r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9623
Expires: Thu, 01 Dec 2022 08:43:51 GMT
Date: Thu, 01 Dec 2022 06:03:28 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 95
Cache-Control: max-age=102566
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:28 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 10:32:54 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 05:19:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2623
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2792
Expires: Thu, 01 Dec 2022 06:50:00 GMT
Date: Thu, 01 Dec 2022 06:03:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DaFk93/5ldit/oIlSNpkJGIFFohi5EDzqKGsQaWgYU+uw/I2CK+rapNiDImt0B+7ehU22mYQvbU=
x-amz-request-id: 1W8NBQ5NJWF2FHHW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 05:45:32 GMT
age: 1076
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 06:03:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
doremom.com/
198.54.120.243301 Moved Permanently 707 B IP 198.54.120.243:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 01 Dec 2022 06:03:28 GMT
server: LiteSpeed
location: https://doremom.com/
x-turbo-charged-by: LiteSpeed
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 05:11:15 GMT
cache-control: public,max-age=3600
age: 3133
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 86
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:28 GMT
Last-Modified: Thu, 01 Dec 2022 06:02:02 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.148.163101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.148.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UxJtKVgNkS7LWstCrtzjpw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JzxIS2SnS1RONXfycq+Rl3UnISU=
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash fb4d4c8089a9b575b06f1953c0ea0bd4
076864aaa1d4273cce78c8ee16186c2bb1c8f097
f852458556da080b9362cd6992940ea9669f012005766f5c0fd8013cccfc1fbc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 06:03:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 09:40:54 GMT
Expires: Mon, 05 Dec 2022 09:40:53 GMT
Etag: "076864aaa1d4273cce78c8ee16186c2bb1c8f097"
Cache-Control: max-age=358044,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77299eb15cfcb4ee-OSL
doremom.com/
198.54.120.243200 OK 27 kB IP 198.54.120.243:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9677)
Hash 796b35260bba4c0635b9b9eea0e85740
33b53c5fd0c1e6d567c3603103855f1c0815607f
32b2fc0bcb0fc3d486bebfa8a5982f3783a21ff98c13437618f3a017021cbc1c
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
link: <https://doremom.com/wp-json/>; rel="https://api.w.org/", <https://doremom.com/wp-json/wp/v2/pages/202>; rel="alternate"; type="application/json", <https://doremom.com/>; rel=shortlink
etag: "2111-1669788739;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 26675
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 594b1b87a4a9954588aa22833da6ab05
76af6e206a6d0fcd3a10337041994c7cad11465d
29d88f50b641cd0b5f095a5f03763e6ca2998b3017980ca5ba600267e0b5307a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3985
Cache-Control: max-age=117608
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:29 GMT
Etag: "63875c88-117"
Expires: Fri, 02 Dec 2022 14:43:37 GMT
Last-Modified: Wed, 30 Nov 2022 13:37:12 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1e86fab288811c9d0f09d4b2e0837f32
949b151a9415b82817f39ea09ae85d10c37c7895
41a7e90d2270c97d213dc6dba7eaea42b66d9659b097352cb93c659af32de008
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2141
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:29 GMT
Etag: "6387babe-117"
Last-Modified: Thu, 01 Dec 2022 05:27:48 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widgets.coingecko.com/coingecko-coin-ticker-widget.js
104.18.30.225200 OK 64 kB URL HTTP/2 widgets.coingecko.com/coingecko-coin-ticker-widget.js
IP 104.18.30.225:0
File type Unicode text, UTF-8 text, with very long lines (33474)
Hash fb31f692babc6054e1d6767a986870eb
b05aaa6bfa604a36b4db35844269434c331a4a05
06a4d65374e399f85d820ba54479da6655e768edef888608118c3b56e46c839e
GET /coingecko-coin-ticker-widget.js HTTP/1.1
Host: widgets.coingecko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 06:03:29 GMT
content-type: application/javascript
cf-ray: 77299eb63bccb505-OSL
age: 566976
cache-control: public, max-age=86400
etag: W/"3a76d026378b013c53cf89ee3b562db4"
expires: Fri, 02 Dec 2022 06:03:29 GMT
last-modified: Thu, 22 Sep 2022 06:46:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=213384
x-amz-id-2: GB+rhzNPbSnG9sRxor3YboKOFjXkvBIOxnPNBCI+/7Hcew91ox3HI0M9GIj/Iyy3/v35wSJTPOw=
x-amz-request-id: MDN62077FJTFCR62
x-amz-version-id: null
set-cookie: __cf_bm=n0zq0Kamo7K_SI6C49bX_nwRTwQKJsZg44PO.LIZEzg-1669874609-0-AWuJ88+jJX05y7VapH2a/0N+NA79oVevFKBUQ6n6irmTokfgnJVTDUg7riOALrIGA+CUM1AvuYnFq6suGju+fWI=; path=/; expires=Thu, 01-Dec-22 06:33:29 GMT; domain=.coingecko.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3Aregular%2C700%7CKhula%3Aregular%2C700%2Cregular%2C800%7CExo+2%3A700%7CRoboto%3Aregular%7CRoboto+Condensed%3A700&display=swap&ver=1.2.5
142.250.74.106200 OK 1.6 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3Aregular%2C700%7CKhula%3Aregular%2C700%2Cregular%2C800%7CExo+2%3A700%7CRoboto%3Aregular%7CRoboto+Condensed%3A700&display=swap&ver=1.2.5
IP 142.250.74.106:0
Hash f63e88f420ca54b6e3885b31b283f463
06ab52192f1d621ec2ed609ef56a1ca5ad615ae0
ed6c9a0f7241b884a899c243d1eca0a4d44ead505ef970b5c18806ced0795a3d
GET /css?family=Open+Sans%3Aregular%2C700%7CKhula%3Aregular%2C700%2Cregular%2C800%7CExo+2%3A700%7CRoboto%3Aregular%7CRoboto+Condensed%3A700&display=swap&ver=1.2.5 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 06:03:29 GMT
date: Thu, 01 Dec 2022 06:03:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
doremom.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0
198.54.120.243200 OK 42 kB URL HTTP/2 doremom.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0
IP 198.54.120.243:0
File type ASCII text, with very long lines (65358)
Hash a42125daa1bf4835bd80f616b2f538ec
f6fbf48eec4c1e3d203d713ce29aa7e8a3742305
cf455434a5ed07a1fafa1052cd1fb1fa750957d2d25cec8284743d41179c8040
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: text/css
last-modified: Wed, 27 Apr 2022 04:24:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 42005
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
198.54.120.243200 OK 11 kB URL HTTP/2 doremom.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 198.54.120.243:0
File type ASCII text, with very long lines (43771)
Hash d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: text/css
last-modified: Tue, 12 Jul 2022 21:11:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10946
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-content/themes/jnews/assets/css/elementor-frontend.css?ver=1.0.0
198.54.120.243200 OK 152 B URL HTTP/2 doremom.com/wp-content/themes/jnews/assets/css/elementor-frontend.css?ver=1.0.0
IP 198.54.120.243:0
File type ASCII text, with very long lines (681), with no line terminators
Hash afbecb035f62be271638a5ad22f76c03
b8eacb2e5b706609dd9b2a203acc225cb45c3415
e31b51f39fddd00826e4c540a22c0023aefde1e8e00c4cf0885006348a177a44
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/css/elementor-frontend.css?ver=1.0.0 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: text/css
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 152
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-content/themes/jnews/style.css?ver=6.0.3
198.54.120.243200 OK 220 B URL HTTP/2 doremom.com/wp-content/themes/jnews/style.css?ver=6.0.3
IP 198.54.120.243:0
Hash cb425c72f3c85ee042d243710cf0cf46
3958efea56ccae50b57c1f166a04207f27f99764
8db9927741da82894e0e0d3c8480aaa44612d9570c12aa2f4dc8774188ffe74b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/style.css?ver=6.0.3 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: text/css
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 220
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14008
Expires: Thu, 01 Dec 2022 09:56:58 GMT
Date: Thu, 01 Dec 2022 06:03:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14008
Expires: Thu, 01 Dec 2022 09:56:58 GMT
Date: Thu, 01 Dec 2022 06:03:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14008
Expires: Thu, 01 Dec 2022 09:56:58 GMT
Date: Thu, 01 Dec 2022 06:03:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14008
Expires: Thu, 01 Dec 2022 09:56:58 GMT
Date: Thu, 01 Dec 2022 06:03:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F454095ab-a1f1-4a4f-bb9e-68ca835c0b19.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F454095ab-a1f1-4a4f-bb9e-68ca835c0b19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f8fd0816eb402409135c039ae8366346
8a2adf9f19759d833bc4bc16d52de6c59fba355b
a398e0653664609674795d6310ec79310edbe30c216dc3c54f28f9d6442dfccc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F454095ab-a1f1-4a4f-bb9e-68ca835c0b19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7446
x-amzn-requestid: 4e1e09be-e182-47b9-ada5-6b4774f291c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cc5drFUroAMFjsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63883c57-046a05ce234dd47e20b1e7b9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 05:32:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQMobI2TofCUD0-99Xw1f6Wp2P_VVpuxCkHdqotAxUaufp9DFd1Hig==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 05:36:17 GMT
age: 1633
etag: "8a2adf9f19759d833bc4bc16d52de6c59fba355b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
doremom.com/wp-content/themes/jnews-child/style.css?ver=1.0.0
198.54.120.243200 OK 222 B URL HTTP/2 doremom.com/wp-content/themes/jnews-child/style.css?ver=1.0.0
IP 198.54.120.243:0
File type ASCII text, with CRLF line terminators
Hash 5d802ffcf2738d35eeb5e6e0a4f72d97
feee0778c97f864e261237507a302244da2b3e9a
d895c4332738ba31965dc75f0907fdc1ba7c63a670d2dec49a39ba40d2f44678
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews-child/style.css?ver=1.0.0 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: text/css
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 222
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2dd5a4bcfd47db8f38544bf39ce3031
fa2217bae05b7beca2e12597eaad835298276b82
3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4762
x-amzn-requestid: 52b09ca3-705b-4c86-9f56-172637553f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7TVG58oAMFQTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c15-4577a47243ad190672f8ac89;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y0-NAp2LMMG5TjQQ9ENHwDyKXLObKTYqzPPOWvZhs7Y9WJIC6LoblQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 08:50:17 GMT
age: 76393
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
doremom.com/wp-content/themes/jnews/assets/css/darkmode.css?ver=1.0.0
198.54.120.243200 OK 6.6 kB URL HTTP/2 doremom.com/wp-content/themes/jnews/assets/css/darkmode.css?ver=1.0.0
IP 198.54.120.243:0
File type ASCII text, with very long lines (45976), with no line terminators
Hash cc0b291aa0183764aa77d1307d1db968
c93ae3036eff0961aa0086d108cb7597b173565a
95d33ba48800ac3ed31a8d68598c8f89ac5366b04c919cb790e9b88410898d36
GET /wp-content/themes/jnews/assets/css/darkmode.css?ver=1.0.0 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: text/css
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6568
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-content/themes/jnews/data/import/androidnews/scheme.css?ver=1.0.0
198.54.120.243200 OK 425 B URL HTTP/2 doremom.com/wp-content/themes/jnews/data/import/androidnews/scheme.css?ver=1.0.0
IP 198.54.120.243:0
Hash 0bad807339ff114a7e66647c181d5c19
42326f67f4a3f33789eaa7bdfaded847e9d53f3c
12f8c4d10c829997f0ab6790881620402366e99fa249aa5f721d53f8b56c6a05
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/data/import/androidnews/scheme.css?ver=1.0.0 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: text/css
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 425
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-content/plugins/jnews-social-share/assets/css/plugin.css
198.54.120.243200 OK 374 B URL HTTP/2 doremom.com/wp-content/plugins/jnews-social-share/assets/css/plugin.css
IP 198.54.120.243:0
File type ASCII text, with very long lines (1138), with no line terminators
Hash d876e557286be18d4dc57d8665fcd659
388db49e04b42effe98ada1d65370dcfa366750b
92a37cac2aaa07864d31297be1322ed7e36f58298f0c8e0d4901f5c7496ec016
GET /wp-content/plugins/jnews-social-share/assets/css/plugin.css HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: text/css
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 374
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-content/plugins/jnews-social-login/assets/css/plugin.css?ver=8.0.0
198.54.120.243200 OK 507 B URL HTTP/2 doremom.com/wp-content/plugins/jnews-social-login/assets/css/plugin.css?ver=8.0.0
IP 198.54.120.243:0
File type ASCII text, with very long lines (2382), with no line terminators
Hash 510318b35dffbb47f27abacd2178c4d1
d005545c8cb43c7052dd9cd6a80d78f2b5c55a9e
c90734c299556b08b5ee75c44e012aef7cfa4a901d48b4282e8acd5d4f551ff8
GET /wp-content/plugins/jnews-social-login/assets/css/plugin.css?ver=8.0.0 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: text/css
last-modified: Wed, 27 Apr 2022 04:24:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 507
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=1.0.0
198.54.120.243200 OK 85 kB URL HTTP/2 doremom.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=1.0.0
IP 198.54.120.243:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c60f59ad3929ddddbcbd1243483c7fa6
85cc51781809e44d8d87c680050cad765aafb384
3105beef5165204a7d2edaf1b90a6ec24fb854c4e2d27eae0d68d8725815fed6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/dist/frontend.min.css?ver=1.0.0 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: text/css
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 84782
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-content/themes/jnews/assets/img/jeg-empty.png
198.54.120.243200 OK 70 B URL HTTP/2 doremom.com/wp-content/themes/jnews/assets/img/jeg-empty.png
IP 198.54.120.243:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c0ddcc7cc2d334254808ae1d918f9ee7
6ea24d025387ce247fa530f14778ef7ada4683d5
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429
GET /wp-content/themes/jnews/assets/img/jeg-empty.png HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: image/png
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-length: 70
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-content/uploads/2021/08/Untitled.png
198.54.120.243200 OK 3.2 kB URL HTTP/2 doremom.com/wp-content/uploads/2021/08/Untitled.png
IP 198.54.120.243:0
File type PNG image data, 287 x 66, 8-bit/color RGB, non-interlaced\012- data
Hash b480bc45475e7f5d0fb8d5d172289c9c
116dafae61d293951f4b0201607550c5bc8c8bfc
6983a06c62317b5b7e7ada826969433e53186d698d176450f77341a7118dac36
GET /wp-content/uploads/2021/08/Untitled.png HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: image/png
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-length: 3188
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-content/plugins/jnews-weather/assets/css/plugin.css?ver=8.0.1
198.54.120.243200 OK 2.1 kB URL HTTP/2 doremom.com/wp-content/plugins/jnews-weather/assets/css/plugin.css?ver=8.0.1
IP 198.54.120.243:0
File type ASCII text, with very long lines (13690), with no line terminators
Hash c35dbd7a9539f9d82ec6976e82ca4119
2f1011a8d4de81f4f88de41a2b7862e5ae33c97e
b8379b85adcd8ef299b13caa177098379e2bd96d88789c78d17215f9d31649f3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jnews-weather/assets/css/plugin.css?ver=8.0.1 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: text/css
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2134
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
198.54.120.243200 OK 668 B URL HTTP/2 doremom.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP 198.54.120.243:0
File type ASCII text, with very long lines (1464)
Hash b57bb5f7f55be8837811df1bbfebd197
a9fd3372526724938daa13cba926cff79395cbae
26512154e931a4b5441386af49e0e6d93a298ec6ae9ce2088d292cba42d61c7c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: application/javascript
last-modified: Tue, 21 Jun 2022 15:53:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 668
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
198.54.120.243200 OK 4.0 kB URL HTTP/2 doremom.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 198.54.120.243:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: application/javascript
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3995
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02cf22ee-ded9-4b9d-b5d8-ee6690ac9f45.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02cf22ee-ded9-4b9d-b5d8-ee6690ac9f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f07f254d44ff2fb86ee22cee39ef3eb0
0660a548a491d4a58ca2246f094f0553437c3f61
859b2416d638b1dc91ff563800517124b38d45b4c5db99e21539c1700829dbe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02cf22ee-ded9-4b9d-b5d8-ee6690ac9f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10985
x-amzn-requestid: ef9e5eb9-b7b3-41e9-9837-a5979ab35d94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV91OFzsoAMFcew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63857687-53b152c0027d26e52383e27e;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 03:03:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: F_ZBWwAOPbEjvMD1ChrgN9QYUyyFYdtRT6CcX6gviowmeinPRgVtnA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 04:19:21 GMT
age: 6249
etag: "0660a548a491d4a58ca2246f094f0553437c3f61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f924fdd-ce65-4f00-8153-3caef7c54e22.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f924fdd-ce65-4f00-8153-3caef7c54e22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb4b8985f697c1ff7753d3961fb4f67d
b412d62d44993500b947a38e8e242d0c6d6b7588
571c1543cd99b08e62438146f383bf48a9172ae377b4c17dbc6c8c58bdbb5803
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f924fdd-ce65-4f00-8153-3caef7c54e22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5295
x-amzn-requestid: e9c096df-2dba-408c-b45a-d114755fa883
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzM0HmuoAMF4Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbeb-5808a0756f4180a0613cdbcd;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUjE1-vViTaS5s23OSlhLlxC597y0etgzMYGUdlqdpHBTK_ww5DEYA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:17:18 GMT
age: 27972
etag: "b412d62d44993500b947a38e8e242d0c6d6b7588"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38aeadfb-098c-4e6a-8abc-40288efe2526.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38aeadfb-098c-4e6a-8abc-40288efe2526.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 609419f1a2c58ae67febde5e2cb91c9f
bfb37735a2500848338a8fa12f28516a1ad9b5ba
32a4a65c8bd4da715b5331537bd606bab2767ad8c07af3b8aebbe5cad5591812
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38aeadfb-098c-4e6a-8abc-40288efe2526.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3751
x-amzn-requestid: 80396218-5515-4f77-9d57-95b323e1f1c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzNHHGGoAMF8mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbed-09f83d1a5b7f65175fb137ab;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _mQdH9J5CaTiYNIQf5xVn-HGUP5tKhW_1foVDdpsVIoG_NKb9wZOJg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:45 GMT
age: 29625
etag: "bfb37735a2500848338a8fa12f28516a1ad9b5ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c95c82f-93f9-4783-a6c2-2c737a51d52c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c95c82f-93f9-4783-a6c2-2c737a51d52c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1039182464db1365a476dd88029b97d8
06b395b4fbad5ad9c9fb6a4fb24c1eee607aa8ac
2e081da1464a18d755a841558f63303634a9e22df888c9c43246565abfc3d48d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c95c82f-93f9-4783-a6c2-2c737a51d52c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12655
x-amzn-requestid: db51cc10-5e13-4d63-a15b-a1c62b159f7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzNfFvloAMFgqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbef-67ec32d74521865c7f800ac6;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mctLVf0ho2G4skGRA0gpSH5HVoAUeH7YOyY1QA4_abODLKqRIX0eTg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:09:11 GMT
etag: "06b395b4fbad5ad9c9fb6a4fb24c1eee607aa8ac"
content-type: image/jpeg
age: 28459
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
doremom.com/wp-content/plugins/jnews-social-login/assets/js/plugin.js?ver=8.0.0
198.54.120.243200 OK 398 B URL HTTP/2 doremom.com/wp-content/plugins/jnews-social-login/assets/js/plugin.js?ver=8.0.0
IP 198.54.120.243:0
File type ASCII text, with very long lines (907), with no line terminators
Hash 1f641b0f3f46f019151a9465b643d076
cac61180d492544c4bb7593d6ea448ae5baaca4d
f6b82719bb7d02abe886f7636bc751cfa3711c064f5b9eaf229a7da223890016
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jnews-social-login/assets/js/plugin.js?ver=8.0.0 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: application/javascript
last-modified: Wed, 27 Apr 2022 04:24:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 398
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-includes/js/comment-reply.min.js?ver=6.0.3
198.54.120.243200 OK 1.2 kB URL HTTP/2 doremom.com/wp-includes/js/comment-reply.min.js?ver=6.0.3
IP 198.54.120.243:0
File type ASCII text, with very long lines (2946)
Hash 7d8acf37582bf5212cbf4e31105de2ac
19581f31ceed66b11804eb6a2b3d00d43f73f071
d48d28cdb9d3dd8b812129663e5cc8b373b67629e2e65988d2b274960f7b847f
GET /wp-includes/js/comment-reply.min.js?ver=6.0.3 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: application/javascript
last-modified: Tue, 21 Jun 2022 15:53:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1228
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
198.54.120.243200 OK 1.7 kB URL HTTP/2 doremom.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 198.54.120.243:0
File type ASCII text, with very long lines (5477)
Hash fa921f07ecc438baf227765de450e215
1fdd49d8bb681cb118ea8d67d4fc61b0ad46cc95
b2cc68637048b04952a2f33163f64571145dbe0817a14c68fe6f1661bd81091f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: application/javascript
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1733
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
198.54.120.243200 OK 4.6 kB URL HTTP/2 doremom.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 198.54.120.243:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: application/javascript
last-modified: Tue, 21 Jun 2022 15:53:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4619
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.6.0
198.54.120.243200 OK 5.6 kB URL HTTP/2 doremom.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.6.0
IP 198.54.120.243:0
File type ASCII text, with very long lines (20418)
Hash c15318397253a9f8bc4e80fc9be51955
543b224eb0fce0d85b1290a1e20c3b2415be3a22
2d67bfb3628d93c140d563b4bc572f54da1e330fb8d54ff9035214607a5bde6d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.6.0 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: application/javascript
last-modified: Wed, 27 Apr 2022 04:24:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5560
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-content/plugins/jnews-social-share/assets/js/plugin.js
198.54.120.243200 OK 1.2 kB URL HTTP/2 doremom.com/wp-content/plugins/jnews-social-share/assets/js/plugin.js
IP 198.54.120.243:0
File type ASCII text, with very long lines (3451), with no line terminators
Hash 208c834864b34cf00ede6835ef6552de
feeb9b51a0725ae5f59e5caa48f15ce343a65c62
460c851825f3e4484115c7b38109c227103b747841c323b91ef2aa18d4dca824
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jnews-social-share/assets/js/plugin.js HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: application/javascript
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1186
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-content/plugins/jnews-weather/assets/js/plugin.js?ver=8.0.1
198.54.120.243200 OK 679 B URL HTTP/2 doremom.com/wp-content/plugins/jnews-weather/assets/js/plugin.js?ver=8.0.1
IP 198.54.120.243:0
File type Unicode text, UTF-8 text, with very long lines (2426), with no line terminators
Hash 6655735778ec50139c5a7df91e33c829
681c09411bf44df4ed0a27dd2fb3dee1cae697ca
85d4d44c62b0e6c39591a2168a105347080b063ab7177ceef9f6e4487a14ab7e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jnews-weather/assets/js/plugin.js?ver=8.0.1 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: application/javascript
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 679
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
198.54.120.243200 OK 30 kB URL HTTP/2 doremom.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 198.54.120.243:0
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: application/javascript
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 30273
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doremom.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 37776
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/khula/v12/OpNCnoEOns3V7GcOrg4.woff2
216.58.207.227200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/khula/v12/OpNCnoEOns3V7GcOrg4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 10792, version 1.0\012- data
Hash 478fcf4165ac4b9c9b5f961bea804119
201f57d657cfaf01f0bdf2c4b44498ad017352a4
b6fbcd060bcdfb2f4dc48f9af9d4ac6f06bed89e24651f1d3cd33a0fc6d4a5a3
GET /s/khula/v12/OpNCnoEOns3V7GcOrg4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doremom.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10792
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 02:51:56 GMT
expires: Sat, 25 Nov 2023 02:51:56 GMT
cache-control: public, max-age=31536000
age: 529894
last-modified: Tue, 26 Apr 2022 15:28:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Hash 87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doremom.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:42:24 GMT
expires: Thu, 30 Nov 2023 19:42:24 GMT
cache-control: public, max-age=31536000
age: 37266
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/exo2/v20/7cH1v4okm5zmbvwkAx_sfcEuiD8jWfWsOdC_.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/exo2/v20/7cH1v4okm5zmbvwkAx_sfcEuiD8jWfWsOdC_.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15712, version 1.0\012- data
Hash a4564500d2af8b6397c0b83d3565a3c2
62f44240a2afe1f4fd3be8838db06702210317fa
a9bdf5e50a2927fea494b0244e21f6bf791d9ab50e79b05eef324b2c55c406fb
GET /s/exo2/v20/7cH1v4okm5zmbvwkAx_sfcEuiD8jWfWsOdC_.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doremom.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 03:38:52 GMT
expires: Wed, 29 Nov 2023 03:38:52 GMT
cache-control: public, max-age=31536000
age: 181478
last-modified: Mon, 11 Jul 2022 19:19:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/khula/v12/OpNPnoEOns3V7G-1ixvTpi8.woff2
216.58.207.227200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/khula/v12/OpNPnoEOns3V7G-1ixvTpi8.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 10576, version 1.0\012- data
Hash 7d1e51ee12a67b9bad11a2de0bac2d94
218a13985afb1910dfc3d72432dd732f2ea27874
a94555e0e3d6452d3569dcc2429db72d5443f4293afa6045df3ec12b2ff20a41
GET /s/khula/v12/OpNPnoEOns3V7G-1ixvTpi8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doremom.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:05:47 GMT
expires: Wed, 29 Nov 2023 17:05:47 GMT
cache-control: public, max-age=31536000
age: 133063
last-modified: Tue, 26 Apr 2022 15:28:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doremom.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 213049
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/khula/v12/OpNPnoEOns3V7G-1ixvdpi9NXw.woff2
216.58.207.227200 OK 2.7 kB URL HTTP/2 fonts.gstatic.com/s/khula/v12/OpNPnoEOns3V7G-1ixvdpi9NXw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 2728, version 1.0\012- data
Hash 17e1a3217fd0679ddc30c37fbb1a2d3f
5df52da70f97ea87cae72c73071dd717a5fce9aa
4901eeb50918d8f32260eedc0c58d190471fbfd479ec6d6a6624cd824ced3557
GET /s/khula/v12/OpNPnoEOns3V7G-1ixvdpi9NXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doremom.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 2728
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 20:44:51 GMT
expires: Fri, 24 Nov 2023 20:44:51 GMT
cache-control: public, max-age=31536000
age: 551919
last-modified: Tue, 26 Apr 2022 15:29:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Hash 3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doremom.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:57:48 GMT
expires: Tue, 28 Nov 2023 18:57:48 GMT
cache-control: public, max-age=31536000
age: 212742
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
216.58.207.227200 OK 5.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5560, version 1.0\012- data
Hash ca3b09b62fda648a4511700413313fd0
109cd4c5435bd6614391bb8722c47c287c96b2ec
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doremom.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:55:01 GMT
expires: Thu, 30 Nov 2023 19:55:01 GMT
cache-control: public, max-age=31536000
age: 36509
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
216.58.207.227200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 14040, version 1.0\012- data
Hash eadd44d829d43ddf48870c2073f1a7ca
fc04b04f37e0988001c81be96bca33c4d866450f
84197a92671b7b7c8715220cea35354699c6221113c0ff531ff087ab8a8aa9e6
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doremom.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 22:52:00 GMT
expires: Tue, 28 Nov 2023 22:52:00 GMT
cache-control: public, max-age=31536000
age: 198690
last-modified: Mon, 15 Aug 2022 18:14:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ea3b8ef15bc744fd0ccdca7e129f105f
28f62ab1a410493b5e24e70f91eda527dc2dd7a6
baaebaa25c21ff24e6d7c2aa25d7ed1118ef1e40033d9c4dfd62e4cc77a232d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4840
Cache-Control: max-age=124549
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:30 GMT
Etag: "6387744f-117"
Expires: Fri, 02 Dec 2022 16:39:19 GMT
Last-Modified: Wed, 30 Nov 2022 15:18:39 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
doremom.com/wp-content/themes/jnews/assets/dist/image/preloader.gif
198.54.120.243200 OK 4.4 kB URL HTTP/2 doremom.com/wp-content/themes/jnews/assets/dist/image/preloader.gif
IP 198.54.120.243:0
File type GIF image data, version 89a, 100 x 75\012- data
Hash c225d4001dc31c7ff8e290129f436175
b27a1dcbf1accdee9b64db482e72ac3972363915
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4
GET /wp-content/themes/jnews/assets/dist/image/preloader.gif HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=1.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:30 GMT
content-type: image/gif
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-length: 4399
date: Thu, 01 Dec 2022 06:03:30 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-content/uploads/2022/11/Onomy-raises-10-million-750x422.jpg
198.54.120.243200 OK 13 kB URL HTTP/2 doremom.com/wp-content/uploads/2022/11/Onomy-raises-10-million-750x422.jpg
IP 198.54.120.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 750x422, components 3\012- data
Hash a4b8dbcbc4c9ec2ecab9aa2779e18789
9bf3bd42d2d8d896157f9858149ea61a0418fc66
e5a24d9d64e47e8e1a75a4721ac0569f155d877986be43f9c05056e3cf9728a5
GET /wp-content/uploads/2022/11/Onomy-raises-10-million-750x422.jpg HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:30 GMT
content-type: image/jpeg
last-modified: Wed, 23 Nov 2022 16:42:39 GMT
accept-ranges: bytes
content-length: 12622
date: Thu, 01 Dec 2022 06:03:30 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-content/themes/jnews/assets/dist/font/fontawesome-webfont.woff2
198.54.120.243200 OK 77 kB URL HTTP/2 doremom.com/wp-content/themes/jnews/assets/dist/font/fontawesome-webfont.woff2
IP 198.54.120.243:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/dist/font/fontawesome-webfont.woff2 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://doremom.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=1.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:30 GMT
content-type: font/woff2
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-length: 77160
date: Thu, 01 Dec 2022 06:03:30 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/2714.svg
192.0.77.48200 OK 361 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/2714.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (361), with no line terminators
Hash 7b3ff12d16d96ca77345da9450986dc7
220f77197faa7aed5c3217b1f8cec35518a96137
e98cb75b135ff35e1d3c27667101fc6ac910aa2c7e6b52ff09d06c537f4de8d6
GET /images/core/emoji/14.0.0/svg/2714.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 06:03:31 GMT
content-type: image/svg+xml
content-length: 361
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/JNJj-Xek6-M
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/JNJj-Xek6-M
IP 142.250.74.131:0
Hash 22576f7915661aaa0d1329f09629846f
f63399055cae71c09084e5d348096d4862bf6a60
67f059126f501d74a953f3260d38f88a2efcd00d9dc48a7f431fbf64f2e8a535
POST /s/gts1p5/JNJj-Xek6-M HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
doremom.com/wp-content/themes/jnews/assets/dist/font/jegicon.woff
198.54.120.243200 OK 7.1 kB URL HTTP/2 doremom.com/wp-content/themes/jnews/assets/dist/font/jegicon.woff
IP 198.54.120.243:0
File type Web Open Font Format, CFF, length 7144, version 1.0\012- data
Hash 80f6e7a7a6eb44255aeb06a2d5b5ea41
4ded570e00c9c96cc3cf18e770903cb60e360ce4
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/dist/font/jegicon.woff HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://doremom.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=1.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:31 GMT
content-type: font/woff
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-length: 7144
date: Thu, 01 Dec 2022 06:03:31 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.livetrafficfeed.com/static/v4/live.js
139.99.46.91200 OK 29 kB URL HTTP/2 cdn.livetrafficfeed.com/static/v4/live.js
IP 139.99.46.91:0
Hash a392754def136fdca444aee12a968ea7
3f94e118c60c35960c60e0cefac9547d73e93534
890e5f70067d401b3d5337163fa9423d542e82db6962a16302b999863e791eae
GET /static/v4/live.js HTTP/1.1
Host: cdn.livetrafficfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:39:53 GMT
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 22:05:15 GMT
vary: Accept-Encoding
etag: W/"6387d39b-be9d"
server: Nginx
expires: Sat, 31 Dec 2022 05:39:53 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
doremom.com/wp-content/uploads/2022/11/gsa-350x250.jpg
198.54.120.243200 OK 22 kB URL HTTP/2 doremom.com/wp-content/uploads/2022/11/gsa-350x250.jpg
IP 198.54.120.243:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=13], baseline, precision 8, 350x250, components 3\012- data
Hash 02a7ae150feb28a21e5398be6d291080
c2cef8dd9bd98e76898d995dda1ea83842739f34
d195d29d92bed05635c1a293adb6b68a65287376fd0c78c6173403593103bedb
GET /wp-content/uploads/2022/11/gsa-350x250.jpg HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:31 GMT
content-type: image/jpeg
last-modified: Sun, 27 Nov 2022 05:39:52 GMT
accept-ranges: bytes
content-length: 21773
date: Thu, 01 Dec 2022 06:03:31 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
t.dtscout.com/pv/?_a=v&_h=doremom.com&_ss=1sozoypr9f&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=731s&_cb=_dtspv.c
141.101.120.11200 OK 1.5 kB URL HTTP/2 t.dtscout.com/pv/?_a=v&_h=doremom.com&_ss=1sozoypr9f&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=731s&_cb=_dtspv.c
IP 141.101.120.11:0
File type ASCII text, with no line terminators
Hash ac01595ffcd9326e4b5a9c62710c719f
b917680515b51e3cf61e16e82b703bda326a1574
8ea268d065565221278a926a4fb4639083ed085bab43f48f668d5932877e17bc
GET /pv/?_a=v&_h=doremom.com&_ss=1sozoypr9f&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=731s&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Cookie: m=1; oa=1; df=1669874611
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 06:03:31 GMT
content-type: application/javascript
x-t: 0.129
x-c: 0
expires: Thu, 01 Dec 2022 06:03:30 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzcOosP4mGoOFn1XhFX0Tr7i2mCMFfHkY3HsiSkMeBAhxylV1G2HX6HgdhNTsZsIZ3%2Bs0VTX6oFER5Nun%2FyCfFhZNz%2FR94Gs6Zl%2B6IVQleSVOcTKoV9fkglYYGISt%2FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77299ec1ed89991e-ARN
content-encoding: br
X-Firefox-Spdy: h2
doremom.com/wp-content/uploads/2022/11/Untitled_1-350x250.jpg
198.54.120.243200 OK 16 kB URL HTTP/2 doremom.com/wp-content/uploads/2022/11/Untitled_1-350x250.jpg
IP 198.54.120.243:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x250, components 3\012- data
Hash 2bbe749351697cd18723112d4e45cdcb
27e804d26cd9641baf91b98fe39024ef7d45b3cf
f2c3654927380d6296356f1148955005aee7a71bc3c379176ba6b06af658e44a
GET /wp-content/uploads/2022/11/Untitled_1-350x250.jpg HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:31 GMT
content-type: image/jpeg
last-modified: Sat, 26 Nov 2022 10:39:21 GMT
accept-ranges: bytes
content-length: 16056
date: Thu, 01 Dec 2022 06:03:31 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-content/uploads/2022/11/Screenshot_5-350x250.png
198.54.120.243200 OK 18 kB URL HTTP/2 doremom.com/wp-content/uploads/2022/11/Screenshot_5-350x250.png
IP 198.54.120.243:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 489fb88f57e75e684cdb1f9947872210
77b591cbd3fee69245a016d8c47351f179ba8c97
93a11a310601ed6f404dadc90266969aeb4561c58e4f0cdf09dba1ad46a0d637
GET /wp-content/uploads/2022/11/Screenshot_5-350x250.png HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:31 GMT
content-type: image/png
last-modified: Sat, 26 Nov 2022 04:58:50 GMT
accept-ranges: bytes
content-length: 17664
date: Thu, 01 Dec 2022 06:03:31 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-content/uploads/2022/10/anh-nen-bai-viet-8-350x250.jpg
198.54.120.243200 OK 40 kB URL HTTP/2 doremom.com/wp-content/uploads/2022/10/anh-nen-bai-viet-8-350x250.jpg
IP 198.54.120.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=856, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1640], baseline, precision 8, 350x250, components 3\012- data
Hash aa2fb11fbe030b6da6666fec6e22f2d3
eb8330f587f317594d09beac00760f8a920e0e0a
29f4464380d49d5de187f64d323ce9672240c2e0c32b283aaa52539285c0959b
GET /wp-content/uploads/2022/10/anh-nen-bai-viet-8-350x250.jpg HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:31 GMT
content-type: image/jpeg
last-modified: Tue, 11 Oct 2022 16:39:16 GMT
accept-ranges: bytes
content-length: 40542
date: Thu, 01 Dec 2022 06:03:31 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
api.coingecko.com/api/v3/coins/bitcoin?developer_data=false&community_data=false&tickers=false
104.18.28.120200 OK 16 kB URL HTTP/2 api.coingecko.com/api/v3/coins/bitcoin?developer_data=false&community_data=false&tickers=false
IP 104.18.28.120:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (62830), with no line terminators
Hash 17ed16348db6645fa26846dc7a597014
119e4a0c932512d694be6154534633ab2ab17ccc
b4b58b4c935af3c2c827817ec747bba77258207790af266ad065e38418abb54d
GET /api/v3/coins/bitcoin?developer_data=false&community_data=false&tickers=false HTTP/1.1
Host: api.coingecko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://doremom.com/
Origin: https://doremom.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 06:03:31 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
access-control-expose-headers: link, per-page, total
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: public, max-age=120
access-control-request-method: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
vary: Accept-Encoding, Origin
etag: W/"9d5f9a1f9cd10f30f76dee18bb5bcd82"
x-request-id: 689e7cc9-b278-43df-a14c-3632bd041c8f
x-runtime: 0.076785
alternate-protocol: 443:npn-spdy/2
cf-cache-status: MISS
expires: Thu, 01 Dec 2022 06:05:31 GMT
server: cloudflare
cf-ray: 77299ebe8bf8b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
livetrafficfeed.com/images/overlay2.png
139.99.46.91200 OK 980 B URL HTTP/2 livetrafficfeed.com/images/overlay2.png
IP 139.99.46.91:0
File type PNG image data, 500 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f06825c7a2999dcf54f51c1c28a28e4
914d84fb0e32010dc7af1975214dc0c2c8ba0dde
3f1cdebfe02e8e40b8f88d9166bcf096678cf8f907fa736b13e99412479af55c
GET /images/overlay2.png HTTP/1.1
Host: livetrafficfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:39:55 GMT
content-type: image/png
content-length: 980
last-modified: Sat, 09 Dec 2017 14:18:30 GMT
etag: "5a2bf0b6-3d4"
server: Nginx
expires: Sat, 31 Dec 2022 05:39:55 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
livetrafficfeed.com/static/v5/jquery.js?ranid=HIKWk4LZeTG1pJ2TmfloMqoV08bQj3NkhYIrPWQvgMGw2KvNii&cookie_id=&link=https%3A%2F%2Fdoremom.com%2F&clientwidth=1280&clientheight=1024&num=10&title=A%20place%20to%20share%20all%20tools%20-%20Doremom&referrer=&timezone=America%2FNew_York&root=0
139.99.46.91200 OK 1.2 kB URL HTTP/2 livetrafficfeed.com/static/v5/jquery.js?ranid=HIKWk4LZeTG1pJ2TmfloMqoV08bQj3NkhYIrPWQvgMGw2KvNii&cookie_id=&link=https%3A%2F%2Fdoremom.com%2F&clientwidth=1280&clientheight=1024&num=10&title=A%20place%20to%20share%20all%20tools%20-%20Doremom&referrer=&timezone=America%2FNew_York&root=0
IP 139.99.46.91:0
Hash 0210cdec1edc612c7acd70f0b2bc10fd
e1d72d3904a0fafe7e1ca9769bf2357f87774264
d00f189100789c3d1aba278434fcb5d50e670251cb6dd9aa016ace01ecff7867
GET /static/v5/jquery.js?ranid=HIKWk4LZeTG1pJ2TmfloMqoV08bQj3NkhYIrPWQvgMGw2KvNii&cookie_id=&link=https%3A%2F%2Fdoremom.com%2F&clientwidth=1280&clientheight=1024&num=10&title=A%20place%20to%20share%20all%20tools%20-%20Doremom&referrer=&timezone=America%2FNew_York&root=0 HTTP/1.1
Host: livetrafficfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:39:55 GMT
content-type: application/javascript
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=0q1eqv884j3capkivh2qoaank2; path=/
LTFSESSID=0q1eqv884j3capkivh2qoaank2; expires=Fri, 01-Dec-2023 11:28:41 GMT; Max-Age=31556926; path=/
server: Nginx
strict-transport-security: max-age=31536000
x-frame-options: ALLOWALL
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2
t.dtscout.com/i/?l=https%3A%2F%2Fdoremom.com%2F&j=
141.101.120.11200 OK 1.4 kB URL HTTP/2 t.dtscout.com/i/?l=https%3A%2F%2Fdoremom.com%2F&j=
IP 141.101.120.11:0
File type ASCII text, with very long lines (2077)
Hash 7783dc3d36537737ed5e6127936d0080
fb8c5b78800026f418f083e9a45d96a8c57b4084
b598564aa9e60370c0f44f857281e76bde2a09fdc1e81f689d3ad62485baa883
GET /i/?l=https%3A%2F%2Fdoremom.com%2F&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 06:03:31 GMT
content-type: application/javascript
x-s: mtl3
set-cookie: m=1; Domain=dtscout.com; Expires=Thu, 01-Dec-2022 07:26:51 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Thu, 01-Dec-2022 10:03:31 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1669874611; Domain=dtscout.com; Expires=Sat, 11-Mar-2023 06:03:31 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.481
expires: Thu, 01 Dec 2022 06:03:30 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIw7OeQmozy9sXIwwi5zZwBxtKb7dsFuTzq94ro8b7YrtcThZ%2BNTO8Po3rOOfpELkuxSAYf0j0E%2BZaHyE6iu%2FlbLintxGNRrwyLoNSpyNJvfcYqewoVzg0cOAqJkSg4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77299ec02c47991e-ARN
content-encoding: br
X-Firefox-Spdy: h2
cdn.livetrafficfeed.com/images/flags/16/no.png
139.99.46.91200 OK 263 B URL HTTP/2 cdn.livetrafficfeed.com/images/flags/16/no.png
IP 139.99.46.91:0
File type PNG image data, 16 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c698dc0069805232289036d6be01685
e5dbcff899f3cba5f96d1a2055b9889e2b5165e4
f747bb481806261bd343e4bec38d28d214d35d8b0111f911b2bc6c31d7bcb2c6
GET /images/flags/16/no.png HTTP/1.1
Host: cdn.livetrafficfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:39:55 GMT
content-type: image/png
content-length: 263
last-modified: Wed, 30 Nov 2022 22:05:08 GMT
etag: "6387d394-107"
server: Nginx
expires: Sat, 31 Dec 2022 05:39:55 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.livetrafficfeed.com/images/browser/11/headless-chrome.png
139.99.46.91200 OK 488 B URL HTTP/2 cdn.livetrafficfeed.com/images/browser/11/headless-chrome.png
IP 139.99.46.91:0
File type PNG image data, 11 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash de6c44215cca88408afadb07ecf57d89
cf82898f79ac0ffcbc5321616473c25e7f2a2939
9bfb01aa150850a42b1a781d863ded8e8de10700f1af93d591780854cec39551
GET /images/browser/11/headless-chrome.png HTTP/1.1
Host: cdn.livetrafficfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:39:55 GMT
content-type: image/png
content-length: 488
last-modified: Wed, 30 Nov 2022 22:05:10 GMT
etag: "6387d396-1e8"
server: Nginx
expires: Sat, 31 Dec 2022 05:39:55 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.livetrafficfeed.com/images/os/11/gnu-linux.png
139.99.46.91200 OK 480 B URL HTTP/2 cdn.livetrafficfeed.com/images/os/11/gnu-linux.png
IP 139.99.46.91:0
File type PNG image data, 11 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash d110a96a644c7b3720097ba6a11540dd
1c1886711edb648ffe815ecb7da3329a24033d95
ac0a0d5e922d3cbd22951eecd77c775846dc77d6b5c073d31dfd95523eb9d8f2
GET /images/os/11/gnu-linux.png HTTP/1.1
Host: cdn.livetrafficfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:39:55 GMT
content-type: image/png
content-length: 480
last-modified: Wed, 30 Nov 2022 22:05:07 GMT
etag: "6387d393-1e0"
server: Nginx
expires: Sat, 31 Dec 2022 05:39:55 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.livetrafficfeed.com/images/flags/16/us.png
139.99.46.91200 OK 354 B URL HTTP/2 cdn.livetrafficfeed.com/images/flags/16/us.png
IP 139.99.46.91:0
File type PNG image data, 16 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash 812fc61ed8dadb41ff71830f28cbd597
bde1e4cdf65c106437a0bef8318c05a35d9f4fc2
7463892aa3cd85096c84caf30395737dcece130390217ee71745efaeaa1f5f33
GET /images/flags/16/us.png HTTP/1.1
Host: cdn.livetrafficfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:39:55 GMT
content-type: image/png
content-length: 354
last-modified: Wed, 30 Nov 2022 22:05:08 GMT
etag: "6387d394-162"
server: Nginx
expires: Sat, 31 Dec 2022 05:39:55 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.livetrafficfeed.com/images/browser/11/chrome.png
139.99.46.91200 OK 481 B URL HTTP/2 cdn.livetrafficfeed.com/images/browser/11/chrome.png
IP 139.99.46.91:0
File type PNG image data, 11 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ff70070b6453f5fb1c9517c52799a7c
436da68e5234e19477219d5f1cc056e3cd20a45f
7ebe3d9862ecc191accde39c1b4bb8f97a0517e4b0c49d687511b443513e7145
GET /images/browser/11/chrome.png HTTP/1.1
Host: cdn.livetrafficfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:39:55 GMT
content-type: image/png
content-length: 481
last-modified: Wed, 30 Nov 2022 22:05:09 GMT
etag: "6387d395-1e1"
server: Nginx
expires: Sat, 31 Dec 2022 05:39:55 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.livetrafficfeed.com/images/flags/16/vn.png
139.99.46.91200 OK 288 B URL HTTP/2 cdn.livetrafficfeed.com/images/flags/16/vn.png
IP 139.99.46.91:0
File type PNG image data, 16 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash c4846396ee03766eb0e4fc1233591013
1ab051669388632f9a56ed58e4ce0c81d64a7aa0
cab08d59ea275b9acd0d010b3f9c82fcd2d681f890b73923669440ff8a04dd50
GET /images/flags/16/vn.png HTTP/1.1
Host: cdn.livetrafficfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:39:55 GMT
content-type: image/png
content-length: 288
last-modified: Wed, 30 Nov 2022 22:05:08 GMT
etag: "6387d394-120"
server: Nginx
expires: Sat, 31 Dec 2022 05:39:55 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.livetrafficfeed.com/images/flags/16/fr.png
139.99.46.91200 OK 196 B URL HTTP/2 cdn.livetrafficfeed.com/images/flags/16/fr.png
IP 139.99.46.91:0
File type PNG image data, 16 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash b8c1d7594a8398ef135cdf6e8197aabf
9937c7d16718e8dcc43bbb5207e3e0e69e717a54
36e8322f5c94a920f8016a3d3de7f9e9ad1ad88bbd541372ff4b6b10e7ea9ff6
GET /images/flags/16/fr.png HTTP/1.1
Host: cdn.livetrafficfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:39:55 GMT
content-type: image/png
content-length: 196
last-modified: Wed, 30 Nov 2022 22:05:08 GMT
etag: "6387d394-c4"
server: Nginx
expires: Sat, 31 Dec 2022 05:39:55 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.livetrafficfeed.com/images/browser/11/unknown.png
139.99.46.91200 OK 437 B URL HTTP/2 cdn.livetrafficfeed.com/images/browser/11/unknown.png
IP 139.99.46.91:0
File type PNG image data, 11 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash d8dc3cbb880a0f4f997899ec2d62e8b8
d857c5e4810116f4d8191e9ef1b1f0f5be283c71
b0b48dac300bf9c9c0382b08afd8ac16dda3161bf36d13da4e13fed5b9b000f7
GET /images/browser/11/unknown.png HTTP/1.1
Host: cdn.livetrafficfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:39:55 GMT
content-type: image/png
content-length: 437
last-modified: Wed, 30 Nov 2022 22:05:13 GMT
etag: "6387d399-1b5"
server: Nginx
expires: Sat, 31 Dec 2022 05:39:55 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
doremom.com/wp-content/uploads/2022/04/f609025ec75b0905504a-360x180.jpg
198.54.120.243200 OK 12 kB URL HTTP/2 doremom.com/wp-content/uploads/2022/04/f609025ec75b0905504a-360x180.jpg
IP 198.54.120.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 360x180, components 3\012- data
Hash ba31232d237dc9ab063aa16217bb73c1
9c78524e77d8aa8e5ea2684360d0be8a982f2d97
96322b047eff995f20d7c0b0e40c596905f50b85e9bf57690f8f3b34e9a23e61
GET /wp-content/uploads/2022/04/f609025ec75b0905504a-360x180.jpg HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:31 GMT
content-type: image/jpeg
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-length: 12370
date: Thu, 01 Dec 2022 06:03:31 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.livetrafficfeed.com/images/os/11/mac.png
139.99.46.91200 OK 411 B URL HTTP/2 cdn.livetrafficfeed.com/images/os/11/mac.png
IP 139.99.46.91:0
File type PNG image data, 11 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f727b00bebbab3a289ab75c6f89ee98
eb7ed8e43c4655e9602667f6879e390f3240b441
197244c67bceda226eee914af9214017dbdfe852a81c702ad3d6787929973dc1
GET /images/os/11/mac.png HTTP/1.1
Host: cdn.livetrafficfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:39:55 GMT
content-type: image/png
content-length: 411
last-modified: Wed, 30 Nov 2022 22:05:07 GMT
etag: "6387d393-19b"
server: Nginx
expires: Sat, 31 Dec 2022 05:39:55 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.livetrafficfeed.com/images/flags/16/de.png
139.99.46.91200 OK 137 B URL HTTP/2 cdn.livetrafficfeed.com/images/flags/16/de.png
IP 139.99.46.91:0
File type PNG image data, 16 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash dfde7c757b8633c7d9d8eabdb4f16156
ee44ea9b91c5e48ad331473a21236139bf44dce9
05e07f1a50324b244380e6fa3eede4cc533bcf66aa7495c78f671c4f32d8807d
GET /images/flags/16/de.png HTTP/1.1
Host: cdn.livetrafficfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:39:55 GMT
content-type: image/png
content-length: 137
last-modified: Wed, 30 Nov 2022 22:05:08 GMT
etag: "6387d394-89"
server: Nginx
expires: Sat, 31 Dec 2022 05:39:55 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.livetrafficfeed.com/images/flags/16/nz.png
139.99.46.91200 OK 468 B URL HTTP/2 cdn.livetrafficfeed.com/images/flags/16/nz.png
IP 139.99.46.91:0
File type PNG image data, 16 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash 32c4b95634eb33526d6b114252557a78
81d82212f09b70316527eaf37615e936849abcbd
4ce41416865f7d99b38e836dd416dcfaaba67a837438d6164bb81065f09977e6
GET /images/flags/16/nz.png HTTP/1.1
Host: cdn.livetrafficfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:39:55 GMT
content-type: image/png
content-length: 468
last-modified: Wed, 30 Nov 2022 22:05:08 GMT
etag: "6387d394-1d4"
server: Nginx
expires: Sat, 31 Dec 2022 05:39:55 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
doremom.com/wp-content/uploads/2022/07/Screenshot_9-360x180.png
198.54.120.243200 OK 90 kB URL HTTP/2 doremom.com/wp-content/uploads/2022/07/Screenshot_9-360x180.png
IP 198.54.120.243:0
File type PNG image data, 360 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 3839c2be1009b159a480f72b735bde8b
5cbc9df9c09228cf7ca0294da496a85a001b442b
970df0207f7d9162dc9f9fa15b513be8a6f701af4fd21c0f3bafc529be486815
GET /wp-content/uploads/2022/07/Screenshot_9-360x180.png HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:31 GMT
content-type: image/png
last-modified: Sat, 02 Jul 2022 07:02:57 GMT
accept-ranges: bytes
content-length: 90505
date: Thu, 01 Dec 2022 06:03:31 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-content/uploads/2022/10/Auto-VLTKM-Pro-GUI-348x250.png
198.54.120.243200 OK 17 kB URL HTTP/2 doremom.com/wp-content/uploads/2022/10/Auto-VLTKM-Pro-GUI-348x250.png
IP 198.54.120.243:0
File type PNG image data, 348 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 18272e35110c2f59cf9b490e1e25eebe
96e20a5831e1b21181a783e04244310b5edc3aa3
bb14862cca0d17b6e1ef42d47c24a4275086f62db2a64d2d08efd31991bea5ac
GET /wp-content/uploads/2022/10/Auto-VLTKM-Pro-GUI-348x250.png HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:31 GMT
content-type: image/png
last-modified: Tue, 11 Oct 2022 00:37:12 GMT
accept-ranges: bytes
content-length: 16626
date: Thu, 01 Dec 2022 06:03:31 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-content/uploads/2022/07/ee-360x180.jpg
198.54.120.243200 OK 24 kB URL HTTP/2 doremom.com/wp-content/uploads/2022/07/ee-360x180.jpg
IP 198.54.120.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2022:02:19 22:49:35], baseline, precision 8, 360x180, components 3\012- data
Hash 74fb67ea96c7ceae18ec681ced57305e
e8252a0292708e2e3bceb3c52456b3d28aac0835
2af0f051e237cc0209f4f149b225696015e11db7098671a886fc80dee3927921
GET /wp-content/uploads/2022/07/ee-360x180.jpg HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:31 GMT
content-type: image/jpeg
last-modified: Sat, 23 Jul 2022 11:33:34 GMT
accept-ranges: bytes
content-length: 23729
date: Thu, 01 Dec 2022 06:03:31 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 314f2745d452b813ee6230cae1fdf708
bc4ff881f716f1a51365192a55246efaa6992ca8
dddbd851169338d5ade97982886d8f93b7a52cd724efbad0435ac07f87974b3d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 06:03:33 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 17:29:18 GMT
Expires: Tue, 06 Dec 2022 17:29:17 GMT
Etag: "bc4ff881f716f1a51365192a55246efaa6992ca8"
Cache-Control: max-age=472543,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77299ecc2d26b4ee-OSL
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6148798312268740
142.250.74.34200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6148798312268740
IP 142.250.74.34:0
File type ASCII text, with very long lines (4885)
Hash e1c37b0126866ba55996e73b6f4f8d90
334e8bd4650a7311c47c09ada71cc34639b52ea4
38b47455a87df4ff8f6797335592e83ab72636333e8b0ca7dfe19a783a074145
GET /pagead/js/adsbygoogle.js?client=ca-pub-6148798312268740 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doremom.com
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 01 Dec 2022 06:03:33 GMT
expires: Thu, 01 Dec 2022 06:03:33 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 5125458921667389811
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 48918
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
216.58.211.2200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 216.58.211.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Thu, 01 Dec 2022 05:11:33 GMT
expires: Thu, 15 Dec 2022 05:11:33 GMT
cache-control: public, max-age=1209600
age: 3120
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
doremom.com/wp-content/uploads/2022/11/Fed-350x250.jpg
198.54.120.243200 OK 17 kB URL HTTP/2 doremom.com/wp-content/uploads/2022/11/Fed-350x250.jpg
IP 198.54.120.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 350x250, components 3\012- data
Hash 34c2c3d032c06dcddaee48ccb19c9ef0
29f3dc9223edac910d3a496e936dea98fee0acd5
2c5e20504475438b278f907839aabda7ac0587757a766f0a823a91e5a6e08cd7
GET /wp-content/uploads/2022/11/Fed-350x250.jpg HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:32 GMT
content-type: image/jpeg
last-modified: Thu, 24 Nov 2022 08:19:22 GMT
accept-ranges: bytes
content-length: 16923
date: Thu, 01 Dec 2022 06:03:32 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=doremom.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=doremom.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=doremom.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 01 Dec 2022 06:03:33 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=doremom.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=doremom.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=doremom.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 01 Dec 2022 06:03:33 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2127bde04ad44ce578c974ce17014430
0671da7ac6281e7666378aec875006158b784931
e7353f4f5fdb557bbc3ed7b6c74c9a79d1bb7ef966f5bd471382feb82234bd93
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2127bde04ad44ce578c974ce17014430
0671da7ac6281e7666378aec875006158b784931
e7353f4f5fdb557bbc3ed7b6c74c9a79d1bb7ef966f5bd471382feb82234bd93
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 06:03:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash d9c3d3e8a0ee0f630ec32c2b40c31183
35d6fe235fa173d759a6691d5ffc25b6863eadba
b3391090c0acc0b439c2a4ff66e9867d6030c7fc0cb3720f7ea2f40218a4e8d5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 06:03:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 23:33:39 GMT
Expires: Wed, 07 Dec 2022 23:33:38 GMT
Etag: "35d6fe235fa173d759a6691d5ffc25b6863eadba"
Cache-Control: max-age=580804,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77299ecebf6db4ee-OSL
doremom.com/wp-content/uploads/2021/08/cropped-Untitled-32x32.png
198.54.120.243200 OK 951 B URL HTTP/2 doremom.com/wp-content/uploads/2021/08/cropped-Untitled-32x32.png
IP 198.54.120.243:0
File type PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced\012- data
Hash bd987f53464777b2ec066df42effcf53
2d34f6cee2649d752b6ec404e02bf34decd0e952
b981bc9e4afce6b3f068e246c86c93f4e1d2a7697c85874c744d590dd51c47dc
GET /wp-content/uploads/2021/08/cropped-Untitled-32x32.png HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Cookie: LTFSESSID=0q1eqv884j3capkivh2qoaank2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:33 GMT
content-type: image/png
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-length: 951
date: Thu, 01 Dec 2022 06:03:33 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-content/uploads/2021/08/cropped-Untitled-192x192.png
198.54.120.243200 OK 12 kB URL HTTP/2 doremom.com/wp-content/uploads/2021/08/cropped-Untitled-192x192.png
IP 198.54.120.243:0
File type PNG image data, 192 x 192, 8-bit/color RGB, non-interlaced\012- data
Hash fce4d67c190203fb0b1fdb6fccdeef1d
e2089349e2473c2582702d63c2bf549861563253
a8f189da55ca41ec1bfe404c150c0b5ddf1d29735ec6900027bb517c97437f84
GET /wp-content/uploads/2021/08/cropped-Untitled-192x192.png HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Cookie: LTFSESSID=0q1eqv884j3capkivh2qoaank2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:33 GMT
content-type: image/png
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-length: 11699
date: Thu, 01 Dec 2022 06:03:33 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
doremom.com/wp-content/uploads/2022/11/Screenshot_2.png
198.54.120.243200 OK 610 kB URL HTTP/2 doremom.com/wp-content/uploads/2022/11/Screenshot_2.png
IP 198.54.120.243:0
File type PNG image data, 722 x 521, 8-bit/color RGBA, non-interlaced\012- data
Size 610 kB (609993 bytes)
Hash 72e0f06d2e280da3b18898d3d2a4d393
8e073e80aaf29547f5390991ecc2690f19d2a11b
c4eb80edbe1888d17f203fdaf7fcea48a82ab3d8061aba772fc7237a794ff1dc
GET /wp-content/uploads/2022/11/Screenshot_2.png HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:30 GMT
content-type: image/png
last-modified: Wed, 23 Nov 2022 04:14:57 GMT
accept-ranges: bytes
content-length: 609993
date: Thu, 01 Dec 2022 06:03:30 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.tynt.com/tc.js
104.18.36.173200 OK 6.7 kB IP 104.18.36.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (647)
Hash 1c19de1014ecbb64bf79594584b7e243
e2ab949e99c448f107245a0a39c10e0b30130e9f
5c80cda6336fe83e049aea16c899b4983fa70744beccddd14d75ee0c178c5c77
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 06:03:34 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:29 GMT
vary: Accept-Encoding
etag: W/"62d96959-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 52683
expires: Sun, 04 Dec 2022 06:03:34 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 77299ed34da41c16-OSL
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!7s2en9vm1u&lm=0&ts=1669874612919&dn=TC&iso=0&ct=A%20place%20to%20share%20all%20tools&t=A%20place%20to%20share%20all%20tools%20-%20Doremom&cu=https%3A%2F%2Fdoremom.com%2F
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!7s2en9vm1u&lm=0&ts=1669874612919&dn=TC&iso=0&ct=A%20place%20to%20share%20all%20tools&t=A%20place%20to%20share%20all%20tools%20-%20Doremom&cu=https%3A%2F%2Fdoremom.com%2F
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!7s2en9vm1u&lm=0&ts=1669874612919&dn=TC&iso=0&ct=A%20place%20to%20share%20all%20tools&t=A%20place%20to%20share%20all%20tools%20-%20Doremom&cu=https%3A%2F%2Fdoremom.com%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 01 Dec 2022 06:03:35 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!7s2en9vm1u&lm=0&ts=1669874612919&dn=TC&iso=0&ct=A%20place%20to%20share%20all%20tools&t=A%20place%20to%20share%20all%20tools%20-%20Doremom
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!7s2en9vm1u&lm=0&ts=1669874612919&dn=TC&iso=0&ct=A%20place%20to%20share%20all%20tools&t=A%20place%20to%20share%20all%20tools%20-%20Doremom
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!7s2en9vm1u&lm=0&ts=1669874612919&dn=TC&iso=0&ct=A%20place%20to%20share%20all%20tools&t=A%20place%20to%20share%20all%20tools%20-%20Doremom HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 01 Dec 2022 06:03:35 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!7s2en9vm1u&dn=TC&cc=1&r=
67.202.105.32200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!7s2en9vm1u&dn=TC&cc=1&r=
IP 67.202.105.32:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!7s2en9vm1u&dn=TC&cc=1&r= HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Fri, 02 Dec 2022 06:03:35 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Thu, 01 Dec 2022 06:03:34 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!7s2en9vm1u&lm=0&ts=1669874612919&dn=TC&iso=0&ct=A%20place%20to%20share%20all%20tools
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!7s2en9vm1u&lm=0&ts=1669874612919&dn=TC&iso=0&ct=A%20place%20to%20share%20all%20tools
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!7s2en9vm1u&lm=0&ts=1669874612919&dn=TC&iso=0&ct=A%20place%20to%20share%20all%20tools HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 01 Dec 2022 06:03:35 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!7s2en9vm1u&lm=0&ts=1669874612919&dn=TC&iso=0&ct=A%20place%20to%20share%20all%20tools
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!7s2en9vm1u&lm=0&ts=1669874612919&dn=TC&iso=0&ct=A%20place%20to%20share%20all%20tools
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!7s2en9vm1u&lm=0&ts=1669874612919&dn=TC&iso=0&ct=A%20place%20to%20share%20all%20tools HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 01 Dec 2022 06:03:35 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!7s2en9vm1u&lm=0&ts=1669874612919&dn=TC&iso=0
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!7s2en9vm1u&lm=0&ts=1669874612919&dn=TC&iso=0
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!7s2en9vm1u&lm=0&ts=1669874612919&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 01 Dec 2022 06:03:35 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!7s2en9vm1u&lm=0&ts=1669874612919&dn=TC&iso=0
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!7s2en9vm1u&lm=0&ts=1669874612919&dn=TC&iso=0
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!7s2en9vm1u&lm=0&ts=1669874612919&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 01 Dec 2022 06:03:36 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
doremom.com/wp-content/uploads/2021/08/BlockNewsAfrica-720x90@6x.png
198.54.120.243200 OK 0 B URL HTTP/2 doremom.com/wp-content/uploads/2021/08/BlockNewsAfrica-720x90@6x.png
IP 198.54.120.243:0
GET /wp-content/uploads/2021/08/BlockNewsAfrica-720x90@6x.png HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:31 GMT
content-type: image/png
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-length: 743961
date: Thu, 01 Dec 2022 06:03:31 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=7s2en9vm1u&t=A%20place%20to%20share%20all%20tools%20-%20Doremom&c=t&x=https%3A%2F%2Fdoremom.com%2F&y=&a=0&d=3.203&v=27&r=4654
104.22.74.171200 OK 0 B URL HTTP/2 whos.amung.us/pingjs/?k=7s2en9vm1u&t=A%20place%20to%20share%20all%20tools%20-%20Doremom&c=t&x=https%3A%2F%2Fdoremom.com%2F&y=&a=0&d=3.203&v=27&r=4654
IP 104.22.74.171:0
GET /pingjs/?k=7s2en9vm1u&t=A%20place%20to%20share%20all%20tools%20-%20Doremom&c=t&x=https%3A%2F%2Fdoremom.com%2F&y=&a=0&d=3.203&v=27&r=4654 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 06:03:33 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77299ecc8d2f1665-ARN
X-Firefox-Spdy: h2
waust.at/t.js
104.26.4.7200 OK 0 B IP 104.26.4.7:0
GET /t.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 06:03:30 GMT
content-type: application/x-javascript
last-modified: Tue, 29 Nov 2022 16:55:13 GMT
etag: W/"63863971-728a"
expires: Fri, 02 Dec 2022 06:03:29 GMT
cache-control: max-age=86400
access-control-allow-origin: *
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ip95XZ%2BCJ88gJmG2NvpBLrwLO4F1HIh036AnJr38cZ00QEsz%2Fd83QFZTDcZLC%2FRc7ecObXu%2BZh0RJqPcoKiXaZ%2FA9yBeCpt3Z3RfpX%2FHyWmQBob%2FbPGZp%2BKt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77299eb62bbfb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
doremom.com/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=1.0.0
198.54.120.243200 OK 0 B URL HTTP/2 doremom.com/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=1.0.0
IP 198.54.120.243:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/dist/frontend.min.js?ver=1.0.0 HTTP/1.1
Host: doremom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doremom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 06:03:29 GMT
content-type: application/javascript
last-modified: Wed, 27 Apr 2022 04:24:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 82700
date: Thu, 01 Dec 2022 06:03:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2