2f402da5fcae4d01321896d2b6567b70a170a1d3182d0e0fe9
GET /gtag/js?id=AW-736688956 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 01:51:59 GMT
expires: Mon, 30 Jan 2023 01:51:59 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50830
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 01:51:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 01:51:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 01:51:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mpalma.com/wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css?ver=2.6.9
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css?ver=2.6.9
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css?ver=2.6.9 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
content-length: 0
last-modified: Thu, 12 Jan 2023 06:36:10 GMT
etag: "63bfaa5a-0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
kit.fontawesome.com/a076d05399.js
403 Forbidden 22 B URL HTTP/2 kit.fontawesome.com/a076d05399.js
IP
File type ASCII text, with no line terminators
Hash fd97e4f669829c0ab67c2203a6840a09
3cf1ecf50b3c929fb32a43896505db3ff9602275
6ee8906b2c990cc0ccd14c16ed0482a5b6dcacf438908ff2d8a98a4c4d5a35e3
GET /a076d05399.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mpalma.com
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/plain; charset=utf-8
content-length: 22
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; preload
x-request-id: Fz7zNMKukTSP8208pNdD
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 791690cacb880b02-OSL
X-Firefox-Spdy: h2
mpalma.com/wp-content/uploads/2022/05/Palmaebook-cover-1280x1657.jpg
200 OK 201 kB URL HTTP/2 mpalma.com/wp-content/uploads/2022/05/Palmaebook-cover-1280x1657.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1280x1657, components 3\012- data
Size 201 kB (200778 bytes)
Hash 6c2928d35f82121e32042787c397e9a1
5bab69dd1df064826cd4f20a3878257f06593953
0f613d19e30a2dfa293cf24eeb819937cfc014bf567798d473d812f51db250e4
GET /wp-content/uploads/2022/05/Palmaebook-cover-1280x1657.jpg HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: image/jpeg
content-length: 200778
last-modified: Thu, 26 May 2022 10:38:07 GMT
etag: "628f588f-3104a"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
mpalma.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.19.4
200 OK 1.7 kB URL HTTP/2 mpalma.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.19.4
IP
File type HTML document, ASCII text
Hash 8d4739aa5dec2da8f5c05787092eef0d
edd48d185ec22b5977ce5b1288b5d22918ff208d
27e8d8f2efda515117f2a66ab809794e26868a2ffd4fb25ef1687d5af59bbbfe
GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.19.4 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 22 Dec 2022 10:43:41 GMT
etag: W/"63a434dd-d15"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 01:51:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 01:51:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mpalma.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 07:08:09 GMT
expires: Sat, 27 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 240230
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mpalma.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 10:20:24 GMT
expires: Sun, 28 Jan 2024 10:20:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
age: 142295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mpalma.com/wp-content/themes/Divi/includes/builder/styles/images/preloader.gif
200 OK 9.4 kB URL HTTP/2 mpalma.com/wp-content/themes/Divi/includes/builder/styles/images/preloader.gif
IP
File type GIF image data, version 89a, 32 x 32\012- data
Hash 9895a027d72a1a9bd7c2e922d0ad273c
350a7c0f6b64e19c61b183afef7ffaca57befa30
27422f830d71474144ea902369ce78d178d1ace4e38a029ba2e359b7b55b4176
GET /wp-content/themes/Divi/includes/builder/styles/images/preloader.gif HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/wp-content/themes/Divi/style-static.min.css?ver=4.19.4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: image/gif
content-length: 9427
last-modified: Thu, 22 Dec 2022 10:43:41 GMT
etag: "63a434dd-24d3"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4225b4acb382cb54f4c9c1870b5a5278
9ebb5f34cb2993feaff6363ad24a888c5c02869e
977e55ca0b5905651db2d50b0fc890e6ed2821d4386f7bccd4f177940b8f5432
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "977E55CA0B5905651DB2D50B0FC890E6ED2821D4386F7BCCD4F177940B8F5432"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2291
Expires: Mon, 30 Jan 2023 02:30:10 GMT
Date: Mon, 30 Jan 2023 01:51:59 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash f420ea1155b60c594ce4724160516c28
36181ff9653743b8f4583e6b3f3ed067f45aeb74
3b852c6ad4b55279dcfb577c70d3f7a9bbe8cd9d5ace266a6fbbaa581dceae35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5864
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 01:51:59 GMT
Last-Modified: Mon, 30 Jan 2023 00:14:16 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 01:51:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
diffuser-cdn.app-us1.com/diffuser/diffuser.js
200 OK 5.6 kB URL HTTP/2 diffuser-cdn.app-us1.com/diffuser/diffuser.js
IP
Hash b2353aedfa8ab61a1e6d867f72e8e913
a3d6aa7f410f62a3003b138f77a9a3f909819a01
bac949fe448573d026e6b30dc7daffbea04e9989e2fe4d3850ec958d4599e590
GET /diffuser/diffuser.js HTTP/1.1
Host: diffuser-cdn.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
cache-control: public, max-age=300
etag: W/"4d482a43613d3966f353ec9d97452e0c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ddf05588239a53ffcc4f78bf3b76aac4.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: sCYVe7QzQN-Z21TJriJfx73OXUWjIpkRFGlKaQ5OGjoofuNYUJz1gA==
cf-cache-status: HIT
age: 160
server: cloudflare
cf-ray: 791690cf7b99b4ee-OSL
X-Firefox-Spdy: h2
mpalma.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
200 OK 92 kB URL HTTP/2 mpalma.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
IP
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, modules \012- data
Hash de27b3e66b2f8017e000aa9d8d24d60e
e6d716de8f35ba6daf55d57e7fe0ed8d8e50f1f7
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/wp-content/themes/Divi/style-static.min.css?ver=4.19.4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/octet-stream
content-length: 92400
last-modified: Thu, 22 Dec 2022 10:43:41 GMT
etag: "63a434dd-168f0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3966
Expires: Mon, 30 Jan 2023 02:58:06 GMT
Date: Mon, 30 Jan 2023 01:52:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3966
Expires: Mon, 30 Jan 2023 02:58:06 GMT
Date: Mon, 30 Jan 2023 01:52:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3966
Expires: Mon, 30 Jan 2023 02:58:06 GMT
Date: Mon, 30 Jan 2023 01:52:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3966
Expires: Mon, 30 Jan 2023 02:58:06 GMT
Date: Mon, 30 Jan 2023 01:52:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3966
Expires: Mon, 30 Jan 2023 02:58:06 GMT
Date: Mon, 30 Jan 2023 01:52:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d200552d23c85c199558b79cc24348f
8cc20b9ce98eeacd5b826268da24955a82e78a01
09b05ae6f75b5141401ddc49014e0eb2eac0856ba3b5020bc85f4a9a64d3d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9700
x-amzn-requestid: 9f944a46-7e39-44c3-a640-3c7e9b778bca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkoEEkJIAMFs0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7cd-4b29196f5bd1b2fb04e6363f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jdh2u-xrCjqq1SKWL7hCTqrlGRjbytuxecJS-cwiXb5FQypGKYbFzg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:35 GMT
age: 14185
etag: "8cc20b9ce98eeacd5b826268da24955a82e78a01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mpalma.com/
200 OK 34 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10028), with CRLF, LF line terminators
Hash a3d3ead3fd4609813e6107eee07a153e
96027563a528cd731492d6d6b4477a6f4805500f
522de84ff0fcd5dd2a477efb72a6161d3f6736291963b1c657e9f647896bae49
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
link: <https://mpalma.com/wp-json/>; rel="https://api.w.org/", <https://mpalma.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json", <https://mpalma.com/>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 19
x-cache-group: normal
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 20:46:17 GMT
age: 18343
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:08 GMT
age: 14332
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UNub7Gd4S0ogn5EJhtJVu8q1qML5_4eL2lIPQXiAuXy_q-XiR4s-5w==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:21 GMT
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
age: 14199
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F281d3bcc-ce90-407c-89ce-33d8423b4048.jpeg
200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F281d3bcc-ce90-407c-89ce-33d8423b4048.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a60c45fc1156fadfbe47afe4e9e282da
e8db47e0aa028a846fd631cf2f2d5a979ee51e08
9a91bd22d5174fc3adbc6b24de6197be4f694bc46e8cc32124212a17a5af3f5a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F281d3bcc-ce90-407c-89ce-33d8423b4048.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5462
x-amzn-requestid: 4ec670d9-7dfd-45a9-93bc-935dfd991c20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkF8HWWIAMFpnA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6f2-3bda5c87690a91851b2de9e6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IktxPIqbHTkANUYO5E64t0-RHGBrPlJt-MhuQoBxKWSxhbz1wzVDEA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:08 GMT
age: 14332
etag: "e8db47e0aa028a846fd631cf2f2d5a979ee51e08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mpalma.com/wp-content/uploads/2021/09/faded-img2.jpg
200 OK 366 kB URL HTTP/2 mpalma.com/wp-content/uploads/2021/09/faded-img2.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2021:09:22 17:07:20], baseline, precision 8, 1894x1177, components 3\012- data
Size 366 kB (365936 bytes)
Hash 3908ba975f0876cac73d1c81133facd7
ec7ffbbe1a10cc72ca22726ec02637b469e1ce9e
2a6984286864dfe901318ad28677b7bc7a21617b61ab363e7ca4958b472604ee
GET /wp-content/uploads/2021/09/faded-img2.jpg HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/wp-content/et-cache/8/et-core-unified-tb-40-tb-48-deferred-8.min.css?ver=1674600312
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: image/jpeg
content-length: 365936
last-modified: Thu, 26 May 2022 10:38:12 GMT
etag: "628f5894-59570"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
mpalma.com/wp-content/uploads/2021/09/testimonial-img.png
200 OK 168 kB URL HTTP/2 mpalma.com/wp-content/uploads/2021/09/testimonial-img.png
IP
File type PNG image data, 372 x 364, 8-bit/color RGBA, non-interlaced\012- data
Size 168 kB (168049 bytes)
Hash c72a95c691384002aa91962a9c124e45
fab3e89a716169d67f30df71c8cf87ea5909d130
101229c271716883812268ac732dc84567348f95c5f7a8ae0106f51b9b64cf9a
GET /wp-content/uploads/2021/09/testimonial-img.png HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: image/png
content-length: 168049
last-modified: Thu, 26 May 2022 10:38:11 GMT
etag: "628f5893-29071"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
mpalma.com/wp-content/uploads/2021/09/palma-logo-1.png
200 OK 18 kB URL HTTP/2 mpalma.com/wp-content/uploads/2021/09/palma-logo-1.png
IP
File type PNG image data, 800 x 343, 8-bit/color RGBA, non-interlaced\012- data
Hash 93f376d488b6b265b485139797f7ded1
f72fe575c952fd2f3749b9e0b4d69397a8ce3619
8ca63728ab90f03b3ab0b113273e94b76670465fd330a94ac80328e4ccbcc23a
GET /wp-content/uploads/2021/09/palma-logo-1.png HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: image/png
content-length: 18129
last-modified: Thu, 26 May 2022 10:38:11 GMT
etag: "628f5893-46d1"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gstatic.com/wcm/loader.js
200 OK 1.3 kB URL HTTP/2 www.gstatic.com/wcm/loader.js
IP
File type ASCII text, with very long lines (1123)
Hash 22300d54ba7faf32360c95915053014c
ea83f097bd99413f9d8fcb08d0312ba7ba1be99f
2c4c9c9d6af1ad12556ab11c8021eb5c254025ce04500bc885b69984dd562ce5
GET /wcm/loader.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1339
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 01:20:45 GMT
expires: Mon, 30 Jan 2023 02:20:45 GMT
cache-control: public, max-age=3600
age: 1875
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 14681339fc16ac120967600c85c37d96
589ed56dc45067e35e26a667ad3d9a12d0f61884
c7a020eb97f372e9325a03c89aa4d97d023f8583ea94af56ae1ffc2363ab8547
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5499
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 01:52:00 GMT
Last-Modified: Mon, 30 Jan 2023 00:20:21 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 01:52:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP
File type ASCII text, with very long lines (771)
Size 164 kB (163774 bytes)
Hash 57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mpalma.com
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 17:09:34 GMT
expires: Tue, 23 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
age: 549746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 14681339fc16ac120967600c85c37d96
589ed56dc45067e35e26a667ad3d9a12d0f61884
c7a020eb97f372e9325a03c89aa4d97d023f8583ea94af56ae1ffc2363ab8547
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5499
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 01:52:00 GMT
Last-Modified: Mon, 30 Jan 2023 00:20:21 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/736688956/?random=1675043530074&cv=11&fst=1675043530074&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmpalma.com%2F&tiba=CPA%20%7C%20Accountant%20%7C%20Tax%20Planning%20%7C%20Bookkeeping%20%7C%20Palma%20Financial&auid=299390527.1675043530&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 911 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/736688956/?random=1675043530074&cv=11&fst=1675043530074&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmpalma.com%2F&tiba=CPA%20%7C%20Accountant%20%7C%20Tax%20Planning%20%7C%20Bookkeeping%20%7C%20Palma%20Financial&auid=299390527.1675043530&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (1971), with no line terminators
Hash fe1b2db5b07917299c36daf7866e2fea
a9f53c9eff297745d1109e352a8e8c7d0eaf1c8d
da91e6bf5995f1731339d24cdeb75ad720bd1038aa1eb9b1a77b445360861b61
GET /pagead/viewthroughconversion/736688956/?random=1675043530074&cv=11&fst=1675043530074&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmpalma.com%2F&tiba=CPA%20%7C%20Accountant%20%7C%20Tax%20Planning%20%7C%20Bookkeeping%20%7C%20Palma%20Financial&auid=299390527.1675043530&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 01:52:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 911
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 30-Jan-2023 02:07:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mpalma.com/wp-content/uploads/2021/09/cropped-palma-logo-1-32x32.png
200 OK 1.1 kB URL HTTP/2 mpalma.com/wp-content/uploads/2021/09/cropped-palma-logo-1-32x32.png
IP
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 71ae724ac36b78f6f55ed562be6702f6
abce919dbe64c86612d903cfa0c06263452d212e
e3f344f05b9f440ce06671a8428a674b7e910068990d49e5e8e1777c65c60917
GET /wp-content/uploads/2021/09/cropped-palma-logo-1-32x32.png HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Cookie: _gcl_au=1.1.299390527.1675043530; _ga_V3BTHVJ929=GS1.1.1675043530.1.0.1675043530.0.0.0; _ga=GA1.1.1699781861.1675043530
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:52:00 GMT
content-type: image/png
content-length: 1088
last-modified: Thu, 26 May 2022 10:38:11 GMT
etag: "628f5893-440"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
mpalma.com/wp-content/uploads/2021/09/cropped-palma-logo-1-192x192.png
200 OK 8.7 kB URL HTTP/2 mpalma.com/wp-content/uploads/2021/09/cropped-palma-logo-1-192x192.png
IP
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash f5b6f5bb061d7cac9430dd32197241b4
70db1bc80a1d979d0bef2b93614fe15dc137f49d
37dcd05b1193e97d5546feef2c2e8276189a0ffeab85e812765cadc47ed2bd26
GET /wp-content/uploads/2021/09/cropped-palma-logo-1-192x192.png HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Cookie: _gcl_au=1.1.299390527.1675043530; _ga_V3BTHVJ929=GS1.1.1675043530.1.0.1675043530.0.0.0; _ga=GA1.1.1699781861.1675043530
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:52:00 GMT
content-type: image/png
content-length: 8676
last-modified: Thu, 26 May 2022 10:38:11 GMT
etag: "628f5893-21e4"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 01:52:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mpalma.com/wp-content/uploads/2021/11/Palma-Homepage-Video.mp4
206 Partial Content 140 kB URL HTTP/2 mpalma.com/wp-content/uploads/2021/11/Palma-Homepage-Video.mp4
IP
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size 140 kB (140516 bytes)
Hash 581b404ecf936b8f52cf381800c7e212
422e6146afc9910399bb288243ec5926436facc7
e36f78f04073b1b3a42f0519193ecc35204d610e36509a3968edaeba0435309d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2021/11/Palma-Homepage-Video.mp4 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://mpalma.com/
Cookie: _gcl_au=1.1.299390527.1675043530; _ga_V3BTHVJ929=GS1.1.1675043530.1.0.1675043530.0.0.0; _ga=GA1.1.1699781861.1675043530
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Mon, 30 Jan 2023 01:52:00 GMT
content-type: video/mp4
content-length: 4621745
last-modified: Thu, 26 May 2022 10:38:09 GMT
etag: "628f5891-4685b1"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
content-range: bytes 0-4621744/4621745
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash c27465c026dec5dc97d446a7bbfbd359
f3be1459cbc1524872d89e3a973f50f5acf98f71
98fa49e814654fd7d16176c9ec1c06c2c574150ef9db2ac9e685443b605109ee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1685
Cache-Control: max-age=133998
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 01:52:00 GMT
Etag: "63d68499-117"
Expires: Tue, 31 Jan 2023 15:05:18 GMT
Last-Modified: Sun, 29 Jan 2023 14:37:13 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 30 Jan 2023 01:46:59 GMT
expires: Mon, 30 Jan 2023 03:46:59 GMT
cache-control: public, max-age=7200
age: 301
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/736688956/?random=1675043530074&cv=11&fst=1675040400000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fmpalma.com%2F&tiba=CPA%20%7C%20Accountant%20%7C%20Tax%20Planning%20%7C%20Bookkeeping%20%7C%20Palma%20Financial&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3705933505&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/736688956/?random=1675043530074&cv=11&fst=1675040400000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fmpalma.com%2F&tiba=CPA%20%7C%20Accountant%20%7C%20Tax%20Planning%20%7C%20Bookkeeping%20%7C%20Palma%20Financial&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3705933505&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/736688956/?random=1675043530074&cv=11&fst=1675040400000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fmpalma.com%2F&tiba=CPA%20%7C%20Accountant%20%7C%20Tax%20Planning%20%7C%20Bookkeeping%20%7C%20Palma%20Financial&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3705933505&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 01:52:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
prism.app-us1.com/?a=26530340&u=https%3A%2F%2Fmpalma.com%2F
200 OK 632 B URL HTTP/2 prism.app-us1.com/?a=26530340&u=https%3A%2F%2Fmpalma.com%2F
IP
Hash e50931f5d59d3f9558de6b3a1bc3ed39
7eccbd2ef3012a930c6026182ebaf79733244cd7
2512ad47182b34dd5470a076d34cec0a66057e0f9272f9fffe7d0532de18b614
GET /?a=26530340&u=https%3A%2F%2Fmpalma.com%2F HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:52:00 GMT
content-type: application/javascript
cache-control: no-cache, private
set-cookie: prism_26530340=b95a0c92-804c-4bcb-a8b8-0880e58de7ec; expires=Wed, 01-Mar-2023 01:52:00 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 46
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 791690d2ec0fb4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
trackcmp.net/t_prism_sitemessages.php?trackid=26530340&prismid=b95a0c92-804c-4bcb-a8b8-0880e58de7ec&url=https%3A%2F%2Fmpalma.com%2F
200 OK 0 B URL HTTP/2 trackcmp.net/t_prism_sitemessages.php?trackid=26530340&prismid=b95a0c92-804c-4bcb-a8b8-0880e58de7ec&url=https%3A%2F%2Fmpalma.com%2F
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t_prism_sitemessages.php?trackid=26530340&prismid=b95a0c92-804c-4bcb-a8b8-0880e58de7ec&url=https%3A%2F%2Fmpalma.com%2F HTTP/1.1
Host: trackcmp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:52:00 GMT
content-type: text/javascript;charset=UTF-8
content-length: 0
cache-control: no-cache, private
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
x-envoy-upstream-service-time: 9
x-powered-by: PHP/8.1.14
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 791690d46c17b51d-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2aeb375d07c6797557862a1e95e25902
8d9a4232f162756acee686c8bc130f96b9800889
80b36ee610a970ba64d36a42cfb9ee93f44c1eea03b7da2257f5a85e68055bf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 01:52:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-V3BTHVJ929>m=2oe1p0&_p=868158130&cid=1699781861.1675043530&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675043530&sct=1&seg=0&dl=https%3A%2F%2Fmpalma.com%2F&dt=CPA%20%7C%20Accountant%20%7C%20Tax%20Planning%20%7C%20Bookkeeping%20%7C%20Palma%20Financial&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-V3BTHVJ929>m=2oe1p0&_p=868158130&cid=1699781861.1675043530&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675043530&sct=1&seg=0&dl=https%3A%2F%2Fmpalma.com%2F&dt=CPA%20%7C%20Accountant%20%7C%20Tax%20Planning%20%7C%20Bookkeeping%20%7C%20Palma%20Financial&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-V3BTHVJ929>m=2oe1p0&_p=868158130&cid=1699781861.1675043530&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675043530&sct=1&seg=0&dl=https%3A%2F%2Fmpalma.com%2F&dt=CPA%20%7C%20Accountant%20%7C%20Tax%20Planning%20%7C%20Bookkeeping%20%7C%20Palma%20Financial&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mpalma.com
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://mpalma.com
date: Mon, 30 Jan 2023 01:52:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion/736688956/wcm?cc=ZZ&dn=8508293733&cl=Jdp2CJu3q6MBELz2o98C&ct_eid=2
302 Found 0 B URL HTTP/2 www.googleadservices.com/pagead/conversion/736688956/wcm?cc=ZZ&dn=8508293733&cl=Jdp2CJu3q6MBELz2o98C&ct_eid=2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/conversion/736688956/wcm?cc=ZZ&dn=8508293733&cl=Jdp2CJu3q6MBELz2o98C&ct_eid=2 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mpalma.com
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://www.google.no/pagead/attribution/wcm?cc=ZZ&dn=8508293733&cl=Jdp2CJu3q6MBELz2o98C
access-control-allow-origin: https://mpalma.com
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 30 Jan 2023 01:52:00 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 273837
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3cdf7a37df5fd660125c11f6c7f44064
929c5ec370ad00ff0508f86174d450407ac680bd
22ffbbc922da324c956478cfd8cb5bcc269831ac5c85e22ef6ecdd69e3512a7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 01:52:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mpalma.com/wp-content/uploads/2022/09/GMT20220823-165619_Recording_1920x1080.mp4?_=1
206 Partial Content 35 kB URL HTTP/2 mpalma.com/wp-content/uploads/2022/09/GMT20220823-165619_Recording_1920x1080.mp4?_=1
IP
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Hash 4aa19f8fce7b31b883c40180feccb0ad
cb51c7472b4ff98e45dcb04d8d5c1f6032a7a4a7
16b07b54d002a9b648499e2130b222a965ccbbdc2d15db656c2ed1ae8bd5511c
GET /wp-content/uploads/2022/09/GMT20220823-165619_Recording_1920x1080.mp4?_=1 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://mpalma.com/
Cookie: _gcl_au=1.1.299390527.1675043530; _ga_V3BTHVJ929=GS1.1.1675043530.1.0.1675043530.0.0.0; _ga=GA1.1.1699781861.1675043530
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Mon, 30 Jan 2023 01:52:00 GMT
content-type: video/mp4
content-length: 231408451
last-modified: Fri, 30 Sep 2022 07:20:29 GMT
etag: "633698bd-dcb0343"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
content-range: bytes 0-231408450/231408451
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=704324777514937&ev=PageView&dl=https%3A%2F%2Fmpalma.com%2F&rl=&if=false&ts=1675043530932&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675043530930.82970016&it=1675043530333&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=704324777514937&ev=PageView&dl=https%3A%2F%2Fmpalma.com%2F&rl=&if=false&ts=1675043530932&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675043530930.82970016&it=1675043530333&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=704324777514937&ev=PageView&dl=https%3A%2F%2Fmpalma.com%2F&rl=&if=false&ts=1675043530932&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675043530930.82970016&it=1675043530333&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Jan 2023 01:52:01 GMT
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js
200 OK 30 kB URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js
IP
File type ASCII text, with very long lines (65472)
Hash 6b7bb377c6299b2e9204e97f451da030
ea063c4dd11a9bcbe1f3089cba81309c71dea079
4830f69659e88a98090e7ce636ea427e6a10a47621e6c1bf32116c8b8cf746fc
GET /_s/v4/app/63b77dcd282/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mpalma.com
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:52:01 GMT
content-type: application/javascript
age: 36
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791690daedc4b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js
200 OK 2.3 kB URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js
IP
File type ASCII text, with very long lines (2306), with no line terminators
Hash 6fb82818cbab7a030622dd64255f5324
94d1997b699d7cbe7f03e43dcef3117d66aca1c4
97b2d3f1c11e78e7671a6201164dbc66303bc8aaa19771a404e68ea0f82d77c2
GET /_s/v4/app/63b77dcd282/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mpalma.com
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:52:01 GMT
content-type: application/javascript
age: 36
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"de21d01e9f8b6cc35ea67267d0ba80ec"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791690daedcdb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/css/bubble-widget.css
200 OK 59 kB URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/css/bubble-widget.css
IP
File type ASCII text, with very long lines (13521), with no line terminators
Hash 718c9dddcf7ae916c87bb083bcf383bf
840c6b2b6bb82ed5a60bc321d019f1dd3bf7c7f1
0177d646317c74d9181df10f8965fee347621edcbcbc3be12e3f10f5cc0a35c3
GET /_s/v4/app/63b77dcd282/css/bubble-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:52:02 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=13594
access-control-allow-origin: *
age: 1700830
etag: W/"ce7913b80c763449b3895d46419f7a6b"
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791690dfafc0b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
va.tawk.to/v1/session/start
200 OK 3.1 kB URL HTTP/2 va.tawk.to/v1/session/start
IP
File type JSON data\012- , ASCII text, with very long lines (1047), with no line terminators
Hash b4bf396b7cd153fe3e5195bb0a79c650
6116a4c7adea935727b216f7594e03dab6c121d1
c96045925c448cd7fb548c452f3b265ee9f92d078ce6cf46130eef2971b078cf
POST /v1/session/start HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mpalma.com/
Content-Type: application/json; charset=utf-8
Origin: https://mpalma.com
Content-Length: 172
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:52:02 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-crtz
access-control-allow-origin: https://mpalma.com
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791690dcfe92b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mpalma.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
200 OK 0 B URL HTTP/2 mpalma.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 16 Nov 2022 08:24:04 GMT
etag: W/"63749e24-459f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.4
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.4
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.4 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 22 Dec 2022 10:43:41 GMT
etag: W/"63a434dd-53f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js
200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js
IP
GET /_s/v4/app/63b77dcd282/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mpalma.com
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:52:01 GMT
content-type: application/javascript
age: 36
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791690daedc3b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mpalma.com/wp-content/et-cache/8/et-core-unified-tb-40-tb-48-deferred-8.min.css?ver=1674600312
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/et-cache/8/et-core-unified-tb-40-tb-48-deferred-8.min.css?ver=1674600312
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/et-cache/8/et-core-unified-tb-40-tb-48-deferred-8.min.css?ver=1674600312 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 24 Jan 2023 22:45:12 GMT
etag: W/"63d05f78-3930"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/plugins/genesis-blocks/dist/assets/js/dismiss.js?ver=1666034849
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/plugins/genesis-blocks/dist/assets/js/dismiss.js?ver=1666034849
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/genesis-blocks/dist/assets/js/dismiss.js?ver=1666034849 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 17 Oct 2022 19:27:29 GMT
etag: W/"634daca1-39b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1
200 OK 0 B URL HTTP/2 mpalma.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"625095f6-4a7"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
200 OK 0 B URL HTTP/2 mpalma.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 16 Nov 2022 08:24:04 GMT
etag: W/"63749e24-27f6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.6.9
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.6.9
IP
GET /wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.6.9 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 12 Jan 2023 06:36:10 GMT
etag: W/"63bfaa5a-f14"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 0 B URL HTTP/2 mpalma.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: W/"5fb4e3fe-2bd8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
200 OK 0 B URL HTTP/2 mpalma.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 16 Nov 2022 08:24:04 GMT
etag: W/"63749e24-26935"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
200 OK 0 B URL HTTP/2 mpalma.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-194b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css?ver=2.6.9
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css?ver=2.6.9
IP
GET /wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css?ver=2.6.9 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 12 Jan 2023 06:36:10 GMT
etag: W/"63bfaa5a-6d9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/themes/Divi/style-static.min.css?ver=4.19.4
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/themes/Divi/style-static.min.css?ver=4.19.4
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/style-static.min.css?ver=4.19.4 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 22 Dec 2022 10:43:41 GMT
etag: W/"63a434dd-c9550"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
va.tawk.to/log-performance/v3
200 OK 0 B URL HTTP/2 va.tawk.to/log-performance/v3
IP
OPTIONS /log-performance/v3 HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://mpalma.com/
Origin: https://mpalma.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:52:03 GMT
x-served-by: visitor-application-preemptive-c883
access-control-allow-origin: https://mpalma.com
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791690e2f919b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mpalma.com/wp-content/plugins/genesis-blocks/dist/style-blocks.build.css?ver=1666034849
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/plugins/genesis-blocks/dist/style-blocks.build.css?ver=1666034849
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/genesis-blocks/dist/style-blocks.build.css?ver=1666034849 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 17 Oct 2022 19:27:29 GMT
etag: W/"634daca1-b1a9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/uploads/pum/pum-site-styles.css?generated=1670181251&ver=1.17.1
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/uploads/pum/pum-site-styles.css?generated=1670181251&ver=1.17.1
IP
GET /wp-content/uploads/pum/pum-site-styles.css?generated=1670181251&ver=1.17.1 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 04 Dec 2022 19:14:11 GMT
etag: W/"638cf183-4600"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js
200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js
IP
GET /_s/v4/app/63b77dcd282/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mpalma.com
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:52:01 GMT
content-type: application/javascript
age: 36
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"385105148a50079bafff97e9c9476109"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791690daedcab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mpalma.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1
200 OK 0 B URL HTTP/2 mpalma.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 20 Jan 2021 13:35:18 GMT
etag: W/"60083196-38a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.19.4
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.19.4
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.19.4 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 22 Dec 2022 10:43:41 GMT
etag: W/"63a434dd-42f69"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-4fe9d5dd.js
200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-4fe9d5dd.js
IP
GET /_s/v4/app/63b77dcd282/js/twk-chunk-4fe9d5dd.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:52:02 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"5f434bdd806571a4e1b385bee9316ff6"
age: 1700831
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791690df0f5fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mpalma.com/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.6.9
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.6.9
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.6.9 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 12 Jan 2023 06:36:10 GMT
etag: W/"63bfaa5a-726e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/plugins/gravityforms/assets/css/dist/theme.min.css?ver=2.6.9
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/plugins/gravityforms/assets/css/dist/theme.min.css?ver=2.6.9
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/assets/css/dist/theme.min.css?ver=2.6.9 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 12 Jan 2023 06:36:10 GMT
etag: W/"63bfaa5a-777e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2d0b9454.js
200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2d0b9454.js
IP
GET /_s/v4/app/63b77dcd282/js/twk-chunk-2d0b9454.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:52:02 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"09c3819d373bd4178a620d721429fada"
age: 1700830
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791690df0f60b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mpalma.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
200 OK 0 B URL HTTP/2 mpalma.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
IP
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
etag: W/"5cfaccce-105a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.17
200 OK 0 B URL HTTP/2 mpalma.com/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.17
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.17 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
etag: W/"5f735862-1940"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f1596d96.js
200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f1596d96.js
IP
GET /_s/v4/app/63b77dcd282/js/twk-chunk-f1596d96.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:52:02 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"058710526a0979b9e77a4babe9adfcd7"
age: 1700831
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791690df0f5bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mpalma.com/wp-content/plugins/tablepress/css/build/default.css?ver=2.0.4
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/plugins/tablepress/css/build/default.css?ver=2.0.4
IP
GET /wp-content/plugins/tablepress/css/build/default.css?ver=2.0.4 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 19 Jan 2023 20:13:15 GMT
etag: W/"63c9a45b-17b4"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/plugins/gravityforms/assets/css/dist/basic.min.css?ver=2.6.9
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/plugins/gravityforms/assets/css/dist/basic.min.css?ver=2.6.9
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/assets/css/dist/basic.min.css?ver=2.6.9 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 12 Jan 2023 06:36:10 GMT
etag: W/"63bfaa5a-b83f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/uploads/2021/11/Palma-Homepage-Video.mp4
206 Partial Content 0 B URL HTTP/2 mpalma.com/wp-content/uploads/2021/11/Palma-Homepage-Video.mp4
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2021/11/Palma-Homepage-Video.mp4 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: video/mp4
content-length: 4621745
last-modified: Thu, 26 May 2022 10:38:09 GMT
etag: "628f5891-4685b1"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
content-range: bytes 0-4621744/4621745
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 0 B URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: V/14P+aPEwEJy+bW+H+cE4dJ/V+1DGlRDKhlGAHCO9nbR5VeryghGMNBsJY0c7vdFhv4SwWlJkSpkQrTl5DKdA==
content-length: 27815
x-fb-trip-id: 1679558926
date: Mon, 30 Jan 2023 01:52:00 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic&subset=latin,latin-ext&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic&subset=latin,latin-ext&display=swap
IP
GET /css?family=Montserrat:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic&subset=latin,latin-ext&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 01:51:59 GMT
date: Mon, 30 Jan 2023 01:51:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mpalma.com/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1670181251&ver=1.17.1
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1670181251&ver=1.17.1
IP
GET /wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1670181251&ver=1.17.1 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 04 Dec 2022 19:14:11 GMT
etag: W/"638cf183-110dc"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.6.9
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.6.9
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.6.9 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 12 Jan 2023 06:36:10 GMT
etag: W/"63bfaa5a-121f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/et-cache/8/et-core-unified-tb-40-tb-48-8.min.css?ver=1674600312
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/et-cache/8/et-core-unified-tb-40-tb-48-8.min.css?ver=1674600312
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/et-cache/8/et-core-unified-tb-40-tb-48-8.min.css?ver=1674600312 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 24 Jan 2023 22:45:12 GMT
etag: W/"63d05f78-b52"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/et-cache/8/et-core-unified-8.min.css?ver=1674600312
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/et-cache/8/et-core-unified-8.min.css?ver=1674600312
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/et-cache/8/et-core-unified-8.min.css?ver=1674600312 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 24 Jan 2023 22:45:12 GMT
etag: W/"63d05f78-3ff0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/slick.css?ver=3.2.2
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/slick.css?ver=3.2.2
IP
GET /wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/slick.css?ver=3.2.2 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 09 Dec 2022 21:15:39 GMT
etag: W/"6393a57b-591"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
200 OK 0 B URL HTTP/2 mpalma.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
IP
GET /wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-1f2"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.19.4
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.19.4
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.19.4 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 22 Dec 2022 10:43:41 GMT
etag: W/"63a434dd-2466"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/plugins/gravityforms/includes/addon/css/gaddon_settings.min.css?ver=2.6.9
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/plugins/gravityforms/includes/addon/css/gaddon_settings.min.css?ver=2.6.9
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/includes/addon/css/gaddon_settings.min.css?ver=2.6.9 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 12 Jan 2023 06:36:10 GMT
etag: W/"63bfaa5a-15dd"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.9
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.9
IP
GET /wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.9 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 12 Jan 2023 06:36:10 GMT
etag: W/"63bfaa5a-ad4d"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/63cb265547425128790ed591/1gn8orffa
200 OK 0 B URL HTTP/2 embed.tawk.to/63cb265547425128790ed591/1gn8orffa
IP
GET /63cb265547425128790ed591/1gn8orffa HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mpalma.com
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-63b77dcd282"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 59
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791690cf78c7b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f163fcd0.js
200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f163fcd0.js
IP
GET /_s/v4/app/63b77dcd282/js/twk-chunk-f163fcd0.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:52:02 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"a92075fd9ac5ba130387a80453676099"
age: 1700831
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791690df0f62b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-32507910.js
200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-32507910.js
IP
GET /_s/v4/app/63b77dcd282/js/twk-chunk-32507910.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:52:02 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"b931365947ecaea657544f82994716af"
age: 938843
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791690df0f64b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:100
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:100
IP
GET /css?family=Montserrat:100 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 01:51:59 GMT
date: Mon, 30 Jan 2023 01:51:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mpalma.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
200 OK 0 B URL HTTP/2 mpalma.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-132e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/plugins/gravityforms/js/jquery.maskedinput.min.js?ver=2.6.9
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/plugins/gravityforms/js/jquery.maskedinput.min.js?ver=2.6.9
IP
GET /wp-content/plugins/gravityforms/js/jquery.maskedinput.min.js?ver=2.6.9 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 12 Jan 2023 06:36:10 GMT
etag: W/"63bfaa5a-104c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.6.9
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.6.9
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.6.9 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 12 Jan 2023 06:36:10 GMT
etag: W/"63bfaa5a-2015"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js
200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js
IP
GET /_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mpalma.com
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:52:01 GMT
content-type: application/javascript
age: 36
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"70dac54eca3bb2143032bc4db3237623"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791690daedc9b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-48f46bef.js
200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-48f46bef.js
IP
GET /_s/v4/app/63b77dcd282/js/twk-chunk-48f46bef.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:52:02 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"d9f3d1c4504d77c3e7c2e3e2f126fd9b"
age: 1700830
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791690df0f5eb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mpalma.com/wp-content/plugins/cool-timeline/includes/cool-timeline-block/dist/blocks.style.build.css
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/plugins/cool-timeline/includes/cool-timeline-block/dist/blocks.style.build.css
IP
GET /wp-content/plugins/cool-timeline/includes/cool-timeline-block/dist/blocks.style.build.css HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 11 Jan 2023 21:50:58 GMT
etag: W/"63bf2f42-690f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/wpls-public.css?ver=3.2.2
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/wpls-public.css?ver=3.2.2
IP
GET /wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/wpls-public.css?ver=3.2.2 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 09 Dec 2022 21:15:39 GMT
etag: W/"6393a57b-e4b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
200 OK 0 B URL HTTP/2 mpalma.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 16 Nov 2022 08:24:04 GMT
etag: W/"63749e24-53c0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/themes/Divi_Child/style.css?ver=4.19.4
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/themes/Divi_Child/style.css?ver=4.19.4
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi_Child/style.css?ver=4.19.4 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 26 May 2022 10:38:12 GMT
etag: W/"628f5894-1366"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/languages/en.js
200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/languages/en.js
IP
GET /_s/v4/app/63b77dcd282/languages/en.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:52:01 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"585ba00b2c167b90c210161454f843b5"
age: 1700830
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791690dc0e40b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-696bc286.js
200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-696bc286.js
IP
GET /_s/v4/app/63b77dcd282/js/twk-chunk-696bc286.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:52:02 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"2aa8e4d8fcf9760a324a8b2e7902f6ca"
age: 1700830
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791690deff59b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js
200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js
IP
GET /_s/v4/app/63b77dcd282/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mpalma.com
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 01:52:01 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
age: 36
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791690dafdceb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mpalma.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
200 OK 0 B URL HTTP/2 mpalma.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 16 Nov 2022 08:24:04 GMT
etag: W/"63749e24-15e54"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.9
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.9
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.9 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 12 Jan 2023 06:36:10 GMT
etag: W/"63bfaa5a-72c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
200 OK 0 B URL HTTP/2 mpalma.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
etag: W/"5f735862-2bf8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.6.9
200 OK 0 B URL HTTP/2 mpalma.com/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.6.9
IP
GET /wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.6.9 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 12 Jan 2023 06:36:10 GMT
etag: W/"63bfaa5a-12fe5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
mpalma.com/wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664
200 OK 0 B URL HTTP/2 mpalma.com/wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664 HTTP/1.1
Host: mpalma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mpalma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 01:51:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-9cc"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
44.209.189.217
104.17.145.91
23.36.76.226
157.240.205.35
93.184.220.29
188.114.98.234