r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18285
Expires: Sat, 21 Jan 2023 12:27:10 GMT
Date: Sat, 21 Jan 2023 07:22:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 37284a837312d6586460a3b86bbe7bd0
6ac0847abd48eb8607597218aaa2cb2d434c012b
6a0e11bb042555d72b397ae0cc3d5e242d3a3fe04418e28ffd222decca7d16ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A0E11BB042555D72B397AE0CC3D5E242D3A3FE04418E28FFD222DECCA7D16CA"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3096
Expires: Sat, 21 Jan 2023 08:14:01 GMT
Date: Sat, 21 Jan 2023 07:22:25 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 21 Jan 2023 06:49:36 GMT
content-type: application/json
age: 1969
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10135
Expires: Sat, 21 Jan 2023 10:11:20 GMT
Date: Sat, 21 Jan 2023 07:22:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qwVoPgLGbTZdqiVbG6zXVKFpB0HN0wwuF1kxycdHLcYoo63HJSIx9msNf9O4s/3Vzm13mGueEu0=
x-amz-request-id: VR4277344CRZJGHF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 06:46:42 GMT
age: 2143
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 07:22:25 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4224be05ad14415d82cde97bfbf6d8b0
1177475d0a271da17d3ef4270ff3c40b9f9eaa8c
5c392af73a807406cb740ddc9d96db1e66127c9b5647097859148b302e84a551
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=101670
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 07:22:25 GMT
Etag: "63ca7cd7-117"
Expires: Sun, 22 Jan 2023 11:36:55 GMT
Last-Modified: Fri, 20 Jan 2023 11:36:55 GMT
Server: nginx
Content-Length: 279
urlzs.com/pprwR
104.21.70.232302 Found 0 B IP 104.21.70.232:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Orange
phishtank Other
GET /pprwR HTTP/1.1
Host: urlzs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sat, 21 Jan 2023 07:22:25 GMT
content-type: application/binary
content-length: 0
location: https://link.uinsgd.ac.id/d277q
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'nonce-RpHrIyvT1B4vjB8mmuxDOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport/allowlist,require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: same-site
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
accept-ranges: bytes
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674285746.626021,VS0,VE202
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, x-fh-requested-host, accept-encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyjvfvDSZTh5uONCq1m4BkOItXaToSSh5NnoI7O0H8MHEkZqmAWCmhrZE99lR9WGv1e0nzLP9sgKGTr5k6HQzk0QeyJfR3NmWNNAggv8aauXR0ImWrW3%2F8YMN5c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce4c75fd2afab8-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4224be05ad14415d82cde97bfbf6d8b0
1177475d0a271da17d3ef4270ff3c40b9f9eaa8c
5c392af73a807406cb740ddc9d96db1e66127c9b5647097859148b302e84a551
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=101670
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 07:22:25 GMT
Etag: "63ca7cd7-117"
Expires: Sun, 22 Jan 2023 11:36:55 GMT
Last-Modified: Fri, 20 Jan 2023 11:36:55 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 21 Jan 2023 06:48:58 GMT
age: 2007
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bdb8a13dfce39d6e151a9ef185a772a1
037a680510f9dbce3c7cc3c0f9115fd587dbcd1d
98c8b7f269b9aad73b73fd946788ebfd7a4d7afbdd5347b56c67f73b947f5ff6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2261
Cache-Control: max-age=94930
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 07:22:26 GMT
Etag: "63ca59af-1d7"
Expires: Sun, 22 Jan 2023 09:44:36 GMT
Last-Modified: Fri, 20 Jan 2023 09:06:55 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.comodoca.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 3425d70b0e426ea81aa675267bd73731
f6adac521a0fc94aa4b83e9990f29890a060a31f
23f7e82ba75d33b2e2f82bde83371fb973dd5cb9bce0d5a5d5c52869c6b4ff10
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 07:22:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 00:56:14 GMT
Expires: Thu, 26 Jan 2023 00:56:13 GMT
Etag: "f6adac521a0fc94aa4b83e9990f29890a060a31f"
Cache-Control: max-age=459276,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1166
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ce4c7a2a25b506-OSL
push.services.mozilla.com/
54.190.123.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.190.123.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jSKNS1bzects9xK6ia6C1A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /XBfusjPWdRaOTn7UICX7TXPPpo=
link.uinsgd.ac.id/d277q
103.55.33.21301 Moved Permanently 394 B IP 103.55.33.21:0
ASN #63879 UIN Sunan Gunung Djati Bandung
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash eb7878062d5cd52f7f1efd5157fc1e14
a5fe5f82664dfacd460240286ed30aa6001e5d06
7604e304de377c580762e1c0f1090b7dfc0c4a2e96db33d14dec0d1a02d30c93
Analyzer Verdict Alert fortinet Phishing
GET /d277q HTTP/1.1
Host: link.uinsgd.ac.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 21 Jan 2023 07:22:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: must-revalidate, no-cache, no-store, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6InFYUUErRGl3WDRDZTRQVENWR3N6Umc9PSIsInZhbHVlIjoiYWtZQ0FqOTFcL1wvbjR5bklKRlVmRm9KT05yeFIxQ25kZUhcL0tmclQ1dXlpd3pRbzEyN2dNZVNnRGU2VWd4em9INjc1b013UFwvcnBVVVZ2Zm54UGRxVFc1M3cyOXZCK055d2JMcFdGaUZnT1ljRzRCd1Zia1VSK25lUm1JT0NzWXU5IiwibWFjIjoiNzU5MjE2ODYxOGNkMDA4NWM2OGRjYWFkZmM5YTdkYzI3NDI3YWRhODhjZWRjYjczYjk1ZDk4NjhhMDJkZWMwOCJ9; expires=Sat, 21-Jan-2023 09:22:26 GMT; Max-Age=7200; path=/
phpshort_session=eyJpdiI6IjlUR3pIMUYwWkVzcFZcL2VkZXlRd1VRPT0iLCJ2YWx1ZSI6IjAydGNIcExVVkQ5bTF0OExZajhYNjVQTFJQa0NFRGw5TnVkUU1EemR1NGhQSjRBT3oyOTQyOXBoY0gyK1NyRW5BbFRGTjZJejJ4Vk1FOXdZQW4wMzhRZHFOOWJCMVRpaUkyMlcyVGEzZkJTYkFXQzEwbXJzS0R0YW4wV3lPUGJ3IiwibWFjIjoiZTJkZjU4MGUzZWI4MDk0ZTQ2N2ZkMWU2ODQ5YzMwODc2OGYwZDgxMGYzNDQyMDk2NzRiZWU3MWQ1ODI3YmRjNSJ9; expires=Sat, 21-Jan-2023 09:22:26 GMT; Max-Age=7200; path=/; httponly
Location: http://site9610060.92.webydo.com/?v=1
site9610060.92.webydo.com/?v=1
130.211.204.68200 OK 3.5 kB URL HTTP/1.1 site9610060.92.webydo.com/?v=1
IP 130.211.204.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (716), with CRLF line terminators
Hash 653912ba93c58cbaa805e9f8bcd5a0b9
a1b02e0f51f70b84ee62e5eb7341cfd78ff931d6
db3fcdb50a333fc677489fd897a162beac01ed7caa63b7217b98c59d118c5d69
GET /?v=1 HTTP/1.1
Host: site9610060.92.webydo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty/1.11.2.2
Date: Sat, 21 Jan 2023 07:22:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-GUploader-UploadID: ADPycdslgn_iULrcLfh8UILJIChIB4MBGWbwh7v6b61iFHmkcY7MBQxVEcyv5A1krzrjydWog5qnb91ndlcpRMmUFqUnkQ
x-goog-generation: 1672753805508612
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 14043
x-goog-meta-replace: true
x-goog-meta-policy: public-read
x-goog-hash: crc32c=eX5riA==, md5=wTzAJ7TlynGTLtUqBSV9gw==
x-goog-storage-class: STANDARD
Expires: Sun, 21 Jan 2024 07:22:26 GMT
Cache-Control: no-cache
Last-Modified: Tue, 03 Jan 2023 13:50:05 GMT
ETag: W/"c13cc027b4e5ca71932ed52a05257d83"
Age: 0
Content-Encoding: gzip
global.webydo.com/v8/main.min.css?v=_STAGING-Publisher_20180327.1
172.66.43.85200 OK 2.2 kB URL HTTP/1.1 global.webydo.com/v8/main.min.css?v=_STAGING-Publisher_20180327.1
IP 172.66.43.85:0
File type ASCII text, with very long lines (8955), with no line terminators
Hash 59bcd510d5a1bddeaaef5407e1231290
2a4a9133835044ded33508ad94777311183f6a78
818f415d7d4ad9222619f495f0eb48479b2f6c491518f881d3cebfbc56bbea41
GET /v8/main.min.css?v=_STAGING-Publisher_20180327.1 HTTP/1.1
Host: global.webydo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://site9610060.92.webydo.com/
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 07:22:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 15 Jun 2017 08:11:17 GMT
etag: W/"bc35d0f6aee5d21:0"
x-powered-by: ASP.NET
via: 1.1 google
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Age: 1166
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4TkSdRZABZ1z9BgpIV9g2d4oFej4MP5UOYnFTh1mMIUn%2Bqme%2BLmF%2BVB%2FFYdGO0XJTeov%2B3O4hVJsvRGcvWe7%2B6iGXa6P3ANRLYOtx8%2FRMV1qC8xky9dVNkuZ6Du6QJQA6US"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ce4c7ee81db503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
global.webydo.com/v8/skrollr.min.js?v=_STAGING-Publisher_20180327.1
172.66.43.85200 OK 6.3 kB URL HTTP/1.1 global.webydo.com/v8/skrollr.min.js?v=_STAGING-Publisher_20180327.1
IP 172.66.43.85:0
File type ASCII text, with very long lines (14876)
Hash d91adc439d3e5410df5bbc4172733047
b9c6ddb8d19c65b310b52bb0736408b0f7486f61
822ca59ae54869740bbce05ed359a270a920e78990e50c14a20f4bd52dbb34f0
GET /v8/skrollr.min.js?v=_STAGING-Publisher_20180327.1 HTTP/1.1
Host: global.webydo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://site9610060.92.webydo.com/
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 07:22:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 31 Aug 2017 12:02:58 GMT
etag: W/"0640165122d31:0"
x-powered-by: ASP.NET
via: 1.1 google
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Age: 1166
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qzmihi5M7bLjzRveVYKWGaKRYSPRZk1NRLLdw4xT%2FI09UUUWGtKhTqx%2Fq761qSbYAvTsGIpSGr72V3NfntF6bxsXDv9bolFJKihFA%2BneUl%2FCxjqUFTk9If2G8WsfVwUw0lxz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ce4c7ef9f21c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc31516c15fd70a7d9ff5972ace7998f
cd51d28f98f75b832d5ee8c1f57f6bef4206b877
1855fdb5f795ad61c6f6e6415e6370428b718e19ab067c1f6bd7fd39471526fe
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1855FDB5F795AD61C6F6E6415E6370428B718E19AB067C1F6BD7FD39471526FE"
Last-Modified: Fri, 20 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8838
Expires: Sat, 21 Jan 2023 09:49:45 GMT
Date: Sat, 21 Jan 2023 07:22:27 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc31516c15fd70a7d9ff5972ace7998f
cd51d28f98f75b832d5ee8c1f57f6bef4206b877
1855fdb5f795ad61c6f6e6415e6370428b718e19ab067c1f6bd7fd39471526fe
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1855FDB5F795AD61C6F6E6415E6370428B718E19AB067C1F6BD7FD39471526FE"
Last-Modified: Fri, 20 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8838
Expires: Sat, 21 Jan 2023 09:49:45 GMT
Date: Sat, 21 Jan 2023 07:22:27 GMT
Connection: keep-alive
global.webydo.com/v8/base.min.css?v=384350133
172.66.43.85200 OK 101 B URL HTTP/1.1 global.webydo.com/v8/base.min.css?v=384350133
IP 172.66.43.85:0
File type ASCII text, with no line terminators
Hash 288fadcb103cf7dafbca767ba0a5179f
a0f20373997bc7c544f89ff02822b8218a4cb0a2
2e91e6e0138b32495ca97517f61ffcc790ed1da3e187de0bc1edf33e4a954f9d
GET /v8/base.min.css?v=384350133 HTTP/1.1
Host: global.webydo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://site9610060.92.webydo.com/
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 07:22:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 15 Jun 2017 08:11:17 GMT
etag: W/"289b94f6aee5d21:0"
x-powered-by: ASP.NET
via: 1.1 google
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFTaEnXuda4B1FBJMNNMCYyQ97LJryEmvX2K3edLNSNNQlcdOa7hA9dPHTh2S5oC8NGk8ZC1cl8a5NgoL%2FHS5hod15E7Cm2ZlU%2Frf%2BGBrfoGojiHNjcHMPmb4f9RuhsWfDXG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ce4c7ecec20b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
code.jquery.com/jquery-1.7.2.min.js
69.16.175.10200 OK 34 kB URL HTTP/1.1 code.jquery.com/jquery-1.7.2.min.js
IP 69.16.175.10:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 51548630c726a2867d0d5d33392b2361
f26f5bcf512417ae1bb60e7a91723cd3a040af64
9fd7eecf1fc589ab21bb367fd1d7d7dcf998c2c4768d1c639677bdb29e951642
GET /jquery-1.7.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://site9610060.92.webydo.com/
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 07:22:27 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 33626
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 16 Feb 2022 10:50:39 GMT
Accept-Ranges: bytes
Server: nginx
ETag: W/"620cd6ff-17278"
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
X-HW: 1674285747.dop069.sk1.t,1674285747.cds238.sk1.c
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc31516c15fd70a7d9ff5972ace7998f
cd51d28f98f75b832d5ee8c1f57f6bef4206b877
1855fdb5f795ad61c6f6e6415e6370428b718e19ab067c1f6bd7fd39471526fe
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1855FDB5F795AD61C6F6E6415E6370428B718E19AB067C1F6BD7FD39471526FE"
Last-Modified: Fri, 20 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8838
Expires: Sat, 21 Jan 2023 09:49:45 GMT
Date: Sat, 21 Jan 2023 07:22:27 GMT
Connection: keep-alive
global.webydo.com/v8/script.min.js?v=_STAGING-Publisher_20180327.1
172.66.43.85200 OK 16 kB URL HTTP/1.1 global.webydo.com/v8/script.min.js?v=_STAGING-Publisher_20180327.1
IP 172.66.43.85:0
File type Unicode text, UTF-8 text, with very long lines (55664)
Hash 8474490be01ced86be5b53d6e747089b
5be0d79f3f07dff883152d94fbe393531faae487
6df81562585ea6dbe86f0fc586c35a6880246b08eda8801c123ade634a33e057
GET /v8/script.min.js?v=_STAGING-Publisher_20180327.1 HTTP/1.1
Host: global.webydo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://site9610060.92.webydo.com/
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 07:22:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 78ce4c7efb93b4f9-OSL
Age: 3792006
Cache-Control: public, max-age=100000000
Content-Language: en
ETag: W/"9f738213ed9c045b45fbd926df13dae0"
Expires: Fri, 08 Dec 2023 09:29:08 GMT
Last-Modified: Thu, 11 Oct 2018 07:56:41 GMT
CF-Cache-Status: HIT
alt-svc: h2=":443"; ma=60
x-goog-generation: 1539244601775874
x-goog-hash: crc32c=MeRVzw==, md5=n3OCE+2cBFtF+9km3xPa4A==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 56143
x-guploader-uploadid: ADPycdsfdadL5cfUaWDhyVl3t5GYN0jrsNGMtEPUePvuFAeuT3aZaa3eV9KXFEvcpZhgX8VKmlBQTGdMtU2MGRtFdbx1AQ
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0IIRhPwo5hd%2BTDqUl19EvsUGEAvJUo6ZUR6ELSITJq0N8XjmENgtteXH8dUJ34CEpyIPyAOrXtt10PA%2B28W3sXfLGHSPqcNxC1TGknlJgw6BW2%2BBiDL%2FeX7zbhGBAvmbeIU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
site9610060.92.webydo.com/IP_Master_PT_RTL.master.css?v=384350133
130.211.204.68200 OK 2.6 kB URL HTTP/1.1 site9610060.92.webydo.com/IP_Master_PT_RTL.master.css?v=384350133
IP 130.211.204.68:0
File type ASCII text, with very long lines (17653), with no line terminators
Hash 4a53a34f63eae1ee80c66753ef32b819
dc91d9d25b95cf2964580e497ffe992746a18f19
aee6130fa448624193b9cbe0d2073ca139633ffde5f230544e203f8c8d2f8074
GET /IP_Master_PT_RTL.master.css?v=384350133 HTTP/1.1
Host: site9610060.92.webydo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://site9610060.92.webydo.com/?v=1
HTTP/1.1 200 OK
Server: openresty/1.11.2.2
Date: Sat, 21 Jan 2023 07:22:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-GUploader-UploadID: ADPycdvGhD7gqD3vBVGf97c94BoQv7grnrqkUiaXMapQ-h3-BSHKfnmSNrKu45StFowekVMNOfI1PsSATxYGDUVJdBeKPA
x-goog-generation: 1672753805538196
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 17653
x-goog-meta-replace: true
x-goog-meta-policy: public-read
x-goog-hash: crc32c=Fw3GEA==, md5=WD69u4OkJnmSvZHMPaBjUw==
x-goog-storage-class: STANDARD
Expires: Sun, 21 Jan 2024 07:22:27 GMT
Cache-Control: no-cache
Last-Modified: Tue, 03 Jan 2023 13:50:05 GMT
ETag: W/"583ebdbb83a4267992bd91cc3da06353"
Age: 0
Content-Encoding: gzip
site9610060.92.webydo.com/home.css?v=384350133
130.211.204.68200 OK 4.0 kB URL HTTP/1.1 site9610060.92.webydo.com/home.css?v=384350133
IP 130.211.204.68:0
File type ASCII text, with very long lines (24534), with no line terminators
Hash 91654c24e948634d94361f00e4aa67a2
ecbf339d3407fcf57c408b25095b7efae079e2ca
a5a061e9aec712be53e41d08043f597cd8feac9d707738a73dbc7328e06462ef
Analyzer Verdict Alert openphish Orange
fortinet Malware
GET /home.css?v=384350133 HTTP/1.1
Host: site9610060.92.webydo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://site9610060.92.webydo.com/?v=1
HTTP/1.1 200 OK
Server: openresty/1.11.2.2
Date: Sat, 21 Jan 2023 07:22:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-GUploader-UploadID: ADPycdunvitM6bU1JSkZkb8x2J2RtOIjhR_IyFosBf6Cn9DJb9s3g2bQCc_eQu9ropUTCsMYoXrMyVWWEGXWJgo2wx35jA
x-goog-generation: 1672753805541969
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 24534
x-goog-meta-replace: true
x-goog-meta-policy: public-read
x-goog-hash: crc32c=y42SJg==, md5=pncM90hqWG0BY/uO7jYJOw==
x-goog-storage-class: STANDARD
Expires: Sun, 21 Jan 2024 07:22:27 GMT
Cache-Control: no-cache
Last-Modified: Tue, 03 Jan 2023 13:50:05 GMT
ETag: W/"a6770cf7486a586d0163fb8eee36093b"
Age: 0
Content-Encoding: gzip
site9610060.92.webydo.com/home.js?v=384350133
130.211.204.68200 OK 1.2 kB URL HTTP/1.1 site9610060.92.webydo.com/home.js?v=384350133
IP 130.211.204.68:0
File type Unicode text, UTF-8 text, with very long lines (3543), with CRLF line terminators
Hash a9e37b775dee96f5e4c49d32bd4f58ce
e62b69791044628f75824268e3736eb1272b33c8
b68018551841b77bcd35af823f1a8b049f0b57ca7b36b375dd5bb78588ef9ada
Analyzer Verdict Alert openphish Orange
fortinet Malware
GET /home.js?v=384350133 HTTP/1.1
Host: site9610060.92.webydo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://site9610060.92.webydo.com/?v=1
HTTP/1.1 200 OK
Server: openresty/1.11.2.2
Date: Sat, 21 Jan 2023 07:22:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-GUploader-UploadID: ADPycdv1npc10ZN34L8ZSevb2RWQh1NYONPKNUny3uQAVkP1n3Ajp8mcEcAvsxTVe0RuxnRIA1S-ScCyTKZ5wrIXdF_vTQ
x-goog-generation: 1672753805544006
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3550
x-goog-meta-replace: true
x-goog-meta-policy: public-read
x-goog-hash: crc32c=0kPM8A==, md5=Phmsyr7DBbCxGqPmt6SJXA==
x-goog-storage-class: STANDARD
Expires: Sun, 21 Jan 2024 07:22:27 GMT
Cache-Control: no-cache
Last-Modified: Tue, 03 Jan 2023 13:50:05 GMT
ETag: W/"3e19accabec305b0b11aa3e6b7a4895c"
Age: 0
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3211
Expires: Sat, 21 Jan 2023 08:15:58 GMT
Date: Sat, 21 Jan 2023 07:22:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3211
Expires: Sat, 21 Jan 2023 08:15:58 GMT
Date: Sat, 21 Jan 2023 07:22:27 GMT
Connection: keep-alive
fonts-api.webydo.com/earlyaccess/alefhebrew.css
172.66.40.171200 OK 789 B URL HTTP/2 fonts-api.webydo.com/earlyaccess/alefhebrew.css
IP 172.66.40.171:0
Hash 58e118e8d4f6625b32c664432f188ab0
b77c559fcb4baa4e5ad1bc9ee84bd2f5dbfa8635
b126388a9a5eb59bc850ce3077c44753e6e8380ac4697918cd89595750a83fb6
GET /earlyaccess/alefhebrew.css HTTP/1.1
Host: fonts-api.webydo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://site9610060.92.webydo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:22:27 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
via: 1.1 google
last-modified: Sat, 21 Jan 2023 05:53:33 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1165
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOnpV6x3wt4B3mG6904r%2Fu%2BDHYhjVC6nWboRNEQS3iNykMW6jdRFtahOjS3wspnm3CoWQcYWdJsF1t1PNx6luGhXPPOZxiwS8ItFv%2BDjAmmFDwT98YfTnDSqQYT76i92MqgG%2Ft8R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce4c7f68afb515-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3211
Expires: Sat, 21 Jan 2023 08:15:58 GMT
Date: Sat, 21 Jan 2023 07:22:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b08ef55971faa2683ab9f2af8a11dcec
a46c748cccb714f05a068c2438181328b4fbd57a
1d073abf25fbea2d85f34076eae47f9e89502846815094f5288b8e80762a8fe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11562
x-amzn-requestid: c3864d3b-caaa-4c44-a4bd-9339d0eede69
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-E1UGw4IAMFtyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4ee-703e32aa596019d42680e599;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZxoIRkRgzS5Hp0D9gzxOiTg3GatK8zSCIokF3NWUghEUmePltkYVRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:38:02 GMT
age: 13465
etag: "a46c748cccb714f05a068c2438181328b4fbd57a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts-api.webydo.com/css?family=Andika%7cBangers%7cBevan%7cBitter%7cCutive%7cJudson%7cMarmelad%7cOswald%7cSatisfy%7cShadows%20Into%20Light%7cUbuntu%7cUnkempt%7cViga&subset=latin,cyrillic-ext,greek-ext,greek,latin-ext,hebrew,cyrillic
172.66.40.171200 OK 10 kB URL HTTP/2 fonts-api.webydo.com/css?family=Andika%7cBangers%7cBevan%7cBitter%7cCutive%7cJudson%7cMarmelad%7cOswald%7cSatisfy%7cShadows%20Into%20Light%7cUbuntu%7cUnkempt%7cViga&subset=latin,cyrillic-ext,greek-ext,greek,latin-ext,hebrew,cyrillic
IP 172.66.40.171:0
Hash ce3ce373cdfe1cec0e22b6f0181ba226
cd29d01eb1a511a07419be59ac24a81690865ef5
61ead75983df2cd7bde3e58f2d042ba43a2d2dfea84da236235f9bb5af34366d
GET /css?family=Andika%7cBangers%7cBevan%7cBitter%7cCutive%7cJudson%7cMarmelad%7cOswald%7cSatisfy%7cShadows%20Into%20Light%7cUbuntu%7cUnkempt%7cViga&subset=latin,cyrillic-ext,greek-ext,greek,latin-ext,hebrew,cyrillic HTTP/1.1
Host: fonts-api.webydo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://site9610060.92.webydo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:22:27 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
set-cookie: REDIRECTOR=dr1; path=/
cache-control: private
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZOhQiWhg5UHrGNSmZ1zbrJTwmKF3xEEEkJNUHAbX3J7jUOzmMw%2FUQ214oFS7di4dVH75sJFPAhWnBMFga%2BFT00LPbf%2FPPEmfCG8N12dCgaQ8fr%2FNTIv1MibuYR3%2BZBHCqLAfjgZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce4c7f1882b515-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RlbJymJhU6Ti5RZCSIvPzloackAiBEBGapKI440u4ZIfB5FYBNugLw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:24:48 GMT
age: 14259
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc231c80e-1faf-4bd6-8ed6-fb607db0086d.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc231c80e-1faf-4bd6-8ed6-fb607db0086d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1b8f3e0407b4d6e24afea546ca274e1
d8a70b23dba532ff8a44ebe4e12890efb5e0c584
24cb3abc9ffe27836d8e0bf2a1eff295d504e09b02237dc4dda938e012c49425
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc231c80e-1faf-4bd6-8ed6-fb607db0086d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6377
x-amzn-requestid: 065663fc-8bc2-4b83-a7e3-ad4e24f895f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EzgHCHIAMFvqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4e3-6bbc3fe80ba4a7de13b99982;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -mkifCnUT7O_yZUfHIFdGexUiYGMk8s_Whsfey8PcmGBUWygX-cnjQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:38:27 GMT
age: 13440
etag: "d8a70b23dba532ff8a44ebe4e12890efb5e0c584"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b48f53e84a3ec564b35cf6b0754d09bb
dc7ad580f90e8af4349f409fb0302a79c672ff99
37d8f9a37eed22705123275ac7a36ff34bcdea1b2faaa7108a7112afe5a8201f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6068
x-amzn-requestid: 8962c77a-e852-426f-b37a-024546e0a2ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fD5VKG_zoAMFgZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb08ed-368af491496d024a0142b0e4;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GVOdNzEzcPvkVkDOfnHOI1RPDfuJ_gUmoqYFkge2Qdp87B0wdOA6Bw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 21:40:03 GMT
age: 34944
etag: "dc7ad580f90e8af4349f409fb0302a79c672ff99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7616632f-cfb4-4f45-819d-1970213c1ca5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7616632f-cfb4-4f45-819d-1970213c1ca5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62d64384cabb3ee773d9baa88c9fa9f5
3457882213a7c2d2ec863d75cf629ae4fe320092
7adc5cd3cc8a30b5c45c2995b27daf66fcf95280a4f5feaa46e559da464c75be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7616632f-cfb4-4f45-819d-1970213c1ca5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9669
x-amzn-requestid: d57517dd-07b7-4477-996d-5cb159f1e608
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: euIvoHVNIAMFVWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c254ca-2737608463cd6cd160497e42;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 07:07:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w_aXsjLBlAVhp2gaN0IYMYUAFz52XLPOt1B1lDYvm1JFPPrZn7YcjQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 20:30:03 GMT
age: 39144
etag: "3457882213a7c2d2ec863d75cf629ae4fe320092"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
images8.webydo.com/96/9610060/3958%2f48385EDB-3576-0B4F-43F0-17841015B0B1.png
172.66.43.85200 OK 58 kB URL HTTP/1.1 images8.webydo.com/96/9610060/3958%2f48385EDB-3576-0B4F-43F0-17841015B0B1.png
IP 172.66.43.85:0
File type PNG image data, 2784 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash 521e512c82f46f049d1bdbc32d9f267b
dc009d1eecc100f5fab4fe49fd780bc6cd68a8a6
cd771bd559df9ba8263332fd12251fea22682e7d7c85d8cad5df7370190032ec
GET /96/9610060/3958%2f48385EDB-3576-0B4F-43F0-17841015B0B1.png HTTP/1.1
Host: images8.webydo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://site9610060.92.webydo.com/
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 07:22:28 GMT
Content-Type: image/png
Content-Length: 58022
Connection: keep-alive
CF-Ray: 78ce4c807bd9b521-OSL
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0
ETag: "521e512c82f46f049d1bdbc32d9f267b"
Expires: Sat, 21 Jan 2023 07:22:27 GMT
Last-Modified: Sat, 31 Dec 2022 15:26:15 GMT
CF-Cache-Status: BYPASS
access-control-expose-headers: Content-Type
alt-svc: h2=":443"; ma=60
x-goog-generation: 1672500375924957
x-goog-hash: crc32c=gdBwNg==, md5=Uh5RLIL0bwSdG9vDLZ8mew==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 58022
x-guploader-uploadid: ADPycdu9b_XMAlJWBiCqV1cR0WHFqbCbDH5wI7KzgQMwKBh8V3-FmuhMb6yxNxQlBUiZEUEH6-j5W6gIufv9N8k0xAwgJg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGxhjlCc7ynp4vtW8M9LjTXdWIrbCpCs4JZmrYBai9MH7fzutCwY3nEr49mXnUmeKkCLwrZVICpLdFyVBiqiUrAxO1f6hR%2Fgux6Rb2ep5u%2BcwZLCpU%2FrHw360j9j3dRjx0uBhw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
images8.webydo.com/96/9610060/3958/12B0235E-0DB6-DB74-5678-0EEF8E96B72B.png
172.66.43.85200 OK 1.6 kB URL HTTP/1.1 images8.webydo.com/96/9610060/3958/12B0235E-0DB6-DB74-5678-0EEF8E96B72B.png
IP 172.66.43.85:0
File type PNG image data, 233 x 232, 8-bit/color RGBA, non-interlaced\012- data
Hash 4de2de9d1691f4ddb684e8b8df6b1029
f4d4aad0a3cef80b11ac0eddcf25dd3bbcb8e5d4
1ea360e8a0569c5b045eee461e2170c397457c0266e3cb56d096aaf0f0b9eca5
GET /96/9610060/3958/12B0235E-0DB6-DB74-5678-0EEF8E96B72B.png HTTP/1.1
Host: images8.webydo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://site9610060.92.webydo.com/
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 07:22:28 GMT
Content-Type: image/png
Content-Length: 1597
Connection: keep-alive
CF-Ray: 78ce4c8348930b51-OSL
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0
ETag: "4de2de9d1691f4ddb684e8b8df6b1029"
Expires: Sat, 21 Jan 2023 07:22:28 GMT
Last-Modified: Sat, 31 Dec 2022 17:03:13 GMT
CF-Cache-Status: BYPASS
access-control-expose-headers: Content-Type
alt-svc: h2=":443"; ma=60
x-goog-generation: 1672506193633713
x-goog-hash: crc32c=Y2df1Q==, md5=TeLenRaR9N22hOi432sQKQ==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1597
x-guploader-uploadid: ADPycdv13jHZeYdX6cs5iHf7G4QyZjNe839K8ODoE75GCdN5ZJgl_SX16Vbah_y63EHEyhCOiuhK74x2PKthYQdJRY--p_w3ILiJ
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xP%2FgYfswRUqtesFauJjHbrsCpPifpba2cSd03YJXHttEhIp6DbTnzzuXRQLWzpir4MiFOMJ0HQJ2aD8O%2Fsjz0CxBDjYySfYK%2F7p0G%2BlFCtrypdp2aT%2BiM1%2F81s%2FuUzrPCbEDGg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
fonts-static.webydo.com/s/lato/v23/S6u9w4BMUTPHh7USSwaPHA.ttf
172.66.43.85200 OK 36 kB URL HTTP/2 fonts-static.webydo.com/s/lato/v23/S6u9w4BMUTPHh7USSwaPHA.ttf
IP 172.66.43.85:0
File type TrueType Font data, 18 tables, 1st "GPOS", 8 names, Microsoft, language 0x409\012- data
Hash 84ffd4ee811b14ea00f87568001513bc
b8de1934a467c919d4557a48866271ad735479e9
64882c8b7bdadaafa7bacdedc2fc7eb4a13a53d839c4691f2a94105a69afb6eb
GET /s/lato/v23/S6u9w4BMUTPHh7USSwaPHA.ttf HTTP/1.1
Host: fonts-static.webydo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://site9610060.92.webydo.com
Connection: keep-alive
Referer: https://fonts-api.webydo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:22:28 GMT
content-type: font/ttf
content-length: 36032
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0
expires: Fri, 29 Dec 2023 20:32:56 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 16:42:51 GMT
via: 1.1 google
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 78ce4c80eb1f1c06-OSL
X-Firefox-Spdy: h2
images8.webydo.com/96/9610060/3958%2f5F88DD9C-53F4-A454-C454-0ECFCB4A0733.png_1024
172.66.43.85200 OK 51 kB URL HTTP/1.1 images8.webydo.com/96/9610060/3958%2f5F88DD9C-53F4-A454-C454-0ECFCB4A0733.png_1024
IP 172.66.43.85:0
File type PNG image data, 1462 x 232, 8-bit/color RGBA, non-interlaced\012- data
Hash ddadf967aba526ea1be92dc839045f9c
de54374504b6a66629742c611ad7944cf2e257c6
ef65befc70094f699c2e8e4ef3042bb68be0afb4db726925995f335e5b617c21
GET /96/9610060/3958%2f5F88DD9C-53F4-A454-C454-0ECFCB4A0733.png_1024 HTTP/1.1
Host: images8.webydo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://site9610060.92.webydo.com/
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 07:22:28 GMT
Content-Type: image/png
Content-Length: 50730
Connection: keep-alive
CF-Ray: 78ce4c807cf60b65-OSL
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0
ETag: "ddadf967aba526ea1be92dc839045f9c"
Expires: Sat, 21 Jan 2023 07:22:28 GMT
Last-Modified: Sat, 31 Dec 2022 14:40:34 GMT
CF-Cache-Status: BYPASS
access-control-expose-headers: Content-Type
alt-svc: h2=":443"; ma=60
x-goog-generation: 1672497634016257
x-goog-hash: crc32c=unNB1w==, md5=3a35Z6ulJuob6S3IOQRfnA==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 50730
x-guploader-uploadid: ADPycdtSNThGy16mz2LWufw1cR4DVWsn1wHfNIx_5ZdJBVFolt27oMcJOHaOzukgk7UrDT8F5G15BrEPjou74HKpFWvbZxH22B9v
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fH5GwVYPty5utUaY3q42iA9MupF9vDxxi%2FY%2B21vNIcxq5%2FJPS8mQ0Y5eJvRVU%2FavyJiwAp3%2BlBeWn%2BJfqp6R1QnhijPxoqGLmfVemUzPNfXawTT5wyEzdhy7Be8BY9b8deWNxw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
images8.webydo.com/96/9610060/3958%2f10C027DB-8660-83E1-7480-E2FC1B8EC977.png
172.66.43.85200 OK 58 kB URL HTTP/1.1 images8.webydo.com/96/9610060/3958%2f10C027DB-8660-83E1-7480-E2FC1B8EC977.png
IP 172.66.43.85:0
File type PNG image data, 2788 x 220, 8-bit/color RGBA, non-interlaced\012- data
Hash 38156e0dca5d827e62023cdb2a741a12
6cb5ebe648b19406b93513ef3c62a4efc80b8d4b
669ca10da309273ae4679424a1e467adb416d53d670c1edd438036cf173fcaa9
GET /96/9610060/3958%2f10C027DB-8660-83E1-7480-E2FC1B8EC977.png HTTP/1.1
Host: images8.webydo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://site9610060.92.webydo.com/
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 07:22:28 GMT
Content-Type: image/png
Content-Length: 57612
Connection: keep-alive
CF-Ray: 78ce4c807828b4f3-OSL
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0
ETag: "38156e0dca5d827e62023cdb2a741a12"
Expires: Sat, 21 Jan 2023 07:22:28 GMT
Last-Modified: Sat, 31 Dec 2022 14:26:39 GMT
CF-Cache-Status: BYPASS
access-control-expose-headers: Content-Type
alt-svc: h2=":443"; ma=60
x-goog-generation: 1672496799184950
x-goog-hash: crc32c=80T8ew==, md5=OBVuDcpdgn5iAjzbKnQaEg==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 57612
x-guploader-uploadid: ADPycdtbbGyjFU2VEx7u8CrElE1myGfdVJGklTXXn7wsualVyfiE4k8e4xnZnzkho6fcNVaL55sWyGN8I-s9C-GDLBYzRI12FCC6
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2Bl6xsBGT%2BX9egMZaHAIpISkckn%2FOXREFIG1zlJEIfbKkd9VOikaJp%2FlXd0skf%2BFTChDR2NunRXtWWOhpiwsdXVpiqfJ%2FJtWzsHPq14Pp4%2B3b%2BvhsSuPFp3kLyjS1sDapUa%2B7A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
fonts-api.webydo.com/css?family=Oswald:300,400,700&subset=latin,cyrillic-ext,greek-ext,greek,latin-ext,hebrew,cyrillic
172.66.40.171200 OK 0 B URL HTTP/2 fonts-api.webydo.com/css?family=Oswald:300,400,700&subset=latin,cyrillic-ext,greek-ext,greek,latin-ext,hebrew,cyrillic
IP 172.66.40.171:0
GET /css?family=Oswald:300,400,700&subset=latin,cyrillic-ext,greek-ext,greek,latin-ext,hebrew,cyrillic HTTP/1.1
Host: fonts-api.webydo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://site9610060.92.webydo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:22:27 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
set-cookie: REDIRECTOR=dr1; path=/
cache-control: private
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8keXVsQz2QA%2BbqcDrwYnZ8k15ZY%2BbeCbMQg8S24QxPziNLlY4IY%2FEQ0M0wFjwbc4wBqXmmMNlsrWIAaLDo8odkNnrCKsBKLJomoKsFHTRYIRMFZzqFGLNnApW3N48GvaGa1fjSHT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce4c7f1886b515-OSL
X-Firefox-Spdy: h2
fonts-api.webydo.com/css?family=Lato:100,100italic,300,300italic,400,italic,700,700italic,900,900italic&subset=latin,cyrillic-ext,greek-ext,greek,latin-ext,hebrew,cyrillic
172.66.40.171200 OK 0 B URL HTTP/2 fonts-api.webydo.com/css?family=Lato:100,100italic,300,300italic,400,italic,700,700italic,900,900italic&subset=latin,cyrillic-ext,greek-ext,greek,latin-ext,hebrew,cyrillic
IP 172.66.40.171:0
GET /css?family=Lato:100,100italic,300,300italic,400,italic,700,700italic,900,900italic&subset=latin,cyrillic-ext,greek-ext,greek,latin-ext,hebrew,cyrillic HTTP/1.1
Host: fonts-api.webydo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://site9610060.92.webydo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 07:22:27 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
set-cookie: REDIRECTOR=dr1; path=/
cache-control: private
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEFOgLlbiXXG2bWMmU1I4GaIOmwB1bb%2BC8oGJCvfBxaRz6%2BLO%2BRkHTXvi3Tbvbi5aZNxgstZ%2F8NliIr7NMmoxKaNtq4HsxM8TZVhhUpk8%2BYZHDmhO7jmjh5SonIeFQitmq24fPOS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ce4c7f68b0b515-OSL
X-Firefox-Spdy: h2