roanoke.family/wp-content/online/tracking-package/verification
151.101.130.159301 Moved Permanently 162 B URL HTTP/1.1 roanoke.family/wp-content/online/tracking-package/verification
IP 151.101.130.159:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /wp-content/online/tracking-package/verification HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Location: https://roanoke.family/wp-content/online/tracking-package/verification
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-FW-Server: Flywheel/5.1.0
X-FW-Hash: ug6mlb3sfo
X-Hits: 3
X-FW-Version: 5.0.0
Server: Flywheel/5.1.0
Accept-Ranges: bytes
Date: Thu, 05 Jan 2023 01:37:14 GMT
X-Served-By: cache-bma1661-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 0
X-Timer: S1672882635.651506,VS0,VE121
Vary: Authorization
X-FW-Serve: TRUE
X-FW-Static: NO
X-FW-Type: VISIT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ce8af3d72e7e9af609039abee59c8b87
8e1b16591fbc632df35f15e23da55ee86af31bc3
52edddbda4a3a3b778f61a491b21e6ea439e9d8024189e636b1f37b2dd7226fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52EDDDBDA4A3A3B778F61A491B21E6EA439E9D8024189E636B1F37B2DD7226FC"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12032
Expires: Thu, 05 Jan 2023 04:57:46 GMT
Date: Thu, 05 Jan 2023 01:37:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17886
Expires: Thu, 05 Jan 2023 06:35:20 GMT
Date: Thu, 05 Jan 2023 01:37:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 05 Jan 2023 01:36:25 GMT
content-type: application/json
age: 49
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 225d42543c0190cdb3686bf236533f4f
13a0940800fce078487372b6b3ca614dd1ab6c31
766bbe15eb1642ac39e9b71669fbb44252471c8de5adb555cd1a76db44fbe7bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "766BBE15EB1642AC39E9B71669FBB44252471C8DE5ADB555CD1A76DB44FBE7BC"
Last-Modified: Mon, 02 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14573
Expires: Thu, 05 Jan 2023 05:40:07 GMT
Date: Thu, 05 Jan 2023 01:37:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: E9/r0ay0UzeV5kai1RucNv/StLeXi0GNGcsdrsV2xnAtG1b3SnIWoDcV2CnNYBlolvLk4JopkGY=
x-amz-request-id: H1PQ0H51JMBA6XWY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 05 Jan 2023 00:59:20 GMT
age: 2274
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 01:37:14 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification
151.101.130.159301 Moved Permanently 162 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification
IP 151.101.130.159:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /wp-content/online/tracking-package/verification HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
content-type: text/html
location: http://roanoke.family/wp-content/online/tracking-package/verification/
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
x-hits: 12
x-fw-version: 5.0.0
server: Flywheel/5.1.0
accept-ranges: bytes
date: Thu, 05 Jan 2023 01:37:15 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882635.971259,VS0,VE357
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 162
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/
151.101.130.159301 Moved Permanently 162 B URL HTTP/1.1 roanoke.family/wp-content/online/tracking-package/verification/
IP 151.101.130.159:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /wp-content/online/tracking-package/verification/ HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Location: https://roanoke.family/wp-content/online/tracking-package/verification/
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-FW-Server: Flywheel/5.1.0
X-FW-Hash: ug6mlb3sfo
X-Hits: 14
X-FW-Version: 5.0.0
Server: Flywheel/5.1.0
Accept-Ranges: bytes
Date: Thu, 05 Jan 2023 01:37:15 GMT
X-Served-By: cache-bma1661-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 0
X-Timer: S1672882635.358032,VS0,VE120
Vary: Authorization
X-FW-Serve: TRUE
X-FW-Static: NO
X-FW-Type: VISIT
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 05 Jan 2023 01:08:11 GMT
age: 1744
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe74c226e54f2f382d278b594df930ae
4e4ebc661443f56b74d7c924ddae50bcb107f0af
511f11fe968867447f6d7e5862d8003e3a5fc18bdb62496ea09d140e9a11f53b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5007
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 01:37:15 GMT
Last-Modified: Thu, 05 Jan 2023 00:13:48 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.149.51.98101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.51.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wItH4w/odAVSp65kZH6tZQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5brmyQgr/dnKHbUZaXn1YuPAbYY=
roanoke.family/wp-content/online/tracking-package/verification/files/free_boxes.svg
151.101.130.159200 OK 645 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/free_boxes.svg
IP 151.101.130.159:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4b590639f2b5f11aa4852b91436ed568
1849a7e36ca012c77dfe8833383bbceef22396a5
d400c9cfdf6690aeefeeec3ef502768062692288bcb25f1ad9698febde370257
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/free_boxes.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 04 Jan 2023 23:59:57 GMT
etag: W/"63b612fd-42a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 23
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.405663,VS0,VE120
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 645
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/search-fe.js
151.101.130.159200 OK 942 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/search-fe.js
IP 151.101.130.159:0
File type ASCII text, with very long lines (2235), with no line terminators
Hash 5b5c5acb99c8df2c66611898905957c9
644d0e0b0395ca6ade7fcce51450bb557471955f
c2285d3ef33628aa4c0ef57bd6fc4565e27a007cd0414a80fe962d4dc920b61e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/search-fe.js HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-8bb"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 28
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.392914,VS0,VE357
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 942
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/schedule-redelivery.css
151.101.130.159200 OK 5.4 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/schedule-redelivery.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (23038), with no line terminators
Hash 3f169d8e4af6b4b985963c63f6ef5c56
4b0eb4d883518d6b6417f89d0eb6b4aa1750c66b
8a3a2e418fa44202c28438c58d2859a645372fbf455880c282333e3cb9e981ab
GET /wp-content/online/tracking-package/verification/files/schedule-redelivery.css HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-59fe"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 27
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.392996,VS0,VE356
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 5353
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/helpers.js
151.101.130.159200 OK 365 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/helpers.js
IP 151.101.130.159:0
File type ASCII text, with very long lines (695), with no line terminators
Hash bf3346a957e3fdcdcd5d33700d988a99
2ae6cfb339cb269fe2aeea51a5c5051af3674dc9
f0f72877d4bb7ef6b78119019dd0b4a9e02cc87b788a216d700c827ea4fae1f0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/helpers.js HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-2b7"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 28
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.392934,VS0,VE358
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 365
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/megamenu-v2.css
151.101.130.159200 OK 8.1 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/megamenu-v2.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (44725), with no line terminators
Hash d9c25f81d451e1133bfdd3d4a7cad3a2
7aa4df479d718f1ad2f15a92850a70e7e76cd5cc
619b3d6ebc31379b8346457aeed773506c1e78a840e99643fee1bfb1eb98a118
GET /wp-content/online/tracking-package/verification/files/megamenu-v2.css HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-aeb5"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 27
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.393263,VS0,VE358
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 8054
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/logo_mobile.svg
151.101.130.159200 OK 940 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/logo_mobile.svg
IP 151.101.130.159:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash db1f5951bab19af90e0c3b4598924d6b
eb3611a4363f7a5fb1e3e8360c0f6a369833ab2b
ac3f573fc79c3afe9c3be92576b79e2617db71f3a0015482df85674c3077d62c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/logo_mobile.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-80c"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 20
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.397681,VS0,VE357
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 940
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/change_address.svg
151.101.130.159200 OK 964 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/change_address.svg
IP 151.101.130.159:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 690f75e8d8287f3fe4f420ff22b7c886
c321ed44fc4162342909bf8461f9d37dd1f78a1d
a491e4014133e80e4cde025542001eb55341d458122160b9c92b5b1f637030a1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/change_address.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 04 Jan 2023 23:59:57 GMT
etag: W/"63b612fd-74d"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 23
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.400847,VS0,VE354
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 964
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/calculate_price.svg
151.101.130.159200 OK 794 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/calculate_price.svg
IP 151.101.130.159:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash b50c520579c7da47e93133130832969a
77ee38a54df08235056283811ade9b174c9388bd
ec919b4a8e25619bd30ea7b40ea97c8974fddb01ba7fcf565fa3a0a31a2aa80b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/calculate_price.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 04 Jan 2023 23:59:57 GMT
etag: W/"63b612fd-8fe"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 23
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.398976,VS0,VE357
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 794
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/featured_clicknship.svg
151.101.130.159200 OK 510 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/featured_clicknship.svg
IP 151.101.130.159:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Hash 2a6d7052cae9f8c496410af5cd93bf44
2ab128f60e0e8a9a9d8ffd049fddb7267f5d4b24
fcd7ccf3e38eef1bdfc2e5fd9361b6c27f6b20f0c63b5f2e6ff2728cf7b47aaa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/featured_clicknship.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 04 Jan 2023 23:59:57 GMT
etag: W/"63b612fd-436"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 23
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.405649,VS0,VE355
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 510
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/po_box.svg
151.101.130.159200 OK 866 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/po_box.svg
IP 151.101.130.159:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash c6628aeaf1736307d2927cd4c16f4f68
b0cec0b14f7d42590a6f23289c5643391182fe75
f003fa28cd3dc97bbbbbcce4e2cd7c8a8c1eb58e68e5067d7a8203e3ecf21ad4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/po_box.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-667"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 24
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.405678,VS0,VE356
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 866
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/megamenu-additions.js
151.101.130.159200 OK 538 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/megamenu-additions.js
IP 151.101.130.159:0
File type ASCII text, with CRLF line terminators
Hash c584b00e6415948c28ecdfa82440a299
e1f4e004392776a0e500b911d70ebb566e1a67a9
4a0d61f27ceeaa026b82c5a65b471577422bc57502f17b75f8aedc7e3ed9bdd8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/megamenu-additions.js HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-541"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 28
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.410309,VS0,VE354
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 538
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/require.js
151.101.130.159200 OK 7.0 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/require.js
IP 151.101.130.159:0
File type ASCII text, with very long lines (17192)
Hash e52a7787d2ae61e80529c1b2a66fa23c
42c7efd913d1b148ac9a5019548b1869eae7647c
4c3a3d7cb85769284a5e843ac6377589b69a97acb66f061ebd37eeef9af6e4da
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/require.js HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-440f"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 28
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.409976,VS0,VE355
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 6993
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/ge-login.js
151.101.130.159200 OK 2.8 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/ge-login.js
IP 151.101.130.159:0
File type ASCII text, with CRLF line terminators
Hash 57815362c216f8269c6a918f99af4e6b
a8ea9af6353c1c8a47f18f92848aab83a6b7ac85
9812bd05eb765e0155f2b24f4d23d82a41ce46512fe94e0a8c3767233b0b313a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/ge-login.js HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-245d"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 28
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.408330,VS0,VE359
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2808
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/footer-sb.css
151.101.130.159200 OK 991 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/footer-sb.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (3179), with CRLF line terminators
Hash de2cbf5b92b01576936940be7bb25771
6b8be7df55de944c4ff722d1cb5090fa4ef3facc
f7b562cfd0bb2c21ce028d3b9b00cb2c12fc9bbd49f8f4d4bb342eef586bd586
GET /wp-content/online/tracking-package/verification/files/footer-sb.css HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 04 Jan 2023 23:59:57 GMT
etag: W/"63b612fd-c6d"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 27
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.423210,VS0,VE355
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 991
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/main.css
151.101.130.159200 OK 16 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/main.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (49380), with CRLF line terminators
Hash 73f000a5ea830ec6f52571c7131cc106
0a94f3e7c3e2f2fb3d8fae4c63cf0c6aa771ae4f
dbad9cc586d222d3c5ad294974c2db53a58b0b57ea58639fbf91dc2f756b9e8e
GET /wp-content/online/tracking-package/verification/files/main.css HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-1370f"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 27
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.387874,VS0,VE356
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 15535
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/datepicker3.css
151.101.130.159200 OK 2.8 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/datepicker3.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (20872)
Hash 1b476b870779303de9f574c2d5088371
7600256407cbf9e25fc8f598db8576aae0851d89
43f96d265b84df608d738c03d0fe67714c0a10a0b12101581ab374afaa290a3f
GET /wp-content/online/tracking-package/verification/files/datepicker3.css HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 04 Jan 2023 23:59:57 GMT
etag: W/"63b612fd-527d"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 27
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.386202,VS0,VE479
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2795
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/calendar.css
151.101.130.159200 OK 2.9 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/calendar.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (14589), with no line terminators
Hash b3294a2113dd74c19c0ad47f704fae52
bba857e951c1668cd1a90ad00a1ca56cf714a8d3
3897395d502af76979054b47e5bb4bd2f89cab600e83bdcb6959f5c6e058841b
GET /wp-content/online/tracking-package/verification/files/calendar.css HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 04 Jan 2023 23:59:57 GMT
etag: W/"63b612fd-38fd"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 27
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.385831,VS0,VE480
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2949
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/metrics-all.js
151.101.130.159200 OK 3.5 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/metrics-all.js
IP 151.101.130.159:0
File type ASCII text, with CRLF line terminators
Hash b645193da54efdf41d48fd9a624e6ec1
748b3d8c5acf6909b24e53cf32d5bfddd88055a3
f5b048775c4a4ce47b06ec115fce2ca31faba80cc1873aad4538f6205cb344a8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/metrics-all.js HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-2bde"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 28
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.385680,VS0,VE481
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3512
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/resize-manager.js
151.101.130.159200 OK 471 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/resize-manager.js
IP 151.101.130.159:0
File type ASCII text, with very long lines (1040), with no line terminators
Hash 5135a795574834359cba9b286cf65884
f0a7d0038b95d22297eb2c5b461619824512ab55
e0b5f567d4b15ce05c83a66cfa602c110b60f8da8a9fdb225a9ad1ddd4e50c23
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/resize-manager.js HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-410"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 26
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.392855,VS0,VE476
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 471
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/footer.css
151.101.130.159200 OK 1.0 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/footer.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (2933), with no line terminators
Hash 4987ad6f029588dcd3dcdff11a2400e9
185814a57c6aaa7d5575da5762925916a0553e78
3265e024ba44460038aba46c4ce8210c667faff5430f333a4280d286dca06b55
GET /wp-content/online/tracking-package/verification/files/footer.css HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 04 Jan 2023 23:59:57 GMT
etag: W/"63b612fd-b75"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 27
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.385609,VS0,VE485
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1007
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/tracking-cross-sell.css
151.101.130.159200 OK 1.1 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/tracking-cross-sell.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (3075), with no line terminators
Hash b9d4932aafefaeebdca1e23c81475f04
b32de813a09aa176c4fd615763a1b631e42641d8
dbfea5fcfeecdb0f4e54cbdf5fdeb3980855bea2deb4a29b386bb0de0fb70a36
GET /wp-content/online/tracking-package/verification/files/tracking-cross-sell.css HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-c03"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 27
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.388419,VS0,VE483
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1089
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/require-jquery.js
151.101.130.159200 OK 92 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/require-jquery.js
IP 151.101.130.159:0
File type ASCII text, with no line terminators
Hash 6ce214c362fc1910a6ccda7dde4f1628
a3c400aa0daaa3a2f5b285feccb369e35b486a89
20c4e055502233d4088725a990c6d26894639753e810ae967bfa21915ea61be7
Analyzer Verdict Alert urlquery phishing Phishing - US Postal Service
fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/require-jquery.js HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-4a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 29
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.392979,VS0,VE479
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 92
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/jquery-ui.min.css
151.101.130.159200 OK 8.6 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/jquery-ui.min.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (29153), with CRLF line terminators
Hash b4cacb55fac322bca964575d5cf794be
6b2568b3efb062267ecd56dd3a3efb24122f7c35
faa5c70a441d711b1ba100a1395faedeeced99fcc70131fd4b2b1d096b12d221
GET /wp-content/online/tracking-package/verification/files/jquery-ui.min.css HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-7d19"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 27
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.389078,VS0,VE484
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 8625
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/qt.css
151.101.130.159200 OK 11 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/qt.css
IP 151.101.130.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1599), with CRLF, LF line terminators
Hash 9d8c8cde4563e01e6fd297e952d82f9a
c9c2bc81fa4df9b78c404483f8d3a9688c71c564
21986b22ee707546d8ee630cb540cd9ec975a62be05b9e8f5b14b8edb09d534c
GET /wp-content/online/tracking-package/verification/files/qt.css HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-c800"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 27
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.392894,VS0,VE482
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 11115
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/search.svg
151.101.130.159200 OK 809 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/search.svg
IP 151.101.130.159:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash c3e4ffec49b08e57a48333385016af37
535a910f9b8cbe3635233d7f5bb19c38fff3417f
25150b0ba6eafe9ff2e716e33940077d0ba3d321a5b946846dad35a296b2cb0f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/search.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-5b9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 20
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.397659,VS0,VE478
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 809
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/location.svg
151.101.130.159200 OK 1.3 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/location.svg
IP 151.101.130.159:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 0ec80424f37c51acf8d9bbb5987dd4a1
92c33995ca55ad11afa4291b5383e9de2f01f8b6
a84d692026263e53f72a55ca582628003e16038a5532816a6f203bc787131506
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/location.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-a1a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 24
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.397934,VS0,VE478
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 1253
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/holdmail.svg
151.101.130.159200 OK 787 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/holdmail.svg
IP 151.101.130.159:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash f1bffa1cb635bdd96f3eee6e14ed1c6f
220a6fee3456cfd3b0caa1138c377b34d33d4879
57950a28a1bafff85bc9ee52dc648206d88e7606150a166fcc5adc0042d58a13
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/holdmail.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-5a8"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 24
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.400185,VS0,VE477
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 787
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/stamps.svg
151.101.130.159200 OK 560 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/stamps.svg
IP 151.101.130.159:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash b96eb54c79bd99185d18061dfa748322
918422d9611e81b8d8ac855fa3a39641eb850c55
6e8ed1ee4d0577fda20d0d54a37f9c9cd64cd377807f898c605eaff8604de6be
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/stamps.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-44f"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 24
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.397905,VS0,VE480
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 560
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/schedule_pickup.svg
151.101.130.159200 OK 934 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/schedule_pickup.svg
IP 151.101.130.159:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 875cf7ee19b3731598eb27b0d608a7a8
dc4357191da9de30aa9e3938ff661473cbf07008
ad140393889d04df7e07bb180821ee8b90c8438e485e8ef59558898c779298c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/schedule_pickup.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-6ef"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 23
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.398427,VS0,VE480
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 934
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/mailman.svg
151.101.130.159200 OK 926 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/mailman.svg
IP 151.101.130.159:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 81d99dd9a4de476613f655e3bcf99316
b4a62298c50f7ff6f48fb9820d036180f5acff60
e2647c67544b6637773a309191a8eea79ff0ca3b82badaa3e2d65a0cb42ac698
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/mailman.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-723"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 24
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.397588,VS0,VE481
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 926
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/tracking.svg
151.101.130.159200 OK 859 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/tracking.svg
IP 151.101.130.159:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash f4ac34ae9f7fa493d36efa0b6d5ee729
37a9f8269d086df01282fdaeb5884e61fef97279
05c2263e42955b78d8e736a0f355e8b6176f56d6c8f78bc8052ed32ae33b5358
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/tracking.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-619"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 23
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.397641,VS0,VE481
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 859
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/hamburger.svg
151.101.130.159200 OK 298 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/hamburger.svg
IP 151.101.130.159:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Hash cdcb52abaab22d9d05449a4c9a0adfff
5a61b117b4c0060785605c8c69de9394a76b67cf
45d0cc440dd60032c151d3a761f5d27b661c120047c51bde72662e850c821629
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/hamburger.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-222"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 20
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.397708,VS0,VE483
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 298
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/logo-sb.svg
151.101.130.159200 OK 1.7 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/logo-sb.svg
IP 151.101.130.159:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 765455d0ddd5bca4bad1b296c05ef22a
dbead3a9359b98884fad427002c2dbf6e267f997
f405fa5e2e194d3ca3cbeee48fcce11fe03aae4bf266a49fd9763660fa41ff2d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/logo-sb.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-de5"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 25
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.397727,VS0,VE484
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 1652
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/find_zip.svg
151.101.130.159200 OK 812 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/find_zip.svg
IP 151.101.130.159:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash fa530b4e2bc6b2d6b2116106d1103e64
362f325fc413617401552c135c63804721653f16
f17034eaadd96d47f423eb3c8afc6302dc3a772c5e884ded9e247a4bbf3f430b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/find_zip.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 04 Jan 2023 23:59:57 GMT
etag: W/"63b612fd-5bf"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 24
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.399655,VS0,VE483
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 812
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/go-now(1).png
151.101.130.159200 OK 7.8 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/go-now(1).png
IP 151.101.130.159:0
File type PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash e9638402468401ad60c29dc075cff952
887d89cd38fe14aeff6c7499b93fa45623e604ca
dfa4fa4c08d741744dbcc35e691adc8aed7d5d07476e9a768516949e28bc0a02
GET /wp-content/online/tracking-package/verification/files/go-now(1).png HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-1f5a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 25
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.405618,VS0,VE477
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7764
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/OneLinkUsps.js
151.101.130.159200 OK 1.1 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/OneLinkUsps.js
IP 151.101.130.159:0
File type ASCII text, with CRLF line terminators
Hash 2706afb121f022d5b17d593214a3e325
0f7229f2b51333aee4c10a569440e20da8a8d528
a2b53b3026e007ca7e358c173c99613cdb8a31def199ce5c67bf81d6d32a33fb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/OneLinkUsps.js HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-e37"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 28
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.407871,VS0,VE476
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1115
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/header-init-search.js
151.101.130.159200 OK 345 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/header-init-search.js
IP 151.101.130.159:0
File type ASCII text, with CRLF line terminators
Hash 5621d5dcab27942cbfb32db3d64717f8
cb0ff9f063757f3021241460bc6b2d3d066a8612
73a5b4d2c55345519cbb3aae3dbb3747f868bfbbee7cb8fed518735c0cfe42a3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/header-init-search.js HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-388"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 28
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.410141,VS0,VE476
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 345
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/megamenu.js
151.101.130.159200 OK 3.3 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/megamenu.js
IP 151.101.130.159:0
File type ASCII text, with very long lines (3410), with CRLF line terminators
Hash 9240efbf6898bd2751f22a35e83a927e
82ecf4ee87e182dd6737159ed45d214859d53653
aaed0cff778ea8bd1f5bf0ca6c1b415a640c0a430c953a1ca2a9a7d035145f19
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/megamenu.js HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-3651"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 28
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.407508,VS0,VE482
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3322
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/modernizr.js
151.101.130.159200 OK 4.9 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/modernizr.js
IP 151.101.130.159:0
File type HTML document, ASCII text, with very long lines (11084)
Hash 012942e9934486ca49b5856ca9bf11ef
22341d5944ded51bc49d528f0b93c1be90b6ffe4
6077c76eab0ad353453478bd68745c70ef12de0fb08b76bc14fb2490c87a86cd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/modernizr.js HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-2bfd"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 28
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.406156,VS0,VE484
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4859
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/main-sb.css
151.101.130.159200 OK 2.9 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/main-sb.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (8795)
Hash af352ef7788be8a0dd3d986d24fa2403
eda237165255d42b209edb9206e7a6991d5ebbef
5a01198a06e18a468728066c5151b021acc97234d512400cca555ded21172fe2
GET /wp-content/online/tracking-package/verification/files/main-sb.css HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-225c"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 27
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.423120,VS0,VE482
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2924
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/bootstrap.min.css
151.101.130.159200 OK 23 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/bootstrap.min.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (65371)
Hash 8944fb4e1bef9e27df96f4cc2eeacd98
7a5281b89ea35d1c7fccffd41a57754a3400aef6
0efbc2ee84960212448b9738fa72f762ef76139d5df34b56645d5cf3109775a8
GET /wp-content/online/tracking-package/verification/files/bootstrap.min.css HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 04 Jan 2023 23:59:57 GMT
etag: W/"63b612fd-1d903"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 27
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.385599,VS0,VE479
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 23118
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/jquery.min.js
151.101.130.159200 OK 32 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/jquery.min.js
IP 151.101.130.159:0
File type ASCII text, with very long lines (65453)
Hash 6b0cec3cbbf5ff9e5f416fb35feae8cf
ab3d6fb24ad66541d3f9b9c4710f9a3ab903a81e
9b5317b3b529c4ed5daf39f028b8530bc83ba45eae51f5aa5d4fa7eb010e30ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/jquery.min.js HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-14b60"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 28
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.385680,VS0,VE480
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 32500
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/go-now(2).png
151.101.130.159200 OK 27 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/go-now(2).png
IP 151.101.130.159:0
File type PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash aee13c0ec56dbbbc684c4a02630fa500
53302b8768a6d545d3d93944459012f021a14a6b
51dd4722cd6d24c514334af6227425e1346d77e97402d2f00f6f20b36c35c87c
GET /wp-content/online/tracking-package/verification/files/go-now(2).png HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-695c"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 26
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.405599,VS0,VE476
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 26782
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3a0778c97e5f1308fab98419995b0006
a8cc91f7443d297155d25493d01521b83c684940
1aedb3068576508ecd7257bee2c654d48529c0b4c54cc3fb8411b761977495cd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2902
Cache-Control: max-age=156241
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 01:37:17 GMT
Etag: "63b5ddc8-118"
Expires: Fri, 06 Jan 2023 21:01:18 GMT
Last-Modified: Wed, 04 Jan 2023 20:12:56 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
roanoke.family/wp-content/online/tracking-package/verification/files/jquery-3.5.1.js
151.101.130.159200 OK 34 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/jquery-3.5.1.js
IP 151.101.130.159:0
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash edaafb301e8d3b898bb4d58b42dfd938
651c31c3d3389f01c16dd3d1eb3ce7314bfccd4f
5dddad7610299ebc0f3075d7a98305be985eed639a51df3502fafeb3c92e5c7d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/jquery-3.5.1.js HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-15d84"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 25
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.393177,VS0,VE484
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 34070
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/go-now(4).png
151.101.130.159200 OK 22 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/go-now(4).png
IP 151.101.130.159:0
File type PNG image data, 227 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 9957e90be645c88da1864081dad5d462
a9582a1cea08b522d3b5eb92fb5464eb4be50049
d162cbe14995c3f3053796ca6b8310e1195274ddd79c8e128c2161d5f22bbfbe
GET /wp-content/online/tracking-package/verification/files/go-now(4).png HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-5675"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 27
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.405565,VS0,VE481
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 21867
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/go-now(3).png
151.101.130.159200 OK 20 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/go-now(3).png
IP 151.101.130.159:0
File type PNG image data, 210 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash e4f4cd0724f3bfaaf3441b0f34e3ce3b
564845973f4daa5e64819975dbf1f79ba43921e0
603fe517865713df51bdcb990d9f0cab490ccf4b24208fe7232954652d20d9c7
GET /wp-content/online/tracking-package/verification/files/go-now(3).png HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-4e01"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 27
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.405588,VS0,VE483
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 19766
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/go-now.png
151.101.130.159200 OK 19 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/go-now.png
IP 151.101.130.159:0
File type PNG image data, 210 x 142, 8-bit/color RGBA, non-interlaced\012- data
Hash 4ef3dd24e7bcaba3997a69ae9e00acd7
f7c6e90f94df631ce125bdff6b46e72b7aea80b3
f8c2362e5cdad13cf67f2cb444d897625e91633c76384f4745074cf8f51619d9
GET /wp-content/online/tracking-package/verification/files/go-now.png HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-4f6e"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 26
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.405633,VS0,VE483
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 19389
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/jquery-3.2.1.js
151.101.130.159200 OK 33 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/jquery-3.2.1.js
IP 151.101.130.159:0
File type ASCII text, with very long lines (32058)
Hash 47605391d7c08c4d0c91adac4c092774
e457e8935d1f86e0fc1c9ea8421ed7d3eb07149b
94d27b9f3849a156b482312238a51d4aeb3fb9ac63717bc014c2def585328710
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/jquery-3.2.1.js HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-15283"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 28
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.405865,VS0,VE483
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 33107
X-Firefox-Spdy: h2
fast.fonts.net/t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0
104.17.224.78200 OK 0 B URL HTTP/2 fast.fonts.net/t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0
IP 104.17.224.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/1.css?apiType=css&projectid=ee38900c-6459-4e0c-95d6-896c0208d3d0 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 01:37:17 GMT
content-type: text/css; charset=utf-8
content-length: 0
x-amz-id-2: T0ZH1hXNoB6jtguc1LneBuShAW+pnL1xXkATYgstf9s/Ek+CPWrz2AkHZOlSFb4Uzx1M4Yl24Z8=
x-amz-request-id: PR33JFF0ZQ6CYPJT
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=0, s-maxage=604800
x-amz-meta-mtime: 1519217722
x-amz-version-id: null
cf-cache-status: HIT
age: 414071
accept-ranges: bytes
set-cookie: __cf_bm=GA_j.lXk3qDEOSDArd4LuN.o3t7ESDpBvXOxvqLTcuM-1672882637-0-AdW/AErU8jYvJdPLdqL8u4Qyg+AMODRycw5GsNiO+GRGvEDcEOlyHfz0Uj+bdl4lqDgBRp2hVvlAmwQmGEhhN14=; path=/; expires=Thu, 05-Jan-23 02:07:17 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 78487ce1b9f71bfa-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18150
Expires: Thu, 05 Jan 2023 06:39:47 GMT
Date: Thu, 05 Jan 2023 01:37:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18150
Expires: Thu, 05 Jan 2023 06:39:47 GMT
Date: Thu, 05 Jan 2023 01:37:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5a657be-81af-4d2c-9568-aee5876c48e0.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5a657be-81af-4d2c-9568-aee5876c48e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6b5700cf82b61ea38a5ad19aba19a8f9
0cf764c822da089fe5ca34108ab1411bf3ac959e
56fc14e57bc80952d476a542bd19fdc16f7773f33bb57fd225ab125587a2fc7c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5a657be-81af-4d2c-9568-aee5876c48e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6264
x-amzn-requestid: 080167f0-5818-48f1-9612-67862c64a3d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eGmY1GB_IAMFW6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b28438-44153184754f6afd2f512a8b;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 07:14:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -NiIptkIBRwNTsKYq9NXrXayzV4Kgq8wlAIFCIor4OBVWYySBS4eYg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 08:17:53 GMT
age: 62364
etag: "0cf764c822da089fe5ca34108ab1411bf3ac959e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3b4649b-af64-4a5a-a27f-7ce64e847119.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3b4649b-af64-4a5a-a27f-7ce64e847119.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fc016e8d2ccf978fbdda03d25aa5f38d
d1d9d3169fa06ab1f165a7727ceafd70f448bcb1
73ad3ca2406444b064977848842333a9de43499856e899b620dc19d4742c7b16
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3b4649b-af64-4a5a-a27f-7ce64e847119.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4915
x-amzn-requestid: ddf9b16e-ae8d-4772-9e0d-85bfbd3da78c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eGCNXHGUIAMFuiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b24a55-5a242201531033f1017e2813;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 03:07:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9ybWq4NupEPYUEyx6nUeCwG8mcZN89C-7tHtOVKOrwZHLZd6OWLu8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 07:40:24 GMT
age: 64613
etag: "d1d9d3169fa06ab1f165a7727ceafd70f448bcb1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a9375cec16bfe696766c8d373d9b54
2167c2f197dd44558ac2dea500d8b6b3cfa50e83
6f94fe0c817b031d913d53fee6b317148bdabea044102b8f0c9df8a3737d59f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10696
x-amzn-requestid: 2117681b-ee8b-4881-b860-087a8662a3c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7xM1FK7oAMFd4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae2f1e-5a3648ba2ac7ba01177f361d;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 00:21:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: p4EQ0DgVF1JVg9r4rzbQsRzgFgqX3Ke8tWzeUHAXGXrawUAhssi71A==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 07:38:33 GMT
age: 64724
etag: "2167c2f197dd44558ac2dea500d8b6b3cfa50e83"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64c5d475-3153-467d-adb9-7187fd47e2e2.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64c5d475-3153-467d-adb9-7187fd47e2e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 01344b4dc7ce7b28acfc81aa36c7e88a
8482062315fe3251d47722e1df723555bd18d262
68f5bc4ae2c0ffd384c61442515711a0d3ef300f2898cc610a9b70a1ba78e775
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64c5d475-3153-467d-adb9-7187fd47e2e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5443
x-amzn-requestid: 600f3682-bfaf-4e00-8636-a075d5bda623
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJVYAEYrIAMFl5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b39c33-792df8cc005d1ad5528a35d7;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 03:08:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UorP_k4N65hwuggLXIZ6qyX4cumhoL5_ahxQQF4bOyp7sKJwow11Uw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 03:36:23 GMT
age: 79254
etag: "8482062315fe3251d47722e1df723555bd18d262"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd16ad998-c9d7-497f-9177-8a288cbd319f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd16ad998-c9d7-497f-9177-8a288cbd319f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash caeb8110d6451a09f92d0603994d82d8
cca8920d92a37b0b1e4f019a10674052c1b8dcbe
622aeb4a54a3cb82191e8d1f238ad9f5a86262fdedbc3e4b03426e4fb86493a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd16ad998-c9d7-497f-9177-8a288cbd319f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11838
x-amzn-requestid: aabfce3c-15dc-4de0-910c-ca2d24d4fc81
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJVmBE8HIAMFa_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b39c8c-16a130601f6ccd3513485a7c;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 03:10:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rtL5oh76QUNUzUHwTW6FHkamUukqDkdsjmO10KCWGnijLxcc3oLnLg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 05:22:07 GMT
age: 72910
etag: "cca8920d92a37b0b1e4f019a10674052c1b8dcbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/
151.101.130.159200 OK 24 kB URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/
IP 151.101.130.159:0
Hash 0186d588020d405487ebb2aaec18ba0f
3ef2e5bbdaff71676eb790648553823cfd5f76b6
de5d9831842e0f4c929cbbc3a2ba86fbc01017ef11401456c7c4cd2e5765b6dd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/ HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: MISS, MISS
x-cache-hits: 0
x-timer: S1672882636.523722,VS0,VE764
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/d5af76d8-a90b-4527-b3a3-182207cc3250.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roanoke.family
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Thu, 05 Jan 2023 01:37:17 GMT
server: ECAcc (ska/F779)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roanoke.family
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Thu, 05 Jan 2023 01:37:17 GMT
server: ECAcc (ska/F7BB)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/5b4a262e-3342-44e2-8ad7-719998a68134.woff HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roanoke.family
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Thu, 05 Jan 2023 01:37:17 GMT
server: ECAcc (ska/F7B7)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/utility_languages.png
192.229.221.165200 OK 1.5 kB URL HTTP/2 www.usps.com/assets/images/home/utility_languages.png
IP 192.229.221.165:0
File type PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash 410956805d5701e87299cff412827e1a
5de9a390649dfc12e3d6df431140d499ad8abd67
6e727dbf5b0f4a3ec76762e445ad2c5cb750f7de41afb8b0342f903124d09826
GET /assets/images/home/utility_languages.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 1451
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "5b0-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dcb/7E8E)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1456
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/db5f9ba6-05a4-433a-9461-0a6f257a0c3a.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://roanoke.family
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Thu, 05 Jan 2023 01:37:17 GMT
server: ECAcc (ska/F6BE)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/calculate_price.svg
192.229.221.165200 OK 772 B URL HTTP/2 www.usps.com/assets/images/home/calculate_price.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 42af7d5484bf8f80ac930313caa5941f
c3dbaf338d7fa81845487333c0cba5b8341bd140
f8f9b52e8d7b815deba988cfcdc6596e9e7b6671075907290c8e96679b18fb2c
GET /assets/images/home/calculate_price.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 1646
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "8fe-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dcb/7304)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 772
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://roanoke.family
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Thu, 05 Jan 2023 01:37:17 GMT
server: ECAcc (ska/F7A8)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
192.229.221.165403 Forbidden 345 B URL HTTP/2 www.usps.com/assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf
IP 192.229.221.165:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a7b900bec0b7b386dfd18ad22c9ed411
72e09ec6e4d46f8d96907f6e55bc4f26975c4c4f
d9f7e0aa1bff501986995b7c69742a14f373819ab6ecd599af29d67f9d8b4794
GET /assets/fonts/4a3ef5d8-cfd9-4b96-bd67-90215512f1e5.ttf HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://roanoke.family
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html
date: Thu, 05 Jan 2023 01:37:17 GMT
server: ECAcc (ska/F6EC)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-ec-custom-error: 1
x-ruleset-version: 3.1
content-length: 345
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/holdmail.svg
192.229.221.165200 OK 768 B URL HTTP/2 www.usps.com/assets/images/home/holdmail.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 2f40bbb9da0d97f2ba3f3efcfd7533af
34c76f88cdda4be234b58a76e466bc7a972f14ea
f1d176e77951f74582e7e311d99f98f7ce582bdb30051987f257eb3393ee2069
GET /assets/images/home/holdmail.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 1678
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "5a8-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dcb/7EFC)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 768
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/schedule_pickup.svg
192.229.221.165200 OK 923 B URL HTTP/2 www.usps.com/assets/images/home/schedule_pickup.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9f9e044f92360c82183e3a31b774e7b2
273798ee8d4dead89367b835cdb7f65f51e81b47
e4b7ae480aae11558a890826cde2cc6fa10039a787052dfc72cdad3e7a772373
GET /assets/images/home/schedule_pickup.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 1581
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "6ef-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/732F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 923
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/change_address.svg
192.229.221.165200 OK 935 B URL HTTP/2 www.usps.com/assets/images/home/change_address.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6c6d11d6d4ad880538ac8b3c9b244e35
d2f5a684574f89a8bdac4ac35508dc29c61e9771
7d2bde4b550c48e86e4d1c6a106d195b5a259f74e2ceeab0772712d356ae7eb9
GET /assets/images/home/change_address.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 1676
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "74d-5494e7eca09c0+gzip"
last-modified: Fri, 24 Feb 2017 22:46:07 GMT
server: ECAcc (dcb/733A)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 935
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/shipping-supplies.svg
192.229.221.165200 OK 1.3 kB URL HTTP/2 www.usps.com/test/nav/images/shipping-supplies.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7a8b39b328ba3e776e643f66844896e8
7a400d0f33c592651da919c728a30e46207a9449
05140d52bba76b4464360b852c3b78227cc2865c4512bf0010ee666f0c985f99
GET /test/nav/images/shipping-supplies.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 1208
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "9f8-560f10eaa9b40+gzip"
last-modified: Fri, 22 Dec 2017 17:22:13 GMT
server: ECAcc (dcb/731F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1282
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/po_box.svg
192.229.221.165200 OK 848 B URL HTTP/2 www.usps.com/assets/images/home/po_box.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash a1feed192f3aca7fd02c00b6ee45bb07
fce52b953f90a873186cd2c3ddb26dcca41884be
88dcd2a8a6b055bf63763c0a86338f33b09a257c89e26a5ae6a364becf1ac122
GET /assets/images/home/po_box.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 1625
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "667-5494e7f259740+gzip"
last-modified: Fri, 24 Feb 2017 22:46:13 GMT
server: ECAcc (dcb/7FD5)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 848
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/search.svg
192.229.221.165200 OK 795 B URL HTTP/2 www.usps.com/assets/images/home/search.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ccfe748c6040d78e356b03d1a731585e
3e15bb471b3c3d0a5cebc3ccd137b5daf9273b7e
9a1b75fecaa2e0de127c36ddbb63c1bc2c44b3f81eed395734dee1ce837162fe
GET /assets/images/home/search.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 1017
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "5b9-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/7F4B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 795
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/find_zip.svg
192.229.221.165200 OK 793 B URL HTTP/2 www.usps.com/assets/images/home/find_zip.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4b74917936300819402d564909e39a34
82c09f9b1fa78724d4843b28f12c52e8bb218f2a
d7178ea719cbe6f11c5da374dc26908b1ad0d05d34a33cd6e6d701f5e05c209b
GET /assets/images/home/find_zip.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 1016
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "5bf-5494e7ed94c00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:08 GMT
server: ECAcc (dcb/7ECC)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 793
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/gifts.svg
192.229.221.165200 OK 590 B URL HTTP/2 www.usps.com/test/nav/images/gifts.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e97f9908f9eef2a76ea4f48e00196980
f32d5a4b791567c690ea7095d93bec78e422db40
ad60c73a39b0fcd4b311654aab6f3954edb03f37034ad5567cf9f69d63d905f4
GET /test/nav/images/gifts.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 1285
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "3ee-560f10e9b5900+gzip"
last-modified: Fri, 22 Dec 2017 17:22:12 GMT
server: ECAcc (dcb/7378)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 590
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/tracking.svg
192.229.221.165200 OK 844 B URL HTTP/2 www.usps.com/assets/images/home/tracking.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 04034bbe69ef912819cee070ff866703
2c96d71004568c2b460a7f8b796ae45ad89999ec
959755a6f38fb278acd6abb223db552ecf757c291f437149663009aafb83a181
GET /assets/images/home/tracking.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 17893
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "619-5494e7f71e280+gzip"
last-modified: Fri, 24 Feb 2017 22:46:18 GMT
server: ECAcc (dcb/7E95)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 844
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/business.svg
192.229.221.165200 OK 689 B URL HTTP/2 www.usps.com/test/nav/images/business.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 3b81ef43fc5b08bab4155c5fed116dc9
a5a804fb2f8f51b3e588d4edb01752eba0380f8d
a513b0f2fb200e9cf7b30ccfbde98f79e87a027c256d99f3159ad22dcb5cc4cb
GET /test/nav/images/business.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 1622
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "4d2-560f10e7cd480+gzip"
last-modified: Fri, 22 Dec 2017 17:22:10 GMT
server: ECAcc (dcb/7FBE)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 689
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/cards-and-envelopes.svg
192.229.221.165200 OK 1.1 kB URL HTTP/2 www.usps.com/test/nav/images/cards-and-envelopes.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5d63c3636efb2bbcb327ed13b714367b
c7e326811c101213173c2a585d1e9700731816ed
c63dd4b3239df8b0709202228ad62b9e06ec96c346d8f86f9e33a554973b795f
GET /test/nav/images/cards-and-envelopes.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 49888
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "8a9-560f10e8c16c0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:11 GMT
server: ECAcc (dcb/7F6F)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1056
X-Firefox-Spdy: h2
www.usps.com/global-elements/header/images/utility-header/search.svg
192.229.221.165200 OK 795 B URL HTTP/2 www.usps.com/global-elements/header/images/utility-header/search.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 78562ea313af96eca6581054fdbbc76c
b0f3fd320af131b3787b39c864ecac52de12a75e
7932a41ccc861366f60896fe808612a1361c85d654aef21c5d54f7673141c0a9
GET /global-elements/header/images/utility-header/search.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 1005
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "5b9-549b126599f40+gzip"
last-modified: Wed, 01 Mar 2017 20:28:05 GMT
server: ECAcc (dcb/7ECE)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 795
X-Firefox-Spdy: h2
www.usps.com/test/nav/images/collectors.svg
192.229.221.165200 OK 561 B URL HTTP/2 www.usps.com/test/nav/images/collectors.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8439e88bd2e43656b157f9c184635032
ddcb40776177a5eac36973e53f2f8bab73e65ea3
5ea3f924c3453a9b8a3f79251377f385f83c8cf9618129427795adf186b9338e
GET /test/nav/images/collectors.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 1595
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "461-560f10f803ac0+gzip"
last-modified: Fri, 22 Dec 2017 17:22:27 GMT
server: ECAcc (dcb/7FEB)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 561
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/utility_customer_service.png
192.229.221.165200 OK 1.3 kB URL HTTP/2 www.usps.com/assets/images/home/utility_customer_service.png
IP 192.229.221.165:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 3500d365cd94527c71fe9c70d5cda435
0c7bede628d74cefaf5fce1b675c0ce3c72c78c9
34b28a24c5414dab68a15be6613536d905faf33fbf1aed8ee4702caa60be9bca
GET /assets/images/home/utility_customer_service.png HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 1119
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/png
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "51b-547dde9f44e80"
last-modified: Mon, 06 Feb 2017 15:02:02 GMT
server: ECAcc (dcb/7EB6)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1307
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/featured_clicknship.svg
192.229.221.165200 OK 493 B URL HTTP/2 www.usps.com/assets/images/home/featured_clicknship.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1078), with no line terminators
Hash efb53558ef3932a80523af92bdda2085
1a97f57d64bc76f296423e1ddbdba9bc71b6d754
f0a25ce9d4e04e6b12bfc528584d599d5e472238849b0e1c66ff5357058d38fe
GET /assets/images/home/featured_clicknship.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 1728
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "436-5494e7bfce000+gzip"
last-modified: Fri, 24 Feb 2017 22:45:20 GMT
server: ECAcc (dcb/7F6B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 493
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/location.svg
192.229.221.165200 OK 1.2 kB URL HTTP/2 www.usps.com/assets/images/home/location.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9d8433f178d5a7b839a8bf25552c62b0
c21cec68e524862992f4aa51bf6955b953a65112
d01cb5a23f9b7f4a0a3db27cfd3d90e3813e75ed498fdbabe4df3a859390bd4f
GET /assets/images/home/location.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 1204
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "a1a-5494e7ee88e40+gzip"
last-modified: Fri, 24 Feb 2017 22:46:09 GMT
server: ECAcc (dcb/7F25)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 1209
X-Firefox-Spdy: h2
tools.usps.com/global-elements/header/images/utility-header/mailman.svg
192.229.221.165200 OK 904 B URL HTTP/2 tools.usps.com/global-elements/header/images/utility-header/mailman.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e4bb1afb6143cb1307585f007399e0e4
7d28cd35cbdb8427d4a12274c3f455e57f4742e0
06410c31087cff92e7842a2e6aaef3b5b114192f77e2b652283250fdca6d5e30
GET /global-elements/header/images/utility-header/mailman.svg HTTP/1.1
Host: tools.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
age: 4369
content-type: image/svg+xml
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "723-55885af730a40+gzip"
last-modified: Wed, 06 Sep 2017 13:54:41 GMT
server: ECAcc (dcb/7311)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-frame-options: SAMEORIGIN
x-ruleset-version: 5.1
content-length: 904
X-Firefox-Spdy: h2
www.usps.com/assets/images/home/stamps.svg
192.229.221.165200 OK 551 B URL HTTP/2 www.usps.com/assets/images/home/stamps.svg
IP 192.229.221.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 780aa534eb1541ac0834489beafdeea2
2593cddb6c1b7505016d3c1138e16ff556e42166
c2a1858fe0517c4c928dad150f22710f1771c1b43b92b79ceb0b20e44db61ee8
GET /assets/images/home/stamps.svg HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 61809
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: image/svg+xml
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "44f-5494e7f535e00+gzip"
last-modified: Fri, 24 Feb 2017 22:46:16 GMT
server: ECAcc (dcb/7EC4)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 551
X-Firefox-Spdy: h2
www.usps.com/global-elements/lib/script/require-jquery.js
192.229.221.165200 OK 74 B URL HTTP/2 www.usps.com/global-elements/lib/script/require-jquery.js
IP 192.229.221.165:0
File type ASCII text, with no line terminators
Hash ea38e8196b75d9720bc3902d6d735130
165284464c58d7f213c1211f2c433873299e4527
cdbf334e8e860aaf1665d2ac56113f51f1ff304b63cff897beb969c8dd5597d9
GET /global-elements/lib/script/require-jquery.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://www.usps.com
age: 73824
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "4a-5057c23aa4c00"
last-modified: Wed, 15 Oct 2014 20:40:16 GMT
nncoection: close
server: ECAcc (dcb/7F20)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 74
X-Firefox-Spdy: h2
www.usps.com/global-elements/lib/script/helpers.js
192.229.221.165200 OK 358 B URL HTTP/2 www.usps.com/global-elements/lib/script/helpers.js
IP 192.229.221.165:0
File type ASCII text, with very long lines (695), with no line terminators
Hash a94bd840611f82766bdd01435e0325d4
195b9eccc89fd504aaa416ecfc05b277e3b1862b
c9df217c213bc4a79f26f7996533f4e02e031f82d7f1b88ccdc0f39504573d46
GET /global-elements/lib/script/helpers.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 48021
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "2b7-505dad4fe5380+gzip"
last-modified: Mon, 20 Oct 2014 13:38:38 GMT
server: ECAcc (dcb/7338)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 358
X-Firefox-Spdy: h2
www.usps.com/global-elements/header/script/search-fe.js
192.229.221.165200 OK 930 B URL HTTP/2 www.usps.com/global-elements/header/script/search-fe.js
IP 192.229.221.165:0
File type ASCII text, with very long lines (2264), with no line terminators
Hash 044ed97a28abfb41b4962d4be4f1a9a2
376bd4af5ff97565cf9565904b615bffbea08690
19c16113aa7d624c43ffefd992d78b420fc3a195d99578684d0abf52fbabce71
GET /global-elements/header/script/search-fe.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 28774
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Thu, 05 Jan 2023 01:37:17 GMT
etag: "8d8-5d77081c47c40+gzip"
last-modified: Mon, 07 Feb 2022 16:58:17 GMT
server: ECAcc (dcb/7FD8)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 930
X-Firefox-Spdy: h2
www.usps.com/global-elements/footer/script/jquery-3.5.1.js
192.229.221.165200 OK 31 kB URL HTTP/2 www.usps.com/global-elements/footer/script/jquery-3.5.1.js
IP 192.229.221.165:0
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash 2a0ef702291c837a85b6c7c2275fdac6
7937023d7bc07c2a6d1e29f316836995fbdbf997
921bf2826576dbc494161d3021ee21b0b844ed89f0b2b630e7d579b69ab1a9ba
GET /global-elements/footer/script/jquery-3.5.1.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 76018
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Thu, 05 Jan 2023 01:37:18 GMT
etag: "15d84-5affcd6633ac0+gzip"
last-modified: Wed, 23 Sep 2020 15:35:47 GMT
server: ECAcc (dcb/7F9B)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 30950
X-Firefox-Spdy: h2
www.usps.com/global-elements/lib/script/resize-manager.js
192.229.221.165200 OK 468 B URL HTTP/2 www.usps.com/global-elements/lib/script/resize-manager.js
IP 192.229.221.165:0
File type ASCII text, with very long lines (1040), with no line terminators
Hash 7dfda1d5c69fea0090eb0e1dd8f9cc69
731696ce554e4a61def2c1b2c42f593b2d663ec2
f59a56b127f6d56e1af875fde9db49dcd3fc70cd952445b3f0d259f4acc52a5e
GET /global-elements/lib/script/resize-manager.js HTTP/1.1
Host: www.usps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roanoke.family/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: https://www.usps.com
age: 15223
cneonction: close
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:;
content-type: application/javascript
date: Thu, 05 Jan 2023 01:37:18 GMT
etag: "410-5057c23b98e40+gzip"
last-modified: Wed, 15 Oct 2014 20:40:17 GMT
server: ECAcc (dcb/7F54)
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-ec-custom-error: 1
x-frame-options: SAMEORIGIN
x-ruleset-version: 3.1
content-length: 468
X-Firefox-Spdy: h2
roanoke.family/favicon.ico
151.101.130.159404 Not Found 169 B URL HTTP/2 roanoke.family/favicon.ico
IP 151.101.130.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash a2627fabb2bb291287be6de953d0bf26
75a6f79a8411e81e8aca77801a1c01640f1c0c31
2847e4d77d263bb8ae947c7af6af836cd6114c20e89087c7ad3135f9f22eb705
GET /favicon.ico HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-hits: 2
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Thu, 05 Jan 2023 01:37:19 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882640.835293,VS0,VE123
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 169
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/jquery.min.js(1).download
151.101.130.159404 Not Found 0 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/jquery.min.js(1).download
IP 151.101.130.159:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/jquery.min.js(1).download HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
pragma: no-cache
cache-control: no-cache, must-revalidate, max-age=0
link: <https://roanoke.family/wp-json/>; rel="https://api.w.org/"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: NO:Not Cacheable
fastly-restarts: 1
accept-ranges: bytes
date: Thu, 05 Jan 2023 01:37:19 GMT
x-served-by: cache-bma1675-BMA
x-cache: MISS, MISS
x-cache-hits: 0
x-timer: S1672882636.392869,VS0,VE3596
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/files/optimize.js
151.101.130.159200 OK 0 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/files/optimize.js
IP 151.101.130.159:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/files/optimize.js HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 23:59:58 GMT
etag: W/"63b612fe-16b8d"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ug6mlb3sfo
cache-control: public, max-age=31536000
content-encoding: gzip
x-hits: 28
accept-ranges: bytes
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
date: Thu, 05 Jan 2023 01:37:16 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 0
x-timer: S1672882636.385646,VS0,VE485
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 37881
X-Firefox-Spdy: h2
roanoke.family/global-elements/header/images/schedule-redelivery.svg
151.101.130.159404 Not Found 0 B URL HTTP/2 roanoke.family/global-elements/header/images/schedule-redelivery.svg
IP 151.101.130.159:0
Analyzer Verdict Alert fortinet Phishing
GET /global-elements/header/images/schedule-redelivery.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/files/megamenu-v2.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://roanoke.family/wp-json/>; rel="https://api.w.org/"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: NO:Not Cacheable
fastly-restarts: 1
accept-ranges: bytes
date: Thu, 05 Jan 2023 01:37:19 GMT
x-served-by: cache-bma1675-BMA
x-cache: MISS, MISS
x-cache-hits: 0
x-timer: S1672882637.212157,VS0,VE2781
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
X-Firefox-Spdy: h2
roanoke.family/global-elements/header/images/utility-header/mailman.svg
151.101.130.159404 Not Found 0 B URL HTTP/2 roanoke.family/global-elements/header/images/utility-header/mailman.svg
IP 151.101.130.159:0
Analyzer Verdict Alert fortinet Phishing
GET /global-elements/header/images/utility-header/mailman.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/files/megamenu-v2.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://roanoke.family/wp-json/>; rel="https://api.w.org/"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: NO:Not Cacheable
fastly-restarts: 1
accept-ranges: bytes
date: Thu, 05 Jan 2023 01:37:19 GMT
x-served-by: cache-bma1675-BMA
x-cache: MISS, MISS
x-cache-hits: 0
x-timer: S1672882637.210880,VS0,VE2783
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
X-Firefox-Spdy: h2
roanoke.family/wp-content/online/tracking-package/verification/images/nav-red-chevron.svg
151.101.130.159404 Not Found 0 B URL HTTP/2 roanoke.family/wp-content/online/tracking-package/verification/images/nav-red-chevron.svg
IP 151.101.130.159:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/online/tracking-package/verification/images/nav-red-chevron.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/files/main.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://roanoke.family/wp-json/>; rel="https://api.w.org/"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: NO:Not Cacheable
fastly-restarts: 1
accept-ranges: bytes
date: Thu, 05 Jan 2023 01:37:22 GMT
x-served-by: cache-bma1675-BMA
x-cache: MISS, MISS
x-cache-hits: 0
x-timer: S1672882637.304972,VS0,VE5094
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
X-Firefox-Spdy: h2
roanoke.family/global-elements/header/images/icon-personalize-stamped-envelopes.svg
151.101.130.159404 Not Found 0 B URL HTTP/2 roanoke.family/global-elements/header/images/icon-personalize-stamped-envelopes.svg
IP 151.101.130.159:0
Analyzer Verdict Alert fortinet Phishing
GET /global-elements/header/images/icon-personalize-stamped-envelopes.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/files/megamenu-v2.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://roanoke.family/wp-json/>; rel="https://api.w.org/"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: NO:Not Cacheable
fastly-restarts: 1
accept-ranges: bytes
date: Thu, 05 Jan 2023 01:37:22 GMT
x-served-by: cache-bma1675-BMA
x-cache: MISS, MISS
x-cache-hits: 0
x-timer: S1672882637.216912,VS0,VE5280
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
X-Firefox-Spdy: h2
roanoke.family/global-elements/header/images/package-intercept.svg
151.101.130.159404 Not Found 0 B URL HTTP/2 roanoke.family/global-elements/header/images/package-intercept.svg
IP 151.101.130.159:0
Analyzer Verdict Alert fortinet Phishing
GET /global-elements/header/images/package-intercept.svg HTTP/1.1
Host: roanoke.family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roanoke.family/wp-content/online/tracking-package/verification/files/megamenu-v2.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://roanoke.family/wp-json/>; rel="https://api.w.org/"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: ug6mlb3sfo
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: NO:Not Cacheable
fastly-restarts: 1
accept-ranges: bytes
date: Thu, 05 Jan 2023 01:37:22 GMT
x-served-by: cache-bma1675-BMA
x-cache: MISS, MISS
x-cache-hits: 0
x-timer: S1672882637.211423,VS0,VE5290
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
X-Firefox-Spdy: h2