firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 05 Sep 2022 13:39:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: e22LsYisAWe9cy_u7FD8WUEYLc8D7314j3Jf1w39GrWilhMPmvaGGA==
Age: 526
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16328
Expires: Mon, 05 Sep 2022 18:20:04 GMT
Date: Mon, 05 Sep 2022 13:47:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HBk5JIBrBBJwNdOvI_9gEwjoYGXh8-1TOyKhBGCkFYDCtzeiyppIeA==
age: 45159
X-Firefox-Spdy: h2
legnoegiardino.com/net/johter/SBROCKER/login.php
81.31.147.20301 Moved Permanently 0 B URL HTTP/1.1 legnoegiardino.com/net/johter/SBROCKER/login.php
IP 81.31.147.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Orange
fortinet Phishing
GET /net/johter/SBROCKER/login.php HTTP/1.1
Host: legnoegiardino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Sep 2022 13:47:57 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
X-Powered-By: PHP/5.5.38
X-Pingback: http://www.legnoegiardino.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Upgrade: h2,h2c
Location: http://www.legnoegiardino.com/net/johter/SBROCKER/login.php
Vary: User-Agent
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 13:47:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.legnoegiardino.com/net/johter/SBROCKER/login.php
81.31.147.20404 Not Found 3.8 kB URL HTTP/1.1 www.legnoegiardino.com/net/johter/SBROCKER/login.php
IP 81.31.147.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (787), with CRLF, LF line terminators
Hash 523175a81f596e7c196b91df3c09dc01
f58bcf328b8be7881c08071449d62f2e45250e6d
c892b35cc68a6714456648c5bde36846f7625f27fa6a4baf1d60972f8b2742bd
Analyzer Verdict Alert fortinet Phishing
GET /net/johter/SBROCKER/login.php HTTP/1.1
Host: www.legnoegiardino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 05 Sep 2022 13:47:57 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 3803
X-Powered-By: PHP/5.5.38
X-Pingback: http://www.legnoegiardino.com/xmlrpc.php
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=eoii6cded8v5hb7iqprh2el5r6; path=/
Upgrade: h2,h2c
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800&subset=latin,latin-ext
142.250.74.10200 OK 970 B URL HTTP/1.1 fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800&subset=latin,latin-ext
IP 142.250.74.10:0
Hash 482e051f3c18290f5ce254faddf7a822
89b4f35274857c5787fdbbc02fc0fc9c25a13f00
d3349fe3b56a063782cfbe3ab92fc32720e33c9933cd06612159497f4157a3a8
GET /css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.legnoegiardino.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 05 Sep 2022 13:47:57 GMT
Date: Mon, 05 Sep 2022 13:47:57 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext
142.250.74.10200 OK 1.1 kB URL HTTP/1.1 fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext
IP 142.250.74.10:0
Hash 7d5978eb65ebf46f535000aeb7b83d11
d64c84281e4ca0605a4f4cc201edd15c2328a7f7
fffe03db40fdc7db46668277add134eb4886f80caa9faf08b9ca8360908e3ebd
GET /css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.legnoegiardino.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 05 Sep 2022 13:47:57 GMT
Date: Mon, 05 Sep 2022 13:47:57 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
www.legnoegiardino.com/wp-content/themes/Divi/epanel/shortcodes/css/shortcodes_responsive.css?ver=3.0
81.31.147.20200 OK 826 B URL HTTP/1.1 www.legnoegiardino.com/wp-content/themes/Divi/epanel/shortcodes/css/shortcodes_responsive.css?ver=3.0
IP 81.31.147.20:0
File type ASCII text, with CRLF line terminators
Hash 931948877e3fd04d2ad7fe9578b6a621
1ce1d29f632f80c424914b69c2dd654dded26ce7
d5c18f2b3721840b579d47eeff3e3062087ed2feaa1ecee070fbd1c9d62b1d3a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/epanel/shortcodes/css/shortcodes_responsive.css?ver=3.0 HTTP/1.1
Host: www.legnoegiardino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.legnoegiardino.com/net/johter/SBROCKER/login.php
Cookie: PHPSESSID=eoii6cded8v5hb7iqprh2el5r6
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 13:47:57 GMT
Content-Type: text/css
Content-Length: 826
Upgrade: h2,h2c
Last-Modified: Wed, 18 Mar 2015 15:38:26 GMT
ETag: "fca-51191dfc96080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
www.legnoegiardino.com/wp-content/themes/Divi/epanel/shortcodes/css/shortcodes.css?ver=3.0
81.31.147.20200 OK 5.8 kB URL HTTP/1.1 www.legnoegiardino.com/wp-content/themes/Divi/epanel/shortcodes/css/shortcodes.css?ver=3.0
IP 81.31.147.20:0
File type ASCII text, with very long lines (859), with CRLF line terminators
Hash c3005f21c04507adbea65a5e9ea35b68
afee56253e8cb3a4b86e85ac429b17955cea3bd4
f56479ad6fa55562344f46563c39a0a3ffe39921e62d7ca7a959f24a4dea5c82
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/epanel/shortcodes/css/shortcodes.css?ver=3.0 HTTP/1.1
Host: www.legnoegiardino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.legnoegiardino.com/net/johter/SBROCKER/login.php
Cookie: PHPSESSID=eoii6cded8v5hb7iqprh2el5r6
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 13:47:57 GMT
Content-Type: text/css
Content-Length: 5774
Upgrade: h2,h2c
Last-Modified: Wed, 18 Mar 2015 15:38:26 GMT
ETag: "8d9d-51191dfc96080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
www.legnoegiardino.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
81.31.147.20200 OK 3.1 kB URL HTTP/1.1 www.legnoegiardino.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
IP 81.31.147.20:0
File type ASCII text, with very long lines (7085), with CRLF line terminators
Hash be877782551a115e6da253d62cc3a6b2
b06a56238dcc28a6343c66d41aab3ad12a9c4f08
aba99fe4bef6b2ef9f9f0824e9dbdf7dede23e22a98b2305820c1f25a37e7380
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 HTTP/1.1
Host: www.legnoegiardino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.legnoegiardino.com/net/johter/SBROCKER/login.php
Cookie: PHPSESSID=eoii6cded8v5hb7iqprh2el5r6
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 13:47:57 GMT
Content-Type: application/javascript
Content-Length: 3068
Upgrade: h2,h2c
Last-Modified: Thu, 19 Feb 2015 01:41:35 GMT
ETag: "1c20-50f67094331c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
www.legnoegiardino.com/wp-content/plugins/eu-cookie-law/css/style.css?ver=4.1.36
81.31.147.20200 OK 952 B URL HTTP/1.1 www.legnoegiardino.com/wp-content/plugins/eu-cookie-law/css/style.css?ver=4.1.36
IP 81.31.147.20:0
Hash f1ab99d073f0438829ab19edab07424c
9a0fd9ba493515d71974dd4819861d2643e93221
91fe4150104c51834d1d07cd791a86b6e46ed8ef36672297ebea6e856dc7a7fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/eu-cookie-law/css/style.css?ver=4.1.36 HTTP/1.1
Host: www.legnoegiardino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.legnoegiardino.com/net/johter/SBROCKER/login.php
Cookie: PHPSESSID=eoii6cded8v5hb7iqprh2el5r6
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 13:47:57 GMT
Content-Type: text/css
Content-Length: 952
Upgrade: h2,h2c
Last-Modified: Thu, 25 Jun 2015 12:49:37 GMT
ETag: "c5a-519570e573a40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 05 Sep 2022 13:38:16 GMT
Expires: Mon, 05 Sep 2022 14:21:10 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vx6QawIWE7uM0NKwn5F0ChtNlw7LEfHQlVPUkwMkwmdTK3HAuXy52A==
Age: 581
www.legnoegiardino.com/wp-content/themes/Divi/js/waypoints.min.js?ver=2.3.1
81.31.147.20200 OK 2.6 kB URL HTTP/1.1 www.legnoegiardino.com/wp-content/themes/Divi/js/waypoints.min.js?ver=2.3.1
IP 81.31.147.20:0
File type ASCII text, with very long lines (7808), with CRLF line terminators
Hash b1b103d56189b14bacb6e7b2066910c3
8e47ea5795388e5582720292d3df22dad82de60c
fea8c29afb9ea78e398983e14587df33a8f1a7ba2fbd7f899d39f3e8162bbd23
GET /wp-content/themes/Divi/js/waypoints.min.js?ver=2.3.1 HTTP/1.1
Host: www.legnoegiardino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.legnoegiardino.com/net/johter/SBROCKER/login.php
Cookie: PHPSESSID=eoii6cded8v5hb7iqprh2el5r6
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 13:47:57 GMT
Content-Type: application/javascript
Content-Length: 2625
Upgrade: h2,h2c
Last-Modified: Wed, 18 Mar 2015 15:38:26 GMT
ETag: "1f73-51191dfc96080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
www.legnoegiardino.com/wp-content/themes/Divi/js/jquery.fitvids.js?ver=2.3.1
81.31.147.20200 OK 1.2 kB URL HTTP/1.1 www.legnoegiardino.com/wp-content/themes/Divi/js/jquery.fitvids.js?ver=2.3.1
IP 81.31.147.20:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 2053f2efb5ab4fa32af3a920479b93a0
afc8fba88296776325e2a297e61cfb8293b6d1e2
b32446cd83eaa246d0cd6ddb9d1648b7e6279bb9832b7dc508d9e20f611a4c8f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/js/jquery.fitvids.js?ver=2.3.1 HTTP/1.1
Host: www.legnoegiardino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.legnoegiardino.com/net/johter/SBROCKER/login.php
Cookie: PHPSESSID=eoii6cded8v5hb7iqprh2el5r6
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 13:47:57 GMT
Content-Type: application/javascript
Content-Length: 1191
Upgrade: h2,h2c
Last-Modified: Wed, 18 Mar 2015 15:38:26 GMT
ETag: "b7f-51191dfc96080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
www.legnoegiardino.com/wp-content/themes/Divi/style.css?ver=2.3.1
81.31.147.20200 OK 37 kB URL HTTP/1.1 www.legnoegiardino.com/wp-content/themes/Divi/style.css?ver=2.3.1
IP 81.31.147.20:0
File type ASCII text, with very long lines (1042), with CRLF line terminators
Hash d6149d185f3e073ace59a16fb45a8641
85ea1b6f05fd23a5e7a8ddfb20c16707961abced
83bfc6a084b040f231f5efa7e36a76591753365020c2af84ab44a4fb7e02e8b3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/style.css?ver=2.3.1 HTTP/1.1
Host: www.legnoegiardino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.legnoegiardino.com/net/johter/SBROCKER/login.php
Cookie: PHPSESSID=eoii6cded8v5hb7iqprh2el5r6
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 13:47:57 GMT
Content-Type: text/css
Content-Length: 37167
Upgrade: h2,h2c
Last-Modified: Wed, 18 Mar 2015 15:38:26 GMT
ETag: "49f1f-51191dfc96080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
www.legnoegiardino.com/wp-content/themes/Divi/js/jquery.magnific-popup.js?ver=2.3.1
81.31.147.20200 OK 14 kB URL HTTP/1.1 www.legnoegiardino.com/wp-content/themes/Divi/js/jquery.magnific-popup.js?ver=2.3.1
IP 81.31.147.20:0
File type ASCII text, with CRLF line terminators
Hash adf4f1f3fc29582710cfc790457b1460
f348479f94e4c970062f2792725b2bdc5b562852
79b2c124d47060243a9f6a96be33b80cd800821f054f1800317bc05f297c1890
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/js/jquery.magnific-popup.js?ver=2.3.1 HTTP/1.1
Host: www.legnoegiardino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.legnoegiardino.com/net/johter/SBROCKER/login.php
Cookie: PHPSESSID=eoii6cded8v5hb7iqprh2el5r6
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 13:47:57 GMT
Content-Type: application/javascript
Content-Length: 13846
Upgrade: h2,h2c
Last-Modified: Wed, 18 Mar 2015 15:38:26 GMT
ETag: "ba66-51191dfc96080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
www.legnoegiardino.com/wp-content/plugins/eu-cookie-law/js/scripts.js?ver=4.1.36
81.31.147.20200 OK 587 B URL HTTP/1.1 www.legnoegiardino.com/wp-content/plugins/eu-cookie-law/js/scripts.js?ver=4.1.36
IP 81.31.147.20:0
File type ASCII text, with CRLF line terminators
Hash efaf0fbe36adc4222c4d465ab56b3d86
c59318a5cd957fcb02402e3d14aaac86c5a3acc5
d2500f1bed3c262822f4cde3b82d3ada2ab07209b39bf72688c7edbb841acc7a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/eu-cookie-law/js/scripts.js?ver=4.1.36 HTTP/1.1
Host: www.legnoegiardino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.legnoegiardino.com/net/johter/SBROCKER/login.php
Cookie: PHPSESSID=eoii6cded8v5hb7iqprh2el5r6
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 13:47:57 GMT
Content-Type: application/javascript
Content-Length: 587
Upgrade: h2,h2c
Last-Modified: Thu, 25 Jun 2015 12:49:37 GMT
ETag: "5bd-519570e573a40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
www.legnoegiardino.com/wp-content/themes/Divi/js/smoothscroll.js?ver=2.3.1
81.31.147.20200 OK 4.4 kB URL HTTP/1.1 www.legnoegiardino.com/wp-content/themes/Divi/js/smoothscroll.js?ver=2.3.1
IP 81.31.147.20:0
File type ASCII text, with CRLF line terminators
Hash 9640901a320d2126aab0ac41f57ba181
e72db511f896c465a705ab8ce3f144428b7ea87d
ce73d0bb430b3d9fd67e84c2403ef03e2eec79b6361884bb92c9460799cd60b8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/js/smoothscroll.js?ver=2.3.1 HTTP/1.1
Host: www.legnoegiardino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.legnoegiardino.com/net/johter/SBROCKER/login.php
Cookie: PHPSESSID=eoii6cded8v5hb7iqprh2el5r6
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 13:47:57 GMT
Content-Type: application/javascript
Content-Length: 4407
Upgrade: h2,h2c
Last-Modified: Wed, 18 Mar 2015 15:38:26 GMT
ETag: "3888-51191dfc96080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
www.legnoegiardino.com/wp-includes/js/jquery/jquery.js?ver=1.11.1
81.31.147.20200 OK 33 kB URL HTTP/1.1 www.legnoegiardino.com/wp-includes/js/jquery/jquery.js?ver=1.11.1
IP 81.31.147.20:0
File type ASCII text, with very long lines (32086)
Hash 2c7a4be98841b87655ea1a878ebd973a
85bda3edd0b5e85cb3c299b3ffddb75c0481b450
e35fb7237e4023807528e7a4661b604df88fd3b5d8941bcd82e0abfb6d751491
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js?ver=1.11.1 HTTP/1.1
Host: www.legnoegiardino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.legnoegiardino.com/net/johter/SBROCKER/login.php
Cookie: PHPSESSID=eoii6cded8v5hb7iqprh2el5r6
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 13:47:57 GMT
Content-Type: application/javascript
Content-Length: 33231
Upgrade: h2,h2c
Last-Modified: Wed, 24 Dec 2014 09:27:16 GMT
ETag: "1763f-50af2e5b8a500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
www.legnoegiardino.com/wp-content/themes/Divi/js/custom.js?ver=2.3.1
81.31.147.20200 OK 18 kB URL HTTP/1.1 www.legnoegiardino.com/wp-content/themes/Divi/js/custom.js?ver=2.3.1
IP 81.31.147.20:0
File type HTML document, ASCII text, with CRLF line terminators
Hash d1feccfa6da1c79292ef830842cdcd1e
727bf90cb14ffd78640b7a93de45463e1fb1658d
c8b7bf8d803bbf2ba69b00aec3afc3a03df7ce34a2bfdacf7a09e8981a690665
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/js/custom.js?ver=2.3.1 HTTP/1.1
Host: www.legnoegiardino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.legnoegiardino.com/net/johter/SBROCKER/login.php
Cookie: PHPSESSID=eoii6cded8v5hb7iqprh2el5r6
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 13:47:57 GMT
Content-Type: application/javascript
Content-Length: 17828
Upgrade: h2,h2c
Last-Modified: Wed, 18 Mar 2015 15:38:26 GMT
ETag: "18a91-51191dfc96080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
www.legnoegiardino.com/wp-content/uploads/2014/12/legno_giardino.png
81.31.147.20200 OK 14 kB URL HTTP/1.1 www.legnoegiardino.com/wp-content/uploads/2014/12/legno_giardino.png
IP 81.31.147.20:0
File type PNG image data, 380 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash e1b565000656c2066c73a74458af2738
95457fefd7d03549d35a3fdfbde1ca798caeb1d3
c58e7cfa8f1175cb5ee51f3c91326c3facd9f9ffce5b938fea0057081d794b90
GET /wp-content/uploads/2014/12/legno_giardino.png HTTP/1.1
Host: www.legnoegiardino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.legnoegiardino.com/net/johter/SBROCKER/login.php
Cookie: PHPSESSID=eoii6cded8v5hb7iqprh2el5r6
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 13:47:57 GMT
Content-Type: image/png
Content-Length: 13574
Upgrade: h2,h2c
Last-Modified: Wed, 24 Dec 2014 09:23:33 GMT
ETag: "3506-50af2d86def40"
Accept-Ranges: bytes
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.legnoegiardino.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 29 Aug 2022 21:39:19 GMT
Expires: Tue, 29 Aug 2023 21:39:19 GMT
Cache-Control: public, max-age=31536000
Age: 576518
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2
www.legnoegiardino.com/favicon.ico
81.31.147.20200 OK 0 B URL HTTP/1.1 www.legnoegiardino.com/favicon.ico
IP 81.31.147.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.legnoegiardino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.legnoegiardino.com/net/johter/SBROCKER/login.php
Cookie: PHPSESSID=eoii6cded8v5hb7iqprh2el5r6
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 13:47:57 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 0
X-Powered-By: PHP/5.5.38
Upgrade: h2,h2c
Vary: User-Agent
push.services.mozilla.com/
52.89.17.198101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.17.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: C1ZvV2MLlhPmU4TC8tGjbQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CJfEPQHvU++2DbtSuJnM7//c5DM=
www.legnoegiardino.com/wp-content/uploads/2014/12/purty_wood1.png
81.31.147.20200 OK 222 kB URL HTTP/1.1 www.legnoegiardino.com/wp-content/uploads/2014/12/purty_wood1.png
IP 81.31.147.20:0
File type PNG image data, 400 x 400, 8-bit/color RGB, non-interlaced\012- data
Size 222 kB (222357 bytes)
Hash 350ab53795a00ea2d099a5545c0fb43a
b082fceeeb611125c197ba410ef9d27c3551c685
3156d17a0579de63c207665d75b090193d00644bb4c8eaeb7c89c5ab448c4d5e
GET /wp-content/uploads/2014/12/purty_wood1.png HTTP/1.1
Host: www.legnoegiardino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.legnoegiardino.com/net/johter/SBROCKER/login.php
Cookie: PHPSESSID=eoii6cded8v5hb7iqprh2el5r6
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 13:47:57 GMT
Content-Type: image/png
Content-Length: 222357
Upgrade: h2,h2c
Last-Modified: Wed, 24 Dec 2014 10:13:18 GMT
ETag: "36495-50af38a596b80"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15927
Expires: Mon, 05 Sep 2022 18:13:26 GMT
Date: Mon, 05 Sep 2022 13:47:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15927
Expires: Mon, 05 Sep 2022 18:13:26 GMT
Date: Mon, 05 Sep 2022 13:47:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15927
Expires: Mon, 05 Sep 2022 18:13:26 GMT
Date: Mon, 05 Sep 2022 13:47:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15927
Expires: Mon, 05 Sep 2022 18:13:26 GMT
Date: Mon, 05 Sep 2022 13:47:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15927
Expires: Mon, 05 Sep 2022 18:13:26 GMT
Date: Mon, 05 Sep 2022 13:47:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30bf854fd3e27e2313a3d26fc43b9990
032acf1bfb0c8e2cbce8f2ff4d2964424b044951
7641be64dd25487edf4f845d1fbb0b07daa80fa8fb58863dd09081d9d169bd13
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: de0e8998-4a52-4651-bcd6-3068c50193b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey2Eq4oAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-15da44d87bf486cb1738fe18;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nqxzicnkQPrjStpPaMIZAukyjtUBQaXfuxWzIs77YGDyJmnirlMsxw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:54:51 GMT
age: 57188
etag: "032acf1bfb0c8e2cbce8f2ff4d2964424b044951"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f567821-8e06-4951-99ce-e4f161bb68b8.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f567821-8e06-4951-99ce-e4f161bb68b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af2dba4695867af2da0b689832f99393
b33bef0200ea8f8a64df0fdd28e648f36ed177d1
eecc3b2002b85f2f742f97b6fa4a2686c5e22fac3e73f4469357e0cfb554649e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f567821-8e06-4951-99ce-e4f161bb68b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11529
x-amzn-requestid: 5a708c64-a562-4082-bdb0-54a7e7ca4c96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqfLDEa3IAMFg7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630dabe0-50c8bda630d48d5866416a55;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 06:19:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wLCyRpkbM9GuCD0b68O8ttgaDNma8Dc18GetEWkNqo6bQJkuE44gKw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 03:46:14 GMT
age: 36105
etag: "b33bef0200ea8f8a64df0fdd28e648f36ed177d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f31081f-706c-4ba5-8026-d80f418f0e9a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f31081f-706c-4ba5-8026-d80f418f0e9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4d1d7d95258e80e549a36826ffd55d8b
2f3d6053c4014cbdabf2187474997eb2156f168a
7a8c4fa0f58191a0830de1921a128d1a49b9627f5e87bb153645b7687b3f8f5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f31081f-706c-4ba5-8026-d80f418f0e9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11538
x-amzn-requestid: d429060b-9a2e-4bdc-8fd8-ade90fa26566
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey2EwCIAMFnAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-6733538a2958d9581b1d51e6;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: up3TApAXcKRFo1QkxPJv97sP83ctt0T7teydhU18gX-ZS8CtJk4SOQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:48:17 GMT
age: 57582
etag: "2f3d6053c4014cbdabf2187474997eb2156f168a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99b438b1-ec2f-4d02-9da4-cca3c8bdf61b.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99b438b1-ec2f-4d02-9da4-cca3c8bdf61b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7877df05329f39350f4907a067f5840e
21f33eca6863c382c216c16799d1bea83e40fbd9
94b943383bbd05d11ac0f9c3672e315c9cfaa5cb2299c3779195f08491969fa8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99b438b1-ec2f-4d02-9da4-cca3c8bdf61b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4260
x-amzn-requestid: 024510ab-0cb7-421e-805b-fa54501d1e99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpjFQGPVIAMFytQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d4bbb-4492cd20474c37337f8a5521;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 23:28:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Wk8myA4exuK32he7TlFoJtvtqHb0WcDhvSuo6-aN0dMcxIr7cDkU5Q==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:48:24 GMT
age: 57575
etag: "21f33eca6863c382c216c16799d1bea83e40fbd9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 290f6551c5ac539ea60810b135750f17
3633391a8dd87ef10fcb0d04d7b309738affc4a7
d94d133faaf232cf15b5c3f38f5b45d87d70bce0668d607b5c66a8d3f836540f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7830
x-amzn-requestid: c56af3b5-2c48-4243-b220-d56a9be47990
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3H4JoAMFiMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-23ec24d867e3e5906fffa1a6;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fpKQlxOtyRwaZk2FUf11J62jlqcAvXgOQT-ipFQm6qW-dMHyXaEnNg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:49:31 GMT
age: 57508
etag: "3633391a8dd87ef10fcb0d04d7b309738affc4a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7fe061740ad833cfe7ff0fe078d6810d
15d0fc3fdced758b5797361bae0fd53341e0581d
5409b6775bca5afd03901975c61c27f267efe2c8a8e739f05ebc52a938c5a368
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5459
x-amzn-requestid: a75bf8a5-dc96-4a88-9de5-b79d1d62ff21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XxB_bFMFoAMFkEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631049fc-2685c90962d8af5f4a7b5908;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 05:58:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YqgTII0TYwznz5DfHLFpfzTPh08akwJSWc3wIf-YpBgUrs84AYM2Yw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:15:00 GMT
age: 55979
etag: "15d0fc3fdced758b5797361bae0fd53341e0581d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2