Report - stpaulfirefoundation.org/vnm/vb/login.php

Report Overview

Submitted URL
stpaulfirefoundation.org/vnm/vb/login.php
IP
198.71.190.156
ASN
#398101 GO-DADDY-COM-LLC
Submitted
2022-09-25 01:46:10
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img1.wsimg.com	9893	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	888 B	23.36.79.16
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	4.9 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	70 kB	34.120.237.76
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	760 B	22 kB	142.250.74.174
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	518 B	746 B	216.58.211.10
stpaulfirefoundation.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	2.1 MB	198.71.190.156
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	2.3 kB	192.124.249.24
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.43.46.140
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	46 kB	142.250.74.163
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	23.36.77.32
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
events.api.secureserver.net	125179	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	948 B	104.84.152.186
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
img6.wsimg.com	15438	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	819 B	20 kB	23.36.79.16
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	43 kB	172.217.21.168

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-25	medium	stpaulfirefoundation.org/vnm/vb/login.php	Phishing
2022-09-25	medium	stpaulfirefoundation.org/vnm/vb/login.php	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	stpaulfirefoundation.org/	2.2 kB	2023-03-08	2023-03-08
Pretty URL stpaulfirefoundation.org/ IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:46:56 Last Seen2023-03-08 01:52:59 Times Seen1 Hash bd977b7e9b5c4769f79b73453dfbb156 3fec97844cfae3d2f7fc7e32dd2de5a016bb8188 5956ebc38714aa5399f56396f2a920116320f0d0856041e7915a25f289f1394d Loading...

	stpaulfirefoundation.org/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10	6.2 kB	2023-03-07	2024-04-18
Pretty URL stpaulfirefoundation.org/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10 IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-18 15:46:17 Times Seen824 Hash b739d72c47c93702aef206eb58857289 fdc2a712672c64f317df41073aec28d7b01a5e6e dcbe862273a5d7cb61ffaa1eda7e0a1ecb466ca5e08a592fae3e6d1824960293 Loading...

	stpaulfirefoundation.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-19
Pretty URL stpaulfirefoundation.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 10:16:10 Times Seen31744 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	stpaulfirefoundation.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2	19 kB	2023-03-07	2024-04-19
Pretty URL stpaulfirefoundation.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-19 12:23:33 Times Seen37994 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	stpaulfirefoundation.org/	379 B	2023-03-08	2023-03-26
Pretty URL stpaulfirefoundation.org/ IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:46:56 Last Seen2023-03-26 11:32:20 Times Seen2 Hash dc836f2f77b2dac527368174f8a06945 a98d942b1594235639bbce08fb916f3787a99538 eb1c4f1dc143f360fd7418a7de5ca3894e0872795d12934b87523873ad18ae83 Loading...

	stpaulfirefoundation.org/	215 B	2023-03-07	2024-04-19
Pretty URL stpaulfirefoundation.org/ IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-19 01:58:19 Times Seen2227 Hash 1bb7b821b587959d4c0cc406c49077ff 2cb4827d5cd5a05729418b369019b9c1eb0798ed 1f93a5f6091369b8b6cdb7be01a6c7044ec8c3af0eeac05a5f0dfb3aea2a3e31 Loading...

	stpaulfirefoundation.org/	727 B	2023-03-08	2023-03-26
Pretty URL stpaulfirefoundation.org/ IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:46:56 Last Seen2023-03-26 11:32:20 Times Seen2 Hash 688060ee85d81ff9dec46299301ab3f8 71e82aa0dc61edfb62060b6a73d874b45e44b9ae d27bed01ff59d22e3f730ecf21d130bc14a405ca001f9316044bbdbf2db033ac Loading...

	stpaulfirefoundation.org/	5.6 kB	2023-03-08	2023-03-26
Pretty URL stpaulfirefoundation.org/ IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:46:56 Last Seen2023-03-26 11:32:20 Times Seen2 Hash de294c61ee512000e7493c1711979cde f09bfade5231e48f1b0896b365747647e1d599fc 49d6d6a7179b624463a7d9e1e39ef8d0f902e903df553bdf3ef8626bcb285624 Loading...

	stpaulfirefoundation.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-19
Pretty URL stpaulfirefoundation.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 13:36:01 Times Seen68495 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	stpaulfirefoundation.org/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.13.1	16 kB	2023-03-07	2024-04-18
Pretty URL stpaulfirefoundation.org/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.13.1 IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-18 15:46:48 Times Seen1174 Hash 78f792b41dfe4097675e09e805529455 57cc1e04e0235d54bc197945b9d0f167d9454244 ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143 Loading...

	stpaulfirefoundation.org/	509 B	2023-03-08	2023-03-08
Pretty URL stpaulfirefoundation.org/ IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:46:56 Last Seen2023-03-08 00:46:56 Times Seen1 Hash c9f7091215cf01cbbc7e0a69348b6cd1 63318ad17ae79d5c97d2e35b2ed9c711d4eb290c 270429ffefb9109af1a01f74568bdb646d7387116108f261f033a90b4b27640f Loading...

	www.googletagmanager.com/gtag/js?id=UA-153487811-14	109 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-153487811-14 IP 172.217.21.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:46:56 Last Seen2023-03-08 00:46:56 Times Seen1 Hash e69766767543b9183214d1396db33f98 707e788d7df795de56ba4d470a38226d11f77cbe 1ab0967f2a389f3be6219e56c5cda5d760dc05f746e16f7ce753f2d4a4fcc112 Loading...

	img1.wsimg.com/traffic-assets/js/tccl-tti.min.js	25 kB	2023-03-07	2024-02-02
Pretty URL img1.wsimg.com/traffic-assets/js/tccl-tti.min.js IP 23.36.79.16 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:41 Last Seen2024-02-02 18:24:37 Times Seen8238 Hash ce554d2333f3801abafb32da18213ff7 ef2b32494849244d9b9d8c23178e082cec9eab7f 6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312 Loading...

	stpaulfirefoundation.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.8.2	12 kB	2023-03-07	2024-04-18
Pretty URL stpaulfirefoundation.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.8.2 IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:48 Last Seen2024-04-18 02:50:18 Times Seen5597 Hash a76f61318af036823b08d73536486be6 31ff9b215dcef9151b9f4fc50ea91a9df1962102 abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e Loading...

	stpaulfirefoundation.org/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.13.1	160 kB	2023-03-07	2024-03-21
Pretty URL stpaulfirefoundation.org/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.13.1 IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:31 Last Seen2024-03-21 14:43:11 Times Seen107 Hash 9da4dc3cac95cbcfdcea35bc1f9b916e ab1be13f2b56bd6c3960543e6d79eddc456e13f7 4c2679ba71cd1e1cde5921cc43c8ffbaa524a86a907dd46c08e3b2d394511c49 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	www.google-analytics.com/plugins/ua/linkid.js	1.6 kB	2023-03-07	2024-04-15
Pretty URL www.google-analytics.com/plugins/ua/linkid.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-15 19:01:06 Times Seen1974 Hash 0cc3a63fe10060af4a349e5df666eefe 3e8d3925b550345123f2cab26568221fd4154f9c 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Loading...

	stpaulfirefoundation.org/	102 B	2023-03-07	2024-04-19
Pretty URL stpaulfirefoundation.org/ IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-19 11:02:50 Times Seen6714 Hash 336b4b067dcb50351d5e2d7c92cf1631 9709109f27eaad0c5a1e50facc142f8f197a11b6 ef2f7f28db32250196ae2c8242611a7f7159c2a539dabd40b82071b1c07561c6 Loading...

	stpaulfirefoundation.org/	369 B	2023-03-07	2024-04-18
Pretty URL stpaulfirefoundation.org/ IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-18 15:46:15 Times Seen695 Hash 199d3f2d880a45cb76f4d355f5edf5ed e7a478ac7c81b36e22894fd2be69085c6dba81d8 38db327084e1b800d3f263fe22995a999545eb07b01fa350bc2453f940fa8795 Loading...

	stpaulfirefoundation.org/wp-includes/js/hoverIntent.min.js?ver=1.10.2	1.5 kB	2023-03-07	2024-04-19
Pretty URL stpaulfirefoundation.org/wp-includes/js/hoverIntent.min.js?ver=1.10.2 IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:10 Last Seen2024-04-19 11:30:25 Times Seen27360 Hash 8c0498e2f1f7a684a8d2a3feb934b64b 76099689ccaee466d4608da621c403b368dcae03 ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40 Loading...

	stpaulfirefoundation.org/	589 B	2023-03-07	2024-04-18
Pretty URL stpaulfirefoundation.org/ IP 198.71.190.156 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:41 Last Seen2024-04-18 13:38:36 Times Seen339 Hash 3a9846d5452eae5ba3ea77211d93d43e 0865571280ff437d40eacc8b0a2beeefdaaa4db9 107b854fc832809a763ca32c4e379f3da6a9a96fce0152e377972bc5905cb70c Loading...

	img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js	46 kB	2023-03-07	2023-10-15
Pretty URL img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js IP 23.36.79.16 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:41 Last Seen2023-10-15 17:43:59 Times Seen9 Hash 362d20193a8fed115f99b16a157b7fc4 011964518b319a5aa479bf5c38bb8e15dd56138e 6cb0efedc1729d965016a35584cb00b03aa46e1a5e170f4b3ce092c7c3e99ec7 Loading...

HTTP Transactions (66)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 01:14:42 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DBpeqQ8rhbPI2ijbyNkTshf9N6zYzYEKYazvIsJrb3Aj5dxNb2ATYQ==
Age: 1877

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6168
Expires: Sun, 25 Sep 2022 03:28:47 GMT
Date: Sun, 25 Sep 2022 01:45:59 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bVn_7nY-A8qg9f2B6M7bd0NW05g0YSL--OIvV7U3sOsUfRrhOC0Uuw==
age: 76245
X-Firefox-Spdy: h2

stpaulfirefoundation.org/vnm/vb/login.php

198.71.190.156

301 Moved Permanently

212 B

URL HTTP/1.1
stpaulfirefoundation.org/vnm/vb/login.php
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
212 B (212 bytes)
Hash
b79890f627e67a03e47c4fc78964ed14
c6b9c4d77e80dc4f0711e6576d29f3eb6d4845e9
2108677fba247a71a96f97fc361621f77edb91f61c8f5d442cf3ec68a33e2fa7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /vnm/vb/login.php HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Age: 9181
Content-Encoding: gzip
Content-Length: 212
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 24 Sep 2022 23:12:57 GMT
Location: https://stpaulfirefoundation.org/vnm/vb/login.php
Vary: User-Agent, Accept-Encoding
X-Backend: local
X-Cache: cached
X-Cache-Hit: HIT
X-Cacheable: YES:Forced
X-Cacheproxy-Retries: 0/2
X-Content-Type-Options: nosniff
X-Php-Version: 7.4
X-Xss-Protection: 1; mode=block

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 01:45:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 25 Sep 2022 01:04:17 GMT
Expires: Sun, 25 Sep 2022 01:04:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -0315mk6iQTYUNe6xOYN0QFyNLoDSC2Ti48cFWmW7zOKqf9TIKrWTA==
Age: 2502

ocsp.godaddy.com/

192.124.249.24

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
5d84a37dce645dc76480fcac4f7e4dda
023fdb98a5878e85e576f21fa29d6aee9b0fad7b
a1090ef46ea2a9682f838d0b7039f3065a230e314a968e8245c85f565769ec9e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 25 Sep 2022 01:45:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 24 Sep 2022 23:55:19 GMT
Expires: Sun, 25 Sep 2022 23:55:19 GMT
ETag: "023fdb98a5878e85e576f21fa29d6aee9b0fad7b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5033
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 01:45:59 GMT
Last-Modified: Sun, 25 Sep 2022 00:22:06 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

stpaulfirefoundation.org/vnm/vb/login.php

198.71.190.156

301 Moved Permanently

0 B

URL HTTP/2
stpaulfirefoundation.org/vnm/vb/login.php
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /vnm/vb/login.php HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
server: openresty
date: Sun, 25 Sep 2022 01:45:59 GMT
content-type: text/html; charset=UTF-8
content-length: 0
age: 30734
cache-control: no-cache, must-revalidate, max-age=0
content-security-policy: upgrade-insecure-requests
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://stpaulfirefoundation.org
strict-transport-security: max-age=300
vary: User-Agent
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,0,24
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/

198.71.190.156

200 OK

22 kB

URL HTTP/2
stpaulfirefoundation.org/
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size
22 kB (22054 bytes)
Hash
88dc31b1adcb7feb51b610d8c1d37322
a47d8925f201e1c0bb7bf5d15366f6425328ed20
66d731599fcbceabb67616ffbe70ea5989c4741caa98766e609afc2d84867b90

HTTP Headers

GET / HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:45:59 GMT
content-type: text/html; charset=UTF-8
content-length: 22054
accept-ranges: bytes
age: 31967
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=300
vary: Accept-Encoding, User-Agent
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,0,24
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.43.46.140

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.43.46.140:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5rfype1hyuVQkD1Dqw0dNg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TG5J4kIQAxAYxMmMKezKCUVvQe0=

img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js

23.36.79.16

302 Found

0 B

URL HTTP/2
img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tcc/tcc_l.combined.1.0.6.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-length: 0
location: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
cache-control: max-age=1800
expires: Sun, 25 Sep 2022 02:16:00 GMT
date: Sun, 25 Sep 2022 01:46:00 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

img1.wsimg.com/traffic-assets/js/tccl-tti.min.js

23.36.79.16

302 Found

0 B

URL HTTP/2
img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /traffic-assets/js/tccl-tti.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-length: 0
location: https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
cache-control: max-age=1800
expires: Sun, 25 Sep 2022 02:16:00 GMT
date: Sun, 25 Sep 2022 01:46:00 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 01:46:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img1.wsimg.com/traffic-assets/js/tccl.min.js

23.36.79.16

302 Found

0 B

URL HTTP/2
img1.wsimg.com/traffic-assets/js/tccl.min.js
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /traffic-assets/js/tccl.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://stpaulfirefoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
content-length: 0
location: https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
cache-control: max-age=1800
expires: Sun, 25 Sep 2022 02:16:00 GMT
date: Sun, 25 Sep 2022 01:46:00 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 01:46:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js

23.36.79.16

200 OK

11 kB

URL HTTP/2
img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (45500)
Size
11 kB (11155 bytes)
Hash
1ac00b5d5abfa64175a140de3f29a8e2
c07c5611cfff3ec4c7034134e4148f177242908c
65198366099c4eea2ed8a4dbe30fbb7896435a3505c5265260715d3385058378

HTTP Headers

GET /wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://stpaulfirefoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "362d20193a8fed115f99b16a157b7fc4"
last-modified: Mon, 11 Apr 2022 14:15:53 GMT
vary: Accept-Encoding
x-amz-id-2: 73c+ZpWNgBh9xtilh6Nj22iH/BmUfkHwAgj9PgWHmvdTmSCUhi96da6Ell5SKHaif06RANK80zY=
x-amz-request-id: N5JSXGJTVEFZM8E9
x-amz-server-side-encryption: AES256
x-amz-version-id: Z0H0F1CdjRUI_nRMydHHi17Rv0HOw5tB
content-length: 11155
x-edgeconnect-midmile-rtt: 15, 15
x-edgeconnect-origin-mex-latency: 135, 135
x-edgeconnect-cache-status: 1
cache-control: max-age=31536000
date: Sun, 25 Sep 2022 01:46:00 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

23.36.79.16

200 OK

7.5 kB

URL HTTP/2
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (24676)
Size
7.5 kB (7498 bytes)
Hash
b8a5a228a358454084c34dd1cf431c61
37aa5fe6e083b8147156ca66a1993a7bd74e8a61
06fae5ccf58a27a8e2ae6a0e7722f42db507c1873751f587cddd090810d94492

HTTP Headers

GET /wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://stpaulfirefoundation.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "ce554d2333f3801abafb32da18213ff7"
last-modified: Mon, 17 Jan 2022 17:21:37 GMT
vary: Accept-Encoding
x-edgeconnect-midmile-rtt: 8
x-edgeconnect-origin-mex-latency: 357
x-amz-id-2: nldPfdb2FYbpxPRfMYRSd83AOL7ZmlBdZQSm5hguJELKdfn8+sza0oLEpTYjiKd2JeD3gDplFHw=
x-amz-request-id: RJ3J3PMANG6125DE
x-amz-server-side-encryption: AES256
x-amz-version-id: F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-length: 7498
x-edgeconnect-cache-status: 1
cache-control: max-age=31536000
date: Sun, 25 Sep 2022 01:46:00 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-153487811-14

172.217.21.168

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-153487811-14
IP
172.217.21.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1720)
Size
42 kB (42239 bytes)
Hash
8075b0482f56ebc4665d6812c5f9adbc
37c4770f997fa3440e4cd08b4d0306908b86b1eb
9c40d9845ad69eabe4544f1fad4edb6600e4d614ef44990eac6cd143270818d0

HTTP Headers

GET /gtag/js?id=UA-153487811-14 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 25 Sep 2022 01:46:00 GMT
expires: Sun, 25 Sep 2022 01:46:00 GMT
cache-control: private, max-age=900
last-modified: Sun, 25 Sep 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42239
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2

198.71.190.156

200 OK

12 kB

URL HTTP/2
stpaulfirefoundation.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (43771)
Size
12 kB (11681 bytes)
Hash
e5548800176e913a9084f47a3e1e04f6
eff4604acc5c26ae82a19188de2f98bf5b79d80c
a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:00 GMT
content-type: text/css
content-length: 11681
accept-ranges: bytes
age: 25141
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "15b64-5e90562bcb421-gzip"
last-modified: Mon, 19 Sep 2022 10:43:44 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.8.10

198.71.190.156

200 OK

564 B

URL HTTP/2
stpaulfirefoundation.org/wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.8.10
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (1682), with no line terminators
Size
564 B (564 bytes)
Hash
6205092ad27790a14eed0ea9cf67d3d9
60940a311152a9f199bfba9a30b3aa2a96adb574
faafc2df9989625a6a3a1af4a3f31eef0f33f5c496e43278e14ea30a08403ac7

HTTP Headers

GET /wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.8.10 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:00 GMT
content-type: text/css
content-length: 564
accept-ranges: bytes
age: 25141
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "692-5e8cd5d744b62-gzip"
last-modified: Fri, 16 Sep 2022 15:53:37 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/themes/flatsome-child/style.css?ver=3.0

198.71.190.156

200 OK

211 B

URL HTTP/2
stpaulfirefoundation.org/wp-content/themes/flatsome-child/style.css?ver=3.0
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text
Size
211 B (211 bytes)
Hash
cf04568241f593ca0756d8cc3eca79a1
d4a11a9168b686e936267bbb2a13a20d78768832
5d00bfafd7eaf2282efb87bf13ec66f5840cfd9bf968a331d3bb3d31e73673b7

HTTP Headers

GET /wp-content/themes/flatsome-child/style.css?ver=3.0 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:00 GMT
content-type: text/css
content-length: 211
accept-ranges: bytes
age: 25141
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "12f-5a40ae8f8a27c-gzip"
last-modified: Fri, 24 Apr 2020 15:20:48 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12

198.71.190.156

200 OK

161 B

URL HTTP/2
stpaulfirefoundation.org/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (327)
Size
161 B (161 bytes)
Hash
b99e67fe7419c667a1d0236a1823a1f6
6e8bf1cbcac35ea75637be52099b2de73dba7c7d
38be94774abf0e8cfe78738ff13d9c6323f92fc4df3acbb6423a8d44f64a66b7

HTTP Headers

GET /wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:00 GMT
content-type: text/css
content-length: 161
accept-ranges: bytes
age: 25141
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "148-5b6ad540897c0-gzip"
last-modified: Thu, 17 Dec 2020 18:40:39 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 01:46:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 01:46:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stpaulfirefoundation.org/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.13.1

198.71.190.156

200 OK

31 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.13.1
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (31417 bytes)
Hash
8c9649b6fcda19aa25072ac4f02fb351
39958c209853396f76486ed5c441954d8e077f04
7c99d0b83c76494686a0cdbefbfc9f0b869e51a325c7e3ea2f9b805ddca37599

HTTP Headers

GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.13.1 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:00 GMT
content-type: text/css
content-length: 31417
accept-ranges: bytes
age: 25141
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "2a3e5-5b6ad540897c0-gzip"
last-modified: Thu, 17 Dec 2020 18:40:39 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.8.2

198.71.190.156

200 OK

3.2 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.8.2
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (1577)
Size
3.2 kB (3246 bytes)
Hash
c34cd9056898ce3e7925aadfcccde46a
9ce2c46a7477b6da5dd635e5692d260ee02b7415
0bfed6a25c6d1ef5549ef4fc25cee8a871fdd6b85235bf61e2eb2830dbbc1294

HTTP Headers

GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.8.2 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:00 GMT
content-type: application/javascript
content-length: 3246
accept-ranges: bytes
age: 25141
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "2e7a-5e8cd5d435403-gzip"
last-modified: Fri, 16 Sep 2022 15:53:34 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

198.71.190.156

200 OK

31 kB

URL HTTP/2
stpaulfirefoundation.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (65447)
Size
31 kB (30908 bytes)
Hash
9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:00 GMT
content-type: application/javascript
content-length: 30908
accept-ranges: bytes
age: 25141
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "15db1-5e90562c64d36;5a240e4da4f7b
last-modified: Mon, 19 Sep 2022 10:43:44 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

198.71.190.156

200 OK

4.2 kB

URL HTTP/2
stpaulfirefoundation.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (11126)
Size
4.2 kB (4169 bytes)
Hash
5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:00 GMT
content-type: application/javascript
content-length: 4169
accept-ranges: bytes
age: 25141
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "2bd8-5e90562c639ae-gzip"
last-modified: Mon, 19 Sep 2022 10:43:44 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.13.1

198.71.190.156

200 OK

5.1 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.13.1
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (12801)
Size
5.1 kB (5106 bytes)
Hash
c6f36881e478d749d49956a0ac121d1e
515be595d70805e7f9a3099c75fa40e9c9edc131
5ced2bca148339c2dfd7efb910eca401b02734bada4b12060cd129b2b1afa034

HTTP Headers

GET /wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.13.1 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:00 GMT
content-type: application/javascript
content-length: 5106
accept-ranges: bytes
age: 25141
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "3e04-5b6ad5482a9c0-gzip"
last-modified: Thu, 17 Dec 2020 18:40:47 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-includes/js/hoverIntent.min.js?ver=1.10.2

198.71.190.156

200 OK

706 B

URL HTTP/2
stpaulfirefoundation.org/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (1464)
Size
706 B (706 bytes)
Hash
e26e2ba5d82da6211e981bf0e962fe00
ca7358efdb6852cfb78ec32383eaef15ac6cb61b
400f6ae8a00e7eabb07284d8cd8715579e9a3721fa463e508b5d40b83cde1447

HTTP Headers

GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:00 GMT
content-type: application/javascript
content-length: 706
accept-ranges: bytes
age: 25141
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "5db-5e90562c318e2-gzip"
last-modified: Mon, 19 Sep 2022 10:43:44 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2

198.71.190.156

200 OK

5.0 kB

URL HTTP/2
stpaulfirefoundation.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (15660)
Size
5.0 kB (5009 bytes)
Hash
e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:00 GMT
content-type: application/javascript
content-length: 5009
accept-ranges: bytes
age: 25141
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "48b9-5e90562c76a60-gzip"
last-modified: Mon, 19 Sep 2022 10:43:44 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10

198.71.190.156

200 OK

2.6 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (6210), with no line terminators
Size
2.6 kB (2559 bytes)
Hash
dfcc74301f163fabd32e3256b91ba54e
3e861de3c9a7d5638eb7da2274f50274cde6cc0c
0611e07de6e96239da5373ee60ec187406e535614413b431c823fa3c21ecf8d7

HTTP Headers

GET /wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:00 GMT
content-type: application/javascript
content-length: 2559
accept-ranges: bytes
age: 25140
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "1842-5e8cd5d742c22-gzip"
last-modified: Fri, 16 Sep 2022 15:53:37 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.13.1

198.71.190.156

200 OK

45 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.13.1
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (21487)
Size
45 kB (45240 bytes)
Hash
395bb0dbbc1d7edc8833ff1b386b6d5a
1234aedc5ab1fd23bbf1a32fb45a702a5834e285
951f4154cf420de2f02c44356dcf6d3bdb6e40b6b6f30d1e34cd79b0008ed4cb

HTTP Headers

GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.13.1 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:00 GMT
content-type: application/javascript
content-length: 45240
accept-ranges: bytes
age: 25141
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "26f11-5b6ad540897c0-gzip"
last-modified: Thu, 17 Dec 2020 18:40:39 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/uploads/2020/11/spff-logo-initials-notagline-red.png

198.71.190.156

200 OK

30 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/uploads/2020/11/spff-logo-initials-notagline-red.png
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 1438 x 773, 8-bit/color RGBA, non-interlaced\012- data
Size
30 kB (30073 bytes)
Hash
fba114f39f7e6b81d7fb080394ec30e3
cc6971991578001246603f18b4009ecb835de0b6
0414bf36c32f4cc7872dc452c07b13d85d1fed04dd1138f522411d4bce53e2bb

HTTP Headers

GET /wp-content/uploads/2020/11/spff-logo-initials-notagline-red.png HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:00 GMT
content-type: image/png
content-length: 30073
accept-ranges: bytes
age: 25141
content-security-policy: upgrade-insecure-requests
etag: "7579-5b51bee75df40"
last-modified: Fri, 27 Nov 2020 19:47:33 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/uploads/2020/11/spff-logo-initials-notagline-white.png

198.71.190.156

200 OK

29 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/uploads/2020/11/spff-logo-initials-notagline-white.png
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 1438 x 773, 8-bit/color RGBA, non-interlaced\012- data
Size
29 kB (29262 bytes)
Hash
e66d9a3c6015b356d4f9d9fd73557083
6c43dc7c4db383af14319ef4ee4c35fa53559992
ad6274c1cca57acb53b9117a12a97119eb371b37ad00125d3f351f5d6e5507cd

HTTP Headers

GET /wp-content/uploads/2020/11/spff-logo-initials-notagline-white.png HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:00 GMT
content-type: image/png
content-length: 29262
accept-ranges: bytes
age: 25141
content-security-policy: upgrade-insecure-requests
etag: "724e-5b51b8c786c40"
last-modified: Fri, 27 Nov 2020 19:20:09 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 01:46:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 01:46:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

142.250.74.163

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size
17 kB (16740 bytes)
Hash
e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://stpaulfirefoundation.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 18:53:39 GMT
expires: Tue, 19 Sep 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 456742
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Size
16 kB (15752 bytes)
Hash
b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://stpaulfirefoundation.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:40:23 GMT
expires: Thu, 21 Sep 2023 19:40:23 GMT
cache-control: public, max-age=31536000
age: 281138
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzYw.woff2

142.250.74.163

200 OK

10 kB

URL HTTP/2
fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzYw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 10444, version 1.0\012- data
Size
10 kB (10444 bytes)
Hash
35b05af911a7a688519ba464dfc04bc5
fcd385af42e89d0a72d676efce05c79086407e14
8e59456a560f58d0b6b7934bfc06e0b2faee5d61e2bdb10eef541dd66bfebe0d

HTTP Headers

GET /s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzYw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://stpaulfirefoundation.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Sep 2022 16:33:34 GMT
expires: Mon, 18 Sep 2023 16:33:34 GMT
cache-control: public, max-age=31536000
age: 551547
last-modified: Wed, 27 Apr 2022 15:44:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 01:46:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stpaulfirefoundation.org/wp-content/uploads/2021/12/Thomson-Reuters-Awards-10000-to-Support-First-Responders-to-Pandemic-3-1536x864.png

198.71.190.156

200 OK

1.1 MB

URL HTTP/2
stpaulfirefoundation.org/wp-content/uploads/2021/12/Thomson-Reuters-Awards-10000-to-Support-First-Responders-to-Pandemic-3-1536x864.png
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 1536 x 864, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 MB (1055538 bytes)
Hash
ac8642a2330f858de19e0d667d836ffe
19708772378dc01e567c5716806add324508e151
a6cdc8c89ef4bb13ca471b408d8217aa3c6e00af553ab20656b4c4c448a527ee

HTTP Headers

GET /wp-content/uploads/2021/12/Thomson-Reuters-Awards-10000-to-Support-First-Responders-to-Pandemic-3-1536x864.png HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:00 GMT
content-type: image/png
content-length: 1055538
accept-ranges: bytes
age: 25141
content-security-policy: upgrade-insecure-requests
etag: "101b32-5d33690c1e097"
last-modified: Wed, 15 Dec 2021 22:09:53 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/uploads/2021/08/sly-dizzle-cE6SpYTfqqg-unsplash-1024x768.jpg

198.71.190.156

200 OK

143 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/uploads/2021/08/sly-dizzle-cE6SpYTfqqg-unsplash-1024x768.jpg
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1024x768, components 3\012- data
Size
143 kB (143123 bytes)
Hash
e57c67f9e6b458b32f377d47225bcf2d
e05232b06d4dfb0ebe08665e20ed76431b35e060
3398a0078b62d74430d3eb0b3a1cd213949697563a504527d876e356320b16b9

HTTP Headers

GET /wp-content/uploads/2021/08/sly-dizzle-cE6SpYTfqqg-unsplash-1024x768.jpg HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:01 GMT
content-type: image/jpeg
content-length: 143123
accept-ranges: bytes
age: 25141
content-security-policy: upgrade-insecure-requests
etag: "22f13-5ca509bb6e577"
last-modified: Tue, 24 Aug 2021 16:27:22 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2

198.71.190.156

200 OK

6.5 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
Web Open Font Format (Version 2), TrueType, length 6536, version 1.0\012- data
Size
6.5 kB (6536 bytes)
Hash
21c4c69602dadee988f10c502b44d1c1
7d28ed1775492300f859296ef85ce371c26a6ff3
815e5395652e03d7051b767baade615d279fe3644bbf8f8bbdc54a8b9573be67

HTTP Headers

GET /wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2 HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:01 GMT
content-type: font/woff2
content-length: 6536
accept-ranges: bytes
access-control-allow-origin: *
age: 25141
content-security-policy: upgrade-insecure-requests
etag: "1988-5b6ad540897c0"
last-modified: Thu, 17 Dec 2020 18:40:39 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/uploads/2020/12/spff-hero-blog.jpg

198.71.190.156

200 OK

144 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/uploads/2020/12/spff-hero-blog.jpg
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 872x872, components 3\012- data
Size
144 kB (143735 bytes)
Hash
a69876133da3bcda08c4e8359e3b8680
f202dc28e6fc7ab1df0381215cbd573acf684195
d64ecc0e5fce81c220b5ce38485f22724cfa36a745e23cc8bed90357344a42e1

HTTP Headers

GET /wp-content/uploads/2020/12/spff-hero-blog.jpg HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Cookie: _tccl_visitor=9a990bd7-e9be-5906-87fb-6478e103eca2; _tccl_visit=9a990bd7-e9be-5906-87fb-6478e103eca2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:01 GMT
content-type: image/jpeg
content-length: 143735
accept-ranges: bytes
age: 25141
content-security-policy: upgrade-insecure-requests
etag: "23177-5b635c5867ac0"
last-modified: Fri, 11 Dec 2020 20:02:27 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/uploads/2020/12/spff-whatwedo-cancer.jpg

198.71.190.156

200 OK

258 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/uploads/2020/12/spff-whatwedo-cancer.jpg
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 872x872, components 3\012- data
Size
258 kB (257467 bytes)
Hash
2ab8b8a2b916cc451d1fddc9859f9a75
d558435e75996992d76762db0f28626565ec5e49
190fd976d8c3682425d05dfd67872efb575ec0eb29586b71ad0c91c80c2cc358

HTTP Headers

GET /wp-content/uploads/2020/12/spff-whatwedo-cancer.jpg HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Cookie: _tccl_visitor=9a990bd7-e9be-5906-87fb-6478e103eca2; _tccl_visit=9a990bd7-e9be-5906-87fb-6478e103eca2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:01 GMT
content-type: image/jpeg
content-length: 257467
accept-ranges: bytes
age: 25141
content-security-policy: upgrade-insecure-requests
etag: "3edbb-5b635c0940000"
last-modified: Fri, 11 Dec 2020 20:01:04 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16799
Expires: Sun, 25 Sep 2022 06:26:00 GMT
Date: Sun, 25 Sep 2022 01:46:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16799
Expires: Sun, 25 Sep 2022 06:26:00 GMT
Date: Sun, 25 Sep 2022 01:46:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16799
Expires: Sun, 25 Sep 2022 06:26:00 GMT
Date: Sun, 25 Sep 2022 01:46:01 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7757 bytes)
Hash
9d59e1bbd58ff8c5fe5faecb58149601
ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd
c16a2adaeaabbe45801ab5d12ceaeab587b525b4959933f53a9c8dcdb12aec68

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7757
x-amzn-requestid: 3092c81c-f703-403a-b718-e18f035f9464
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJQFUWIAMF7Pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-565f665c7e34294079703141;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hc0cpj1kMbAQqcM0ooSgEdS8nPP0m4FJD1bHdY7jN2OENNsJF_gluA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 08:16:28 GMT
age: 62973
etag: "ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8715 bytes)
Hash
a89e7161745036637a66e8ab5b7efdf9
79c83cc27996b2339bd63764dbb2ae9744db6d70
13b990c3c6a9bee6def25d007e14628c52e427b6f4c718895b1817d5e8e59760

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8715
x-amzn-requestid: d5e237f4-4c0e-4e3b-b3ae-ea1eb5b7cafc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JmTEAwIAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d22f4-48a975a866edc1755858600f;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sm6N8Un8XKHtGGZwxLd1aYygBns1l8siRvcc2w_9V2imJopvt8Ockw==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 07:18:25 GMT
age: 66456
etag: "79c83cc27996b2339bd63764dbb2ae9744db6d70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Size
13 kB (12826 bytes)
Hash
b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 14922
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5305 bytes)
Hash
9773faaac4deac40b96cd0802e974f36
db601663fa6ee5564eddaf8d3d84c7b04bf3871c
40e7a573f510ff29db04b3fbfacde2ad6ecd67b4c0be30034e057654c86408a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5305
x-amzn-requestid: df7ba218-d20c-4389-8895-affd870ad15f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JqKGtHoAMFcJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d230d-1854a5420f7091316aa4f211;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JgS9UxuYxMmnN6Op-LDeWN7tpeQYRosQp5Jo4-2jf8uEMUIHa6j-SQ==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 03:45:32 GMT
age: 79229
etag: "db601663fa6ee5564eddaf8d3d84c7b04bf3871c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7642 bytes)
Hash
00c09f267aacde9465a329542463b9e5
1534aa8a5158dfa9592d65e6fb761b41c0852c58
276ff24598159f62fd7333992575834f901eea7c75a228b9c12d1c049f1df558

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7642
x-amzn-requestid: b0fc9bea-7735-43c0-a176-eae4d5000a6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2ZPtHajIAMF8zQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c08ca-391092bd30ae5bf9692e93ba;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:03:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gc7lA-XfgIAhotpUdrOaihuA2nbdMY2zNiJSHZpSN3yKPaT-k93auQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 07:07:29 GMT
age: 67112
etag: "1534aa8a5158dfa9592d65e6fb761b41c0852c58"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0027ff5-ed5d-4cf9-9ef4-847dbda3f91b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12552 bytes)
Hash
e8a0d2b8beddf9f866a2bfe96ac21c2e
dfe5c93dc1637162a0b6ac174dcd7107af80763a
0e4bf30611043a171485c6fa054d6102a6cfd7f8a4153daa34eba1b72f455a77

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0027ff5-ed5d-4cf9-9ef4-847dbda3f91b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12552
x-amzn-requestid: 71161d44-4c3a-459e-bf76-5bf3deafcafe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YlYTrHz0oAMF2eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63253a7d-39dd0e2a7045128024086375;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 03:09:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EGtjExnYcmDEP9a540mHhZ7EjGlvLIDLK65Phs9MsAVdEpwNI4avTQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:05 GMT
age: 14936
etag: "dfe5c93dc1637162a0b6ac174dcd7107af80763a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/uploads/2020/12/spff-whatwedo-emotionaltrauma.jpg

198.71.190.156

200 OK

134 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/uploads/2020/12/spff-whatwedo-emotionaltrauma.jpg
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 872x872, components 3\012- data
Size
134 kB (133629 bytes)
Hash
3ff2139437624f93e7bdf4aa9e2e96c3
3ab9595d8af781d4c7664ba99dff5f610a0b2c8f
f9184c8703fe37b3c6623aa0f91b67e70bf0ac390658434eab95a3918acd2c50

HTTP Headers

GET /wp-content/uploads/2020/12/spff-whatwedo-emotionaltrauma.jpg HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Cookie: _tccl_visitor=9a990bd7-e9be-5906-87fb-6478e103eca2; _tccl_visit=9a990bd7-e9be-5906-87fb-6478e103eca2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:01 GMT
content-type: image/jpeg
content-length: 133629
accept-ranges: bytes
age: 25141
content-security-policy: upgrade-insecure-requests
etag: "209fd-5b635c23f3f00"
last-modified: Fri, 11 Dec 2020 20:01:32 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/uploads/2020/08/stpaul-firewire-051720-1024x647.jpg

198.71.190.156

200 OK

114 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/uploads/2020/08/stpaul-firewire-051720-1024x647.jpg
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2], baseline, precision 8, 1024x647, components 3\012- data
Size
114 kB (114376 bytes)
Hash
fb4932326a80394fe4cfe9319f17a4cc
b82f2bd1318bead9b3f6fa3055a9295b97f46eb3
7189f0d44cb6248ce1361472056a436c36c1b48bff4a4f665c29bafc5f1a3102

HTTP Headers

GET /wp-content/uploads/2020/08/stpaul-firewire-051720-1024x647.jpg HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Cookie: _tccl_visitor=9a990bd7-e9be-5906-87fb-6478e103eca2; _tccl_visit=9a990bd7-e9be-5906-87fb-6478e103eca2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:01 GMT
content-type: image/jpeg
content-length: 114376
accept-ranges: bytes
age: 25141
content-security-policy: upgrade-insecure-requests
etag: "1bec8-5adc911d8b5c0"
last-modified: Wed, 26 Aug 2020 14:59:43 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sun, 25 Sep 2022 00:41:09 GMT
expires: Sun, 25 Sep 2022 02:41:09 GMT
cache-control: public, max-age=7200
age: 3892
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/plugins/ua/linkid.js

142.250.74.174

200 OK

859 B

URL HTTP/2
www.google-analytics.com/plugins/ua/linkid.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1335)
Size
859 B (859 bytes)
Hash
904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237

HTTP Headers

GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 01:16:04 GMT
expires: Sun, 25 Sep 2022 02:16:04 GMT
cache-control: public, max-age=3600
age: 1797
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/uploads/2020/11/cropped-social-media-profile-image-32x32.jpg

198.71.190.156

200 OK

5.0 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/uploads/2020/11/cropped-social-media-profile-image-32x32.jpg
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 32x32, components 3\012- data
Size
5.0 kB (5027 bytes)
Hash
48e7ba0d1fd0eee00daec8d4bed80640
763284c048ff5a088cb322f0a6618cae08642c66
c982046cfafa60ec826d7e88c3f20049d067cffa11c60a504500c3a68cb0a93d

HTTP Headers

GET /wp-content/uploads/2020/11/cropped-social-media-profile-image-32x32.jpg HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Cookie: _tccl_visitor=9a990bd7-e9be-5906-87fb-6478e103eca2; _tccl_visit=9a990bd7-e9be-5906-87fb-6478e103eca2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:01 GMT
content-type: image/jpeg
content-length: 5027
accept-ranges: bytes
age: 9114
content-security-policy: upgrade-insecure-requests
etag: "13a3-5b51bfa61a140"
last-modified: Fri, 27 Nov 2020 19:50:53 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

stpaulfirefoundation.org/wp-content/uploads/2020/11/cropped-social-media-profile-image-192x192.jpg

198.71.190.156

200 OK

14 kB

URL HTTP/2
stpaulfirefoundation.org/wp-content/uploads/2020/11/cropped-social-media-profile-image-192x192.jpg
IP
198.71.190.156:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 192x192, components 3\012- data
Size
14 kB (13785 bytes)
Hash
55c4d2c85593166f2a99474b20cc85a8
57d615c1639291eac043acd4ccd1ac71f803ec10
d3649b00c0f92a1deb363b53a95e0c92f73da64925b92c5407c736a8fa667974

HTTP Headers

GET /wp-content/uploads/2020/11/cropped-social-media-profile-image-192x192.jpg HTTP/1.1
Host: stpaulfirefoundation.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Cookie: _tccl_visitor=9a990bd7-e9be-5906-87fb-6478e103eca2; _tccl_visit=9a990bd7-e9be-5906-87fb-6478e103eca2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Sep 2022 01:46:01 GMT
content-type: image/jpeg
content-length: 13785
accept-ranges: bytes
age: 9110
content-security-policy: upgrade-insecure-requests
etag: "35d9-5b51bfa61a140"
last-modified: Fri, 27 Nov 2020 19:50:53 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

events.api.secureserver.net/t/1/tl/event?cts=1664070359772&dh=stpaulfirefoundation.org&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=1543004302&cv=2.0.0&z=887360092&vg=9a990bd7-e9be-5906-87fb-6478e103eca2&vtg=9a990bd7-e9be-5906-87fb-6478e103eca2&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22d0f1da91-01c6-3442-7ee1-ef6ef1d6ce4c.secureserver.net%22%2C%22pod%22%3A%22P3NLWPPOD10%22%2C%22storage%22%3A%22p3cephmah004pod10_data03%22%2C%22xid%22%3A%2244695242%22%2C%22wp%22%3A%226.0.2%22%2C%22php%22%3A%227.4.30%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%220%22%2C%22builder%22%3A%22wp-block-editor%22%2C%22theme%22%3A%22flatsome%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22225%22%2C%22wp_alloptions_bytes%22%3A%22246581%22%7D&hit_id=64e18212-8f04-5995-9fee-9f39fb5711d7&ht=pageview

104.84.152.186

200 OK

43 B

URL HTTP/2
events.api.secureserver.net/t/1/tl/event?cts=1664070359772&dh=stpaulfirefoundation.org&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=1543004302&cv=2.0.0&z=887360092&vg=9a990bd7-e9be-5906-87fb-6478e103eca2&vtg=9a990bd7-e9be-5906-87fb-6478e103eca2&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22d0f1da91-01c6-3442-7ee1-ef6ef1d6ce4c.secureserver.net%22%2C%22pod%22%3A%22P3NLWPPOD10%22%2C%22storage%22%3A%22p3cephmah004pod10_data03%22%2C%22xid%22%3A%2244695242%22%2C%22wp%22%3A%226.0.2%22%2C%22php%22%3A%227.4.30%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%220%22%2C%22builder%22%3A%22wp-block-editor%22%2C%22theme%22%3A%22flatsome%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22225%22%2C%22wp_alloptions_bytes%22%3A%22246581%22%7D&hit_id=64e18212-8f04-5995-9fee-9f39fb5711d7&ht=pageview
IP
104.84.152.186:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /t/1/tl/event?cts=1664070359772&dh=stpaulfirefoundation.org&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=1543004302&cv=2.0.0&z=887360092&vg=9a990bd7-e9be-5906-87fb-6478e103eca2&vtg=9a990bd7-e9be-5906-87fb-6478e103eca2&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22d0f1da91-01c6-3442-7ee1-ef6ef1d6ce4c.secureserver.net%22%2C%22pod%22%3A%22P3NLWPPOD10%22%2C%22storage%22%3A%22p3cephmah004pod10_data03%22%2C%22xid%22%3A%2244695242%22%2C%22wp%22%3A%226.0.2%22%2C%22php%22%3A%227.4.30%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%220%22%2C%22builder%22%3A%22wp-block-editor%22%2C%22theme%22%3A%22flatsome%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22225%22%2C%22wp_alloptions_bytes%22%3A%22246581%22%7D&hit_id=64e18212-8f04-5995-9fee-9f39fb5711d7&ht=pageview HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://stpaulfirefoundation.org
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://stpaulfirefoundation.org
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Sun, 25 Sep 2022 01:46:01 GMT
X-Firefox-Spdy: h2

events.api.secureserver.net/t/1/tl/event?cts=1664070360385&dh=stpaulfirefoundation.org&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=1543004302&cv=2.0.0&z=1193827601&vg=9a990bd7-e9be-5906-87fb-6478e103eca2&vtg=9a990bd7-e9be-5906-87fb-6478e103eca2&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22d0f1da91-01c6-3442-7ee1-ef6ef1d6ce4c.secureserver.net%22%2C%22pod%22%3A%22P3NLWPPOD10%22%2C%22storage%22%3A%22p3cephmah004pod10_data03%22%2C%22xid%22%3A%2244695242%22%2C%22wp%22%3A%226.0.2%22%2C%22php%22%3A%227.4.30%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%220%22%2C%22builder%22%3A%22wp-block-editor%22%2C%22theme%22%3A%22flatsome%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22225%22%2C%22wp_alloptions_bytes%22%3A%22246581%22%7D&hit_id=38e127f9-b6f7-5227-bb13-b812543d118d&ht=perf&tce=1664070358628&tcs=1664070358628&tdc=1664070360378&tdclee=1664070359804&tdcles=1664070359794&tdi=1664070359773&tdl=1664070358931&tdle=1664070358628&tdls=1664070358628&tfs=1664070358628&tns=1664070357690&trqs=1664070358630&tre=1664070358924&trps=1664070358923&tles=1664070360378&tlee=0&nt=navigate&nav_type=hard

104.84.152.186

200 OK

43 B

URL HTTP/2
events.api.secureserver.net/t/1/tl/event?cts=1664070360385&dh=stpaulfirefoundation.org&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=1543004302&cv=2.0.0&z=1193827601&vg=9a990bd7-e9be-5906-87fb-6478e103eca2&vtg=9a990bd7-e9be-5906-87fb-6478e103eca2&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22d0f1da91-01c6-3442-7ee1-ef6ef1d6ce4c.secureserver.net%22%2C%22pod%22%3A%22P3NLWPPOD10%22%2C%22storage%22%3A%22p3cephmah004pod10_data03%22%2C%22xid%22%3A%2244695242%22%2C%22wp%22%3A%226.0.2%22%2C%22php%22%3A%227.4.30%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%220%22%2C%22builder%22%3A%22wp-block-editor%22%2C%22theme%22%3A%22flatsome%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22225%22%2C%22wp_alloptions_bytes%22%3A%22246581%22%7D&hit_id=38e127f9-b6f7-5227-bb13-b812543d118d&ht=perf&tce=1664070358628&tcs=1664070358628&tdc=1664070360378&tdclee=1664070359804&tdcles=1664070359794&tdi=1664070359773&tdl=1664070358931&tdle=1664070358628&tdls=1664070358628&tfs=1664070358628&tns=1664070357690&trqs=1664070358630&tre=1664070358924&trps=1664070358923&tles=1664070360378&tlee=0&nt=navigate&nav_type=hard
IP
104.84.152.186:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /t/1/tl/event?cts=1664070360385&dh=stpaulfirefoundation.org&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=1543004302&cv=2.0.0&z=1193827601&vg=9a990bd7-e9be-5906-87fb-6478e103eca2&vtg=9a990bd7-e9be-5906-87fb-6478e103eca2&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22d0f1da91-01c6-3442-7ee1-ef6ef1d6ce4c.secureserver.net%22%2C%22pod%22%3A%22P3NLWPPOD10%22%2C%22storage%22%3A%22p3cephmah004pod10_data03%22%2C%22xid%22%3A%2244695242%22%2C%22wp%22%3A%226.0.2%22%2C%22php%22%3A%227.4.30%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%220%22%2C%22builder%22%3A%22wp-block-editor%22%2C%22theme%22%3A%22flatsome%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22225%22%2C%22wp_alloptions_bytes%22%3A%22246581%22%7D&hit_id=38e127f9-b6f7-5227-bb13-b812543d118d&ht=perf&tce=1664070358628&tcs=1664070358628&tdc=1664070360378&tdclee=1664070359804&tdcles=1664070359794&tdi=1664070359773&tdl=1664070358931&tdle=1664070358628&tdls=1664070358628&tfs=1664070358628&tns=1664070357690&trqs=1664070358630&tre=1664070358924&trps=1664070358923&tles=1664070360378&tlee=0&nt=navigate&nav_type=hard HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://stpaulfirefoundation.org
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://stpaulfirefoundation.org
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Sun, 25 Sep 2022 01:46:01 GMT
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d4989e-b390-4a8b-be36-820e0256c211.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7977 bytes)
Hash
4b247d936b6e75a5075e09d9d2f7c3b1
7d3650b77b7f501d2f94592b8a4c0e02a75feb70
165d5ef729be431744228c7f1791141536db476811a3e9c7ab5958c6e38a781a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d4989e-b390-4a8b-be36-820e0256c211.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7977
x-amzn-requestid: 6d6cbdf9-91f4-4fb5-8afe-cb8dea476e8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EoFjtIAMFjcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7883-5681f08725a5ce7e36c27d75;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:07 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0H0AT4oKoQUzJWzgfJuK9M_bisrd4bhX6jVfbj3VZ5IPp8u2opEuOA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:25 GMT
etag: "7d3650b77b7f501d2f94592b8a4c0e02a75feb70"
content-type: image/jpeg
age: 14803
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Titillium+Web%3Aregular%2C900%7COpen+Sans%3Aregular%2Cregular%7CRoboto%3Aregular%2C900%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

216.58.211.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Titillium+Web%3Aregular%2C900%7COpen+Sans%3Aregular%2Cregular%7CRoboto%3Aregular%2C900%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Titillium+Web%3Aregular%2C900%7COpen+Sans%3Aregular%2Cregular%7CRoboto%3Aregular%2C900%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stpaulfirefoundation.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 25 Sep 2022 01:46:00 GMT
date: Sun, 25 Sep 2022 01:46:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations