ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 309
Cache-Control: max-age=97480
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 06:31:31 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 09:36:11 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8db408c487f7d35bba323046736e8d3a
01b91e2dce7c6d3de9adfe6ff4d38f9b24ab7db0
9aeafc72c1a969243e1fc96f68ce18888034a749ee70582208bf814bd40b61a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AEAFC72C1A969243E1FC96F68CE18888034A749EE70582208BF814BD40B61A5"
Last-Modified: Tue, 25 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13241
Expires: Thu, 27 Oct 2022 10:12:12 GMT
Date: Thu, 27 Oct 2022 06:31:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZWP+ypgyVxfD4deTMWWQhYITr+E3XIT0/URykNILqHSzzcQovyyHB1l20bpNiPOQ18ChHKobLIUncTkJ4ZsCvQ==
x-amz-request-id: TBF4HNDMVDYZA7EQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 05:39:29 GMT
age: 3122
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e36c852b5e145f2f09fe73111fb162e1
e439c6a462f86a3003d6464a8b9999b1c4d1e210
52a721168d0c41cb0854ff8c730fce3b79db2e804b383238e95ff1401922bd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2190
Expires: Thu, 27 Oct 2022 07:08:01 GMT
Date: Thu, 27 Oct 2022 06:31:31 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 06:31:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
goldfieldssanddrags.com.au/
110.173.224.245200 OK 8.3 kB URL HTTP/1.1 goldfieldssanddrags.com.au/
IP 110.173.224.245:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3945), with CRLF, LF line terminators
Hash 5ea7df24cfcfb2d27b82dc0944a7edc4
698c611a7eee63dff000617e18ff55babea5ca4a
93e4ea6423176e995eb464dd1f7d9cdd277591a7efd68e5e3562b3699518a0a7
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: goldfieldssanddrags.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Thu, 27 Oct 2022 06:31:31 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
set-cookie: PHPSESSID=r6bmgmg4b74iv4ugk6pcno3tj4; path=/
x-mod-pagespeed: 1.13.35.2-0
vary: Accept-Encoding
content-encoding: gzip
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0, no-cache
content-length: 8298
content-type: text/html; charset=utf-8
fonts.googleapis.com/css?family=Pathway+Gothic+One
142.250.74.10200 OK 361 B URL HTTP/1.1 fonts.googleapis.com/css?family=Pathway+Gothic+One
IP 142.250.74.10:0
Hash e760d6eb1dfa919b9f32c3c55ed931cc
cc4b70d3b145917f68ce3c62356edb12792e7894
cd2bc83cddbf99a1ec30bd7210b82f4307895179ff0bac86e5e1ad77361c533a
GET /css?family=Pathway+Gothic+One HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldfieldssanddrags.com.au/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 27 Oct 2022 06:31:31 GMT
Date: Thu, 27 Oct 2022 06:31:31 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dd283dfc036535bdeb8a8be1310ef930
d3b1c300dd75d7af630e0f3112e49d7492d66c17
578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3508
Cache-Control: max-age=95624
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 06:31:31 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 09:05:15 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
goldfieldssanddrags.com.au/A.Includes,,_stylesheet.css+shadowbox-3.0.3,,_shadowbox.css,Mcc.SWYPQG3nit.css.pagespeed.cf.ATtb0mcWzB.css
110.173.224.245200 OK 2.7 kB URL HTTP/1.1 goldfieldssanddrags.com.au/A.Includes,,_stylesheet.css+shadowbox-3.0.3,,_shadowbox.css,Mcc.SWYPQG3nit.css.pagespeed.cf.ATtb0mcWzB.css
IP 110.173.224.245:0
File type ASCII text, with very long lines (6995), with no line terminators
Hash 44e954acbe0f75767d159e1e38189d1a
e5aa1faaa07e028fec8731ad73b9386fa56beeee
f5d64048d370ab49aee19db7912c5d0686216c04d5e3efce86c0389555c9c24d
GET /A.Includes,,_stylesheet.css+shadowbox-3.0.3,,_shadowbox.css,Mcc.SWYPQG3nit.css.pagespeed.cf.ATtb0mcWzB.css HTTP/1.1
Host: goldfieldssanddrags.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldfieldssanddrags.com.au/
Cookie: PHPSESSID=r6bmgmg4b74iv4ugk6pcno3tj4
HTTP/1.1 200 OK
date: Thu, 27 Oct 2022 06:31:31 GMT
server: Apache
accept-ranges: bytes
expires: Fri, 27 Oct 2023 06:31:31 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Thu, 27 Oct 2022 06:31:31 GMT
x-original-content-length: 5910
vary: Accept-Encoding
content-encoding: gzip
content-length: 2692
content-type: text/css
push.services.mozilla.com/
52.27.12.161101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.27.12.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: P9NGTA3L9O8dQ3BJRmdHFw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jcZEOh2gfeVSo92vDooZzQLuOvw=
goldfieldssanddrags.com.au/ckfinder/ckfinder.js
110.173.224.245200 OK 80 kB URL HTTP/1.1 goldfieldssanddrags.com.au/ckfinder/ckfinder.js
IP 110.173.224.245:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (48808), with CRLF line terminators
Hash 5c470dc3f3e96eb026877e1066fbe873
7ff8ec7da49367835195e88535e487e355f88d1e
d5171922355dbb0817d0e3d6d911f251e1cca857eadc0d567ea30a05823019ce
Analyzer Verdict Alert fortinet Phishing
GET /ckfinder/ckfinder.js HTTP/1.1
Host: goldfieldssanddrags.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldfieldssanddrags.com.au/
Cookie: PHPSESSID=r6bmgmg4b74iv4ugk6pcno3tj4
HTTP/1.1 200 OK
date: Thu, 27 Oct 2022 06:31:31 GMT
server: Apache
last-modified: Thu, 16 Jun 2016 07:39:13 GMT
etag: "3e961-5356055a1173c-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
transfer-encoding: chunked
content-type: application/javascript
goldfieldssanddrags.com.au/shadowbox-3.0.3/shadowbox.js
110.173.224.245200 OK 20 kB URL HTTP/1.1 goldfieldssanddrags.com.au/shadowbox-3.0.3/shadowbox.js
IP 110.173.224.245:0
File type ASCII text, with very long lines (28615), with CRLF line terminators
Hash 54c6dc6bbbc9feefcc632661401fcf4f
169dd11c9f34c0cdc5fedda142a1710822e3bf2c
36f4175288f2f01bd41d211e1ce6e37d1d90f2ef4e73cffa0f28e01426d1878f
Analyzer Verdict Alert fortinet Phishing
GET /shadowbox-3.0.3/shadowbox.js HTTP/1.1
Host: goldfieldssanddrags.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldfieldssanddrags.com.au/
Cookie: PHPSESSID=r6bmgmg4b74iv4ugk6pcno3tj4
HTTP/1.1 200 OK
date: Thu, 27 Oct 2022 06:31:32 GMT
server: Apache
last-modified: Wed, 27 Apr 2016 05:04:52 GMT
etag: "101e8-5317059976890-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 19517
content-type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 262ee317a7d41424cef3f541f6e538d3
1c298c901f93a95e99bdc63259f415ab84a13783
c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13342
Expires: Thu, 27 Oct 2022 10:13:54 GMT
Date: Thu, 27 Oct 2022 06:31:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2013af8a-e057-44cd-8dca-381e200609e6.jpeg
34.120.237.76200 OK 18 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2013af8a-e057-44cd-8dca-381e200609e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed4462f023dbabb596a2e3b521425ca1
61b82445b422a5f917bb10640beb6d73eb0e62c3
a02af2897331acc123bf7d54b30929e3bc062a0875b5dea95302ddf60d808ded
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2013af8a-e057-44cd-8dca-381e200609e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 18182
x-amzn-requestid: f1232b1f-32ac-4820-b186-b3bfb928c0b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aYvSKFF4oAMF2Wg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63535f40-0b9bc4d27b7534176cc278ed;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 03:10:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -iSQAX4xEu0e3ym9ovX4jXaBbE6JVQyqZQOI4vNg_uEOO2hFafgl4A==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 07:50:45 GMT
age: 81648
etag: "61b82445b422a5f917bb10640beb6d73eb0e62c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9247b163-9d83-4148-9c1f-890b5e2b0a45.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9247b163-9d83-4148-9c1f-890b5e2b0a45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bd4d7051e9d8525d8ed7d5249b24068d
cbad9147991b1a1b27088f90fe7078d1056a9633
4701cc21f58c8ac8b8ad78a34973b3ade538255868afbf59be40e7f1365bcc20
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9247b163-9d83-4148-9c1f-890b5e2b0a45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7542
x-amzn-requestid: 95e8df21-80b6-400a-bcd5-41efdab9cc57
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocwLH0lIAMFT2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a800-3300914f11c46b9902b30fe4;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:56 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Yfx_KpfPPFKISGbuSM0g1eg1VVnevA0t39NFemmMxeTSiiimsMlDkA==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:57:10 GMT
age: 30863
etag: "cbad9147991b1a1b27088f90fe7078d1056a9633"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8240214ef7bc82b09de023cde217beb9
0f432e521fc4392f528042c711139dc0becc5598
2d5f1a426441536086c8278651808dc6e3e819ec18b48048520a4dedbc8a08ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6806
x-amzn-requestid: bdf4f489-b474-4143-881f-521ad5dee74b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocwUGb9oAMFRGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a801-2a1e822f6b1dd3304c8f0527;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: oxLrpXYZuUBO5qEKrFYAkh3lx2ZE7Jph8tcq0b4dWIHxUODXP3FDDQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:52:49 GMT
etag: "0f432e521fc4392f528042c711139dc0becc5598"
content-type: image/jpeg
age: 31124
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabc32527-e3a5-4250-9792-7b6bceea4bac.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabc32527-e3a5-4250-9792-7b6bceea4bac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e307787eef6193fe4988367feb5e07d9
f50d8270aeb43fb15457d961f925cf2b38060240
d69ba1c958614a831462b81a046bb6a59e353db0b63d23b060b84df124057452
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabc32527-e3a5-4250-9792-7b6bceea4bac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9256
x-amzn-requestid: 25249b1e-6ef4-432c-b370-a645259c0727
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aoeDVHAyIAMFo9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359aa15-73f252de0cc8d8246183f658;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:43:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YEDioWdLIYVSdc9xH-DHZtrdqy49XJmzCgvD0saNYaIO27qaUVnMJQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 22:21:24 GMT
age: 29409
etag: "f50d8270aeb43fb15457d961f925cf2b38060240"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd980e84d-7557-46f4-86fa-a1750bc0556c.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd980e84d-7557-46f4-86fa-a1750bc0556c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 67c7146ff56c9463c0b083309a978ea0
707b7879deeb50d13d83aafc7293995e937024a7
b7165804db9a86623445ee8dce01ac6cbbf65cc7f99b60089ca4382a230b093e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd980e84d-7557-46f4-86fa-a1750bc0556c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4328
x-amzn-requestid: 0d4e3cd2-261d-48ca-9eaa-e8781bba8208
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocvjFZtIAMFWlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7fc-78d12691124af7052d77f5be;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zhIR7YHR6tsp4mlWUeYqCk2QjLPiE_uyUwpSptMBqCjjtJQE6Fb5cw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:50:42 GMT
age: 31251
etag: "707b7879deeb50d13d83aafc7293995e937024a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F468f05a4-ac72-4a66-8993-53a827bffd49.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F468f05a4-ac72-4a66-8993-53a827bffd49.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 134b31ca1a6cb74ab6f6c21e27114883
bb13bb4f8876e00be7fb70e0b4f6cd52d0165458
539ee95d515835ade79c63a5c85c138678019563ac0e2f86bcfd7fcc0dc9dce2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F468f05a4-ac72-4a66-8993-53a827bffd49.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7436
x-amzn-requestid: 58eb8ffe-f4e6-40f0-a5b0-8c5cb3d32b21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apWAYGh4IAMF0Yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a039b-742161244dced54246938f0d;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 04:05:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KVQ_mvfxGRPLkqBXDjCksjKai7YkIRYvhoRxXJ31A38fDNyJaBl1Wg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 04:08:06 GMT
age: 8607
etag: "bb13bb4f8876e00be7fb70e0b4f6cd52d0165458"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
goldfieldssanddrags.com.au/ckeditor/ckeditor.js
110.173.224.245200 OK 117 kB URL HTTP/1.1 goldfieldssanddrags.com.au/ckeditor/ckeditor.js
IP 110.173.224.245:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (3176), with CRLF line terminators
Size 117 kB (116816 bytes)
Hash 59eb2bb2eba7e1c91ec05d510e728d46
cd285c7e6f4ee6906a0a19cf920701d5d3dab9ba
09fc5f24be81fff6780782b1bb725757dd3c8ddccaef29a707f75194a688a780
Analyzer Verdict Alert fortinet Phishing
GET /ckeditor/ckeditor.js HTTP/1.1
Host: goldfieldssanddrags.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldfieldssanddrags.com.au/
Cookie: PHPSESSID=r6bmgmg4b74iv4ugk6pcno3tj4
HTTP/1.1 200 OK
date: Thu, 27 Oct 2022 06:31:31 GMT
server: Apache
last-modified: Thu, 16 Jun 2016 07:41:31 GMT
etag: "599ad-535605ddbffe5-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
transfer-encoding: chunked
content-type: application/javascript
fonts.gstatic.com/s/pathwaygothicone/v14/MwQrbgD32-KAvjkYGNUUxAtW7pEBwx-tS1Zf.woff2
216.58.207.195200 OK 7.7 kB URL HTTP/1.1 fonts.gstatic.com/s/pathwaygothicone/v14/MwQrbgD32-KAvjkYGNUUxAtW7pEBwx-tS1Zf.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7664, version 1.0\012- data
Hash ddb86a7e867f626554dab8539dcc5a3f
063a49f80334a98eed3aa66c60700f83feae7e4f
96bf4d70d0fcf69ce33ed735e720a716dab9a1232995a24882ec242323db467b
GET /s/pathwaygothicone/v14/MwQrbgD32-KAvjkYGNUUxAtW7pEBwx-tS1Zf.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://goldfieldssanddrags.com.au
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7664
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 20 Oct 2022 13:20:28 GMT
Expires: Fri, 20 Oct 2023 13:20:28 GMT
Cache-Control: public, max-age=31536000
Age: 580265
Last-Modified: Mon, 09 May 2022 18:44:31 GMT
Content-Type: font/woff2
goldfieldssanddrags.com.au/Images/xradiowest,P20logo.jpg.pagespeed.ic.9bv8uz-3qo.webp
110.173.224.245200 OK 3.1 kB URL HTTP/1.1 goldfieldssanddrags.com.au/Images/xradiowest,P20logo.jpg.pagespeed.ic.9bv8uz-3qo.webp
IP 110.173.224.245:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 198x67, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f5bbfcbb3fb7aa8277d01086e1294712
69657ce1f1c8a2bb0919efe2700d24cdcb92afa2
76f13b0ff776e151f56ccd3a8f1a346c26dc6cadaaaeab0dff677bb16e05638c
Analyzer Verdict Alert fortinet Phishing
GET /Images/xradiowest,P20logo.jpg.pagespeed.ic.9bv8uz-3qo.webp HTTP/1.1
Host: goldfieldssanddrags.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldfieldssanddrags.com.au/
Cookie: PHPSESSID=r6bmgmg4b74iv4ugk6pcno3tj4
HTTP/1.1 200 OK
date: Thu, 27 Oct 2022 06:31:33 GMT
server: Apache
link: <http://goldfieldssanddrags.com.au/Images/radiowest%20logo.jpg>; rel="canonical"
accept-ranges: bytes
expires: Fri, 27 Oct 2023 06:31:10 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Thu, 27 Oct 2022 06:31:10 GMT
x-original-content-length: 38129
content-length: 3094
content-type: image/webp
goldfieldssanddrags.com.au/Images/xdms,P20logo.jpg.pagespeed.ic.IAlIPl_2qD.webp
110.173.224.245200 OK 2.8 kB URL HTTP/1.1 goldfieldssanddrags.com.au/Images/xdms,P20logo.jpg.pagespeed.ic.IAlIPl_2qD.webp
IP 110.173.224.245:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 192x79, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2009483e5ff6a839805988138d6b821e
4bdd6ded393cc50a23ae55d3af6c98be45399b1e
a70c8e49eb18750ad6614f906e24459110a56dacecb2cfefcd5e7ad5fd3e2e23
Analyzer Verdict Alert fortinet Phishing
GET /Images/xdms,P20logo.jpg.pagespeed.ic.IAlIPl_2qD.webp HTTP/1.1
Host: goldfieldssanddrags.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldfieldssanddrags.com.au/
Cookie: PHPSESSID=r6bmgmg4b74iv4ugk6pcno3tj4
HTTP/1.1 200 OK
date: Thu, 27 Oct 2022 06:31:33 GMT
server: Apache
link: <http://goldfieldssanddrags.com.au/Images/dms%20logo.jpg>; rel="canonical"
accept-ranges: bytes
expires: Fri, 27 Oct 2023 06:31:10 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Thu, 27 Oct 2022 06:31:10 GMT
x-original-content-length: 32420
content-length: 2838
content-type: image/webp
goldfieldssanddrags.com.au/Images/xhot,P20fm,P20logo.jpg.pagespeed.ic.kvkt1L2fFh.webp
110.173.224.245200 OK 2.9 kB URL HTTP/1.1 goldfieldssanddrags.com.au/Images/xhot,P20fm,P20logo.jpg.pagespeed.ic.kvkt1L2fFh.webp
IP 110.173.224.245:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 194x71, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 92f92dd4bd9f1612eb764b37b40a1835
b4df1494f57024ec9cc25e861acbba4a6825871b
6e44afde512cfe4c2a187947585bd72abcc0c0f3549c323eaf29359310ea6d47
Analyzer Verdict Alert fortinet Phishing
GET /Images/xhot,P20fm,P20logo.jpg.pagespeed.ic.kvkt1L2fFh.webp HTTP/1.1
Host: goldfieldssanddrags.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldfieldssanddrags.com.au/
Cookie: PHPSESSID=r6bmgmg4b74iv4ugk6pcno3tj4
HTTP/1.1 200 OK
date: Thu, 27 Oct 2022 06:31:33 GMT
server: Apache
link: <http://goldfieldssanddrags.com.au/Images/hot%20fm%20logo.jpg>; rel="canonical"
accept-ranges: bytes
expires: Fri, 27 Oct 2023 06:31:10 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Thu, 27 Oct 2022 06:31:10 GMT
x-original-content-length: 26748
content-length: 2884
content-type: image/webp
goldfieldssanddrags.com.au/ckfinder/userfiles/images/400x261xF03241B0-FF91-4EBC-AF0F-499097C444E2.jpeg.pagespeed.ic.vCUw671qKb.webp
110.173.224.245200 OK 32 kB URL HTTP/1.1 goldfieldssanddrags.com.au/ckfinder/userfiles/images/400x261xF03241B0-FF91-4EBC-AF0F-499097C444E2.jpeg.pagespeed.ic.vCUw671qKb.webp
IP 110.173.224.245:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x261, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bc2530ebbd6a29b3dd21e3a6be2f42f8
e26027e277bcf744c5a7d11ce050aa43db94d3a9
d0584645ad2b64dcba5085b072494ea3f97dd1e62530b3865f41068113ba6d06
Analyzer Verdict Alert fortinet Phishing
GET /ckfinder/userfiles/images/400x261xF03241B0-FF91-4EBC-AF0F-499097C444E2.jpeg.pagespeed.ic.vCUw671qKb.webp HTTP/1.1
Host: goldfieldssanddrags.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldfieldssanddrags.com.au/
Cookie: PHPSESSID=r6bmgmg4b74iv4ugk6pcno3tj4
HTTP/1.1 200 OK
date: Thu, 27 Oct 2022 06:31:33 GMT
server: Apache
link: <http://goldfieldssanddrags.com.au/ckfinder/userfiles/images/F03241B0-FF91-4EBC-AF0F-499097C444E2.jpeg>; rel="canonical"
accept-ranges: bytes
expires: Fri, 27 Oct 2023 06:31:10 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Thu, 27 Oct 2022 06:31:10 GMT
x-original-content-length: 456231
content-length: 31714
content-type: image/webp
goldfieldssanddrags.com.au/Images/xmainbox,P20bottom.png.pagespeed.ic.7JVkZnLsni.png
110.173.224.245200 OK 9.3 kB URL HTTP/1.1 goldfieldssanddrags.com.au/Images/xmainbox,P20bottom.png.pagespeed.ic.7JVkZnLsni.png
IP 110.173.224.245:0
File type PNG image data, 1130 x 63, 8-bit/color RGBA, non-interlaced\012- data
Hash ec95646672ec9e2d9b364411de270b4c
0fcf06142fbc57f3510a130cc994e743be5f31d2
3adb5872e82047cd88871be028775015a6b9854c1cc3c3e10c9c7617ebf9b33b
GET /Images/xmainbox,P20bottom.png.pagespeed.ic.7JVkZnLsni.png HTTP/1.1
Host: goldfieldssanddrags.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldfieldssanddrags.com.au/A.Includes,,_stylesheet.css+shadowbox-3.0.3,,_shadowbox.css,Mcc.SWYPQG3nit.css.pagespeed.cf.ATtb0mcWzB.css
Cookie: PHPSESSID=r6bmgmg4b74iv4ugk6pcno3tj4
HTTP/1.1 200 OK
date: Thu, 27 Oct 2022 06:31:33 GMT
server: Apache
link: <http://goldfieldssanddrags.com.au/Images/mainbox%20bottom.png>; rel="canonical"
accept-ranges: bytes
expires: Fri, 27 Oct 2023 06:31:10 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Thu, 27 Oct 2022 06:31:10 GMT
x-original-content-length: 12189
content-length: 9321
content-type: image/png
goldfieldssanddrags.com.au/Images/xdirt,P20bg.png.pagespeed.ic.jY9QS0z_Kj.png
110.173.224.245200 OK 347 kB URL HTTP/1.1 goldfieldssanddrags.com.au/Images/xdirt,P20bg.png.pagespeed.ic.jY9QS0z_Kj.png
IP 110.173.224.245:0
File type PNG image data, 524 x 321, 8-bit/color RGBA, non-interlaced\012- data
Size 347 kB (347188 bytes)
Hash 8d8f504b4cff2a38c53941ba95082453
b53571599cbf92a0702f2e8b9e238f5d8d3f595c
6f2203a133f5ea8becdabfe090d94b29e1f51d2f29bf814ec4091bee8ab5978d
GET /Images/xdirt,P20bg.png.pagespeed.ic.jY9QS0z_Kj.png HTTP/1.1
Host: goldfieldssanddrags.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldfieldssanddrags.com.au/A.Includes,,_stylesheet.css+shadowbox-3.0.3,,_shadowbox.css,Mcc.SWYPQG3nit.css.pagespeed.cf.ATtb0mcWzB.css
Cookie: PHPSESSID=r6bmgmg4b74iv4ugk6pcno3tj4
HTTP/1.1 200 OK
date: Thu, 27 Oct 2022 06:31:33 GMT
server: Apache
link: <http://goldfieldssanddrags.com.au/Images/dirt%20bg.png>; rel="canonical"
accept-ranges: bytes
expires: Fri, 27 Oct 2023 06:31:10 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Thu, 27 Oct 2022 06:31:10 GMT
x-original-content-length: 358709
content-length: 347188
content-type: image/png
goldfieldssanddrags.com.au/Images/xGSDA-banner20152.png.pagespeed.ic.yyg8CorZnJ.png
110.173.224.245200 OK 40 kB URL HTTP/1.1 goldfieldssanddrags.com.au/Images/xGSDA-banner20152.png.pagespeed.ic.yyg8CorZnJ.png
IP 110.173.224.245:0
File type PNG image data, 1115 x 230, 8-bit/color RGBA, non-interlaced\012- data
Hash cb283c0a8ad99c9e35e897ba5cc16ab5
698a9f885c8a579b38e9b8323e7b8842f122e09a
a511450a7fcdd8368a9d72cec5433c9213e21063713f77cffb5f8b6ac18002f3
GET /Images/xGSDA-banner20152.png.pagespeed.ic.yyg8CorZnJ.png HTTP/1.1
Host: goldfieldssanddrags.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldfieldssanddrags.com.au/A.Includes,,_stylesheet.css+shadowbox-3.0.3,,_shadowbox.css,Mcc.SWYPQG3nit.css.pagespeed.cf.ATtb0mcWzB.css
Cookie: PHPSESSID=r6bmgmg4b74iv4ugk6pcno3tj4
HTTP/1.1 200 OK
date: Thu, 27 Oct 2022 06:31:33 GMT
server: Apache
link: <http://goldfieldssanddrags.com.au/Images/GSDA-banner20152.png>; rel="canonical"
accept-ranges: bytes
expires: Fri, 27 Oct 2023 06:31:10 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Thu, 27 Oct 2022 06:31:10 GMT
x-original-content-length: 59310
content-length: 39974
content-type: image/png
www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fgoldfieldssanddrags.kalgoorlie&width=230&height=35&colorscheme=light&layout=standard&action=like&show_faces=false&send=false&appId=165403476853610
31.13.72.36301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fgoldfieldssanddrags.kalgoorlie&width=230&height=35&colorscheme=light&layout=standard&action=like&show_faces=false&send=false&appId=165403476853610
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fgoldfieldssanddrags.kalgoorlie&width=230&height=35&colorscheme=light&layout=standard&action=like&show_faces=false&send=false&appId=165403476853610 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldfieldssanddrags.com.au/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fgoldfieldssanddrags.kalgoorlie&width=230&height=35&colorscheme=light&layout=standard&action=like&show_faces=false&send=false&appId=165403476853610
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 27 Oct 2022 06:31:34 GMT
Connection: keep-alive
Content-Length: 0
goldfieldssanddrags.com.au/Images/favicon.ico
110.173.224.245200 OK 33 kB URL HTTP/1.1 goldfieldssanddrags.com.au/Images/favicon.ico
IP 110.173.224.245:0
File type MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 44a2b17ccb4bc0274eaa14ae24f3ee1c
dba17e06fac1eb7b441569986ce91f27ae0f9acc
3a0c370215a753f8608cfb703dd4817ec3050c20ce77101217acd80caa8be1a8
GET /Images/favicon.ico HTTP/1.1
Host: goldfieldssanddrags.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goldfieldssanddrags.com.au/
Cookie: PHPSESSID=r6bmgmg4b74iv4ugk6pcno3tj4
HTTP/1.1 200 OK
date: Thu, 27 Oct 2022 06:31:34 GMT
server: Apache
last-modified: Wed, 27 Apr 2016 04:59:56 GMT
etag: "80dc-5317047f12601"
accept-ranges: bytes
content-length: 32988
content-type: image/vnd.microsoft.icon
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b3f691dd015f1e89124ff513ef96aef9
1f8bc004da03321868fa1218f6c21916a944b2a0
5c74f21a5e9897d6671a87e1100749c46eda882c5d49aae706841f5968c5adab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6575
Cache-Control: max-age=168911
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 06:31:34 GMT
Etag: "6359fce6-1d7"
Expires: Sat, 29 Oct 2022 05:26:45 GMT
Last-Modified: Thu, 27 Oct 2022 03:37:10 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fgoldfieldssanddrags.kalgoorlie&width=230&height=35&colorscheme=light&layout=standard&action=like&show_faces=false&send=false&appId=165403476853610
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fgoldfieldssanddrags.kalgoorlie&width=230&height=35&colorscheme=light&layout=standard&action=like&show_faces=false&send=false&appId=165403476853610
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fgoldfieldssanddrags.kalgoorlie&width=230&height=35&colorscheme=light&layout=standard&action=like&show_faces=false&send=false&appId=165403476853610 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://goldfieldssanddrags.com.au/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: Qw85dpJ8emEJDyq8tKT/NWkcEQ5qP6PPJzAOymPWxLBoohX67mSQHNdeDcVmd0feiWJeY0QQ8x/ZDaePA3DWpQ==
content-length: 0
date: Thu, 27 Oct 2022 06:31:34 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
goldfieldssanddrags.com.au/Includes/tiza-webfont.woff
110.173.224.245200 OK 358 kB URL HTTP/1.1 goldfieldssanddrags.com.au/Includes/tiza-webfont.woff
IP 110.173.224.245:0
File type Web Open Font Format, TrueType, length 358312, version 1.0\012- data
Size 358 kB (358312 bytes)
Hash b1ad49b3b7fc432925f0e62a73f6e9fb
f6c246004eb8ad6acb903fc65a6276cdb651c3e6
6b1c1054cf468901bc8eca2bdc8a19253c34c55cc2551f10d2b2ff684973066c
Analyzer Verdict Alert fortinet Phishing
GET /Includes/tiza-webfont.woff HTTP/1.1
Host: goldfieldssanddrags.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://goldfieldssanddrags.com.au/A.Includes,,_stylesheet.css+shadowbox-3.0.3,,_shadowbox.css,Mcc.SWYPQG3nit.css.pagespeed.cf.ATtb0mcWzB.css
Cookie: PHPSESSID=r6bmgmg4b74iv4ugk6pcno3tj4
HTTP/1.1 200 OK
date: Thu, 27 Oct 2022 06:31:33 GMT
server: Apache
last-modified: Wed, 27 Apr 2016 05:07:07 GMT
etag: "577a8-5317061a5b6b4"
accept-ranges: bytes
content-length: 358312
content-type: font/woff
goldfieldssanddrags.com.au/mod_pagespeed_beacon?url=http%3A%2F%2Fgoldfieldssanddrags.com.au%2F
110.173.224.245204 No Content 0 B URL HTTP/1.1 goldfieldssanddrags.com.au/mod_pagespeed_beacon?url=http%3A%2F%2Fgoldfieldssanddrags.com.au%2F
IP 110.173.224.245:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mod_pagespeed_beacon?url=http%3A%2F%2Fgoldfieldssanddrags.com.au%2F HTTP/1.1
Host: goldfieldssanddrags.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 61
Origin: http://goldfieldssanddrags.com.au
Connection: keep-alive
Referer: http://goldfieldssanddrags.com.au/
Cookie: PHPSESSID=r6bmgmg4b74iv4ugk6pcno3tj4
HTTP/1.1 204 No Content
date: Thu, 27 Oct 2022 06:31:35 GMT
server: Apache
cache-control: max-age=0, no-cache
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaba0c7d-aba9-4d63-b7af-fb5906364567.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaba0c7d-aba9-4d63-b7af-fb5906364567.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c546f97a46d3d5b4d0f14a25740e85f3
e33797cbaf946b0b87b61649de8f58d154d3142e
9f894b89727c98bc85db280efa60c126480cf54f3572816ecd0baaa3fc3939a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaba0c7d-aba9-4d63-b7af-fb5906364567.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9573
x-amzn-requestid: 090c9787-04c7-4a35-8a6d-bfed94af69c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aZRvNGrKIAMFnAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63539661-53eec558300f7d221d1c9f04;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 07:06:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: EMF1jGddgrObVwvtjVvZMowdi-nz4tW4Rp3cQ--HXT0V9Ss77JOuWQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 09:09:58 GMT
age: 76901
etag: "e33797cbaf946b0b87b61649de8f58d154d3142e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2