r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2433
Expires: Mon, 30 Jan 2023 08:29:32 GMT
Date: Mon, 30 Jan 2023 07:48:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15485
Expires: Mon, 30 Jan 2023 12:07:04 GMT
Date: Mon, 30 Jan 2023 07:48:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 07:35:42 GMT
content-type: application/json
age: 797
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10479
Expires: Mon, 30 Jan 2023 10:43:38 GMT
Date: Mon, 30 Jan 2023 07:48:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: T8pB/gqX8YaWv440GhfL9vmmblJRfd+AZNhOkIIfecU5TdosZpJ4I9EasvAVCRgL2Sg6MeUtO0E=
x-amz-request-id: CNHQ7PZAVSSMTS98
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 07:21:42 GMT
age: 1637
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
vystarcu.mobile.laser-harp-controller.com/
136.243.82.137301 Moved Permanently 239 B URL HTTP/1.1 vystarcu.mobile.laser-harp-controller.com/
IP 136.243.82.137:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0db683ed8321fd261541d0879306b803
c940552a17568444515ca9691d33e958a6165da3
89258a0b3aa10e6d7c0ea8fe597db53ba20e976c208c2d340eb690bbb197e6fc
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: vystarcu.mobile.laser-harp-controller.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 30 Jan 2023 07:48:59 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 239
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Location: https://agesports.net/redir.php
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 07:48:59 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 06:49:04 GMT
age: 3596
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12716
Expires: Mon, 30 Jan 2023 11:20:56 GMT
Date: Mon, 30 Jan 2023 07:49:00 GMT
Connection: keep-alive
agesports.net/redir.php
184.154.167.34200 OK 150 B IP 184.154.167.34:0
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a18f486a7f09f3645530bd54c24afecb
51a06c275c0323adc797110849c9783c12dfd96f
6b0dcee449bd4bf64483e0d2ada1290ff626b9aae73ac6ffd2aa4708f720c4b0
GET /redir.php HTTP/1.1
Host: agesports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:00 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
52.12.67.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.12.67.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I/SE2ZbNURH49vkndMPtpw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TAlsU1tqw/NIbOjcL1l3KwULiGU=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2226
Expires: Mon, 30 Jan 2023 08:26:07 GMT
Date: Mon, 30 Jan 2023 07:49:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2226
Expires: Mon, 30 Jan 2023 08:26:07 GMT
Date: Mon, 30 Jan 2023 07:49:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2226
Expires: Mon, 30 Jan 2023 08:26:07 GMT
Date: Mon, 30 Jan 2023 07:49:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2226
Expires: Mon, 30 Jan 2023 08:26:07 GMT
Date: Mon, 30 Jan 2023 07:49:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 17:35:56 GMT
age: 51185
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 546f1cb9f94ea553ae884a6f50c6bd3d
fd08d9841bcd8864aaf2e5d93ca61b31246b6db5
5aba48ac6c65e371c6c1aeee43f97670f196d3a3933b9f5812a67be90b7dbdfa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5764
x-amzn-requestid: 33ebf979-ba40-451e-bbdb-3ee4a9dc07ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhksyGRVoAMF5UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7eb-55fcbb4d6d88dbf758409801;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X3lzViVGoynSgoeenp6EIU2E3FMSRlKNGOy73pIOAASV11hOk2B4UA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:11:45 GMT
age: 34636
etag: "fd08d9841bcd8864aaf2e5d93ca61b31246b6db5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aae2b2c-8949-4749-8a9b-24d6a82a5b50.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aae2b2c-8949-4749-8a9b-24d6a82a5b50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 435598df0723ba8070784ee6a8d6de8b
0dab67801b42d738a5074ec3f0489f04c5e6552c
05339073fff5fe4213a38505242c577f579aba68d5c249e8bac10b03d379a2dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aae2b2c-8949-4749-8a9b-24d6a82a5b50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10616
x-amzn-requestid: 809aadb4-f948-41a5-82bc-84a520a5689a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEZIIAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-2c659eae4d513b433aa749e3;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4v4fldiJ0EsLGeNNodBg_GPY8hiq1Yyr5kzBIYyZXuf8bcTZ4CmsHQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 35859
etag: "0dab67801b42d738a5074ec3f0489f04c5e6552c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3EXFa0gb46AbdZ9ZznGiPTemGZ7zWh9WLs5Yr1zmfyh_jyKA6o7xoA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:19:57 GMT
age: 34144
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83495dde-218f-4893-8556-3013e3f83f78.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83495dde-218f-4893-8556-3013e3f83f78.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8901f99d8e3001e442c887f89e2e650
a61875fcee6c09087462f0443286482d903725bc
d3a69a5bce1852c464755452d7f5a88f0d20fbed14b9f16ac6f539d4d1bfdb21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83495dde-218f-4893-8556-3013e3f83f78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5960
x-amzn-requestid: 313f5526-984b-4224-b321-732fe5ae5a7d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkl0HimoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-430032d00080eff464e4d574;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TiZDGG_JsgbKWvLfQn_uioEKmxzYKKV8cT9wJ2PntoNPb4r1a2YKtg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:04:24 GMT
age: 35077
etag: "a61875fcee6c09087462f0443286482d903725bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 35859
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
160.153.245.133404 Not Found 5.9 kB URL HTTP/1.1 devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14339)
Hash 3075d8f85ba466aa0df8f7077b23e54a
01a945263efc696fe3ebd71a38c98a4dee145e39
c8b250869a2702763f8d4e30368301c8cc1c1d1c59c4bed976bb2a80bc155078
Analyzer Verdict Alert urlquery suspicious Suspicious - Suspicious JS code
fortinet Malware
GET /wp-wp/VystarCU/vystarcu.org_/index.php HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Date: Mon, 30 Jan 2023 07:49:02 GMT
Server: Apache
Cache-Control: no-cache, private
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9; path=/; HttpOnly
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
devtest.durhamworks.info/themes/durham-works-v1/assets/css/jquery.smartmenus.bootstrap.css
160.153.245.133200 OK 3.6 kB URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/css/jquery.smartmenus.bootstrap.css
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
Hash 14acd1ee372ca745b0b5d051447c5627
15f0c13469b3b6b173145cef1d04a145b9bdbc81
6d22af88c0f4aeddf80077218bd5926db794237cd5cae221a1f72810be08db45
GET /themes/durham-works-v1/assets/css/jquery.smartmenus.bootstrap.css HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Wed, 11 Jul 2018 12:24:44 GMT
Accept-Ranges: bytes
Content-Length: 3632
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cdnjs.cloudflare.com/ajax/libs/Chart.js/2.4.0/Chart.bundle.min.js
104.17.24.14200 OK 49 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/Chart.js/2.4.0/Chart.bundle.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32891)
Hash ee2fe1a3e651ecfc4c5d9f12984f01c5
95baa5761734bc497dbd6ba95aa479901f8f500a
4b25a3e208070354982b223a6597b7f36e33d9256954b0cff1a060bd4a8eb64b
GET /ajax/libs/Chart.js/2.4.0/Chart.bundle.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 07:49:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 49170
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cee-3042e"
last-modified: Mon, 04 May 2020 16:03:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 986023
expires: Sat, 20 Jan 2024 07:49:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44Se6tB6pKXg3ex9MlRh%2Fq24LK7%2FwJT4YKvPz22CiUtX1vsedowo%2BzL0HKpprNSSenQQTEgujhthbp8T%2BRB0DyfD%2BzqE7hCLPZoBAL2mcNpP9Z7VDhRYYx2j8B1T1pmKWnBWc6WO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79189bd76e50b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
devtest.durhamworks.info/themes/durham-works-v1/assets/css/ie10-viewport-bug-workaround.css
160.153.245.133200 OK 433 B URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/css/ie10-viewport-bug-workaround.css
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
Hash 631c61015480c581479c23afa0ab82da
f260ff7ed7ed317fce3878dbaaf4adf80b255529
17ec74c69eb8c08a5c82d7126fa307525806b2b9f06cda918c5f750428c40d40
GET /themes/durham-works-v1/assets/css/ie10-viewport-bug-workaround.css HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 433
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116423 bytes)
Hash d5b9b7a3accd3b7b7de639c072ae3ee2
9583b5c046d78af5c6379d844219f828aa2222d0
648dad6716bb917c7d981e7772fca499d9583717fd83ffef47b0534cb9132b60
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116423
date: Mon, 30 Jan 2023 07:49:03 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
devtest.durhamworks.info/themes/durham-works-v1/assets/js/jquery.jcarousel.min.js
160.153.245.133200 OK 18 kB URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/js/jquery.jcarousel.min.js
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type ASCII text, with very long lines (17998)
Hash b4ac2604e0d5fe907e205904c651f1b7
93a963b4005e428071c737446873ec52db2c496a
776dc9a6d5c04c30d8bd66a5233d9b5fa9f1ad0cc83e9909dc53ec4a57a27171
Analyzer Verdict Alert fortinet Malware
GET /themes/durham-works-v1/assets/js/jquery.jcarousel.min.js HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 18123
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
devtest.durhamworks.info/themes/durham-works-v1/assets/css/jquery.cookiebar.css
160.153.245.133200 OK 740 B URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/css/jquery.cookiebar.css
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash 53600ff331bd666c39f8ae290e0f810a
087693d2e7391bbbcd6c8aa6ec68840f15c3ed16
ffc6c19b3e65d46fa1e9f3ce7816c38a2f0dfda1dd426fa041629b9867008439
GET /themes/durham-works-v1/assets/css/jquery.cookiebar.css HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 740
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
devtest.durhamworks.info/themes/durham-works-v1/assets/css/lity.css
160.153.245.133200 OK 4.2 kB URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/css/lity.css
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
Hash 0386f6de1eed9387bf0be815ec134b29
b54979478e7962355e287d6967b9b7a17151d87f
d06a24f18d72032d46e5e87e41ac536e67f40175117fcd5ca5f9ae444870f8d8
GET /themes/durham-works-v1/assets/css/lity.css HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 4210
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
devtest.durhamworks.info/themes/durham-works-v1/assets/js/app.js
160.153.245.133200 OK 815 B URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/js/app.js
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash 9b8a69c8c29168808fd058ad19972fe3
521c2f02b5e6f785a66df8acb5686c2a3883f415
b6c50a20734d3eb7352537aa41c86333a827f37557993cd0d17542c8b84fffc0
Analyzer Verdict Alert fortinet Malware
GET /themes/durham-works-v1/assets/js/app.js HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 815
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
devtest.durhamworks.info/themes/durham-works-v1/assets/js/jcarousel.responsive.js
160.153.245.133200 OK 1.4 kB URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/js/jcarousel.responsive.js
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type HTML document, ASCII text
Hash b603ba3b582bc6b0de621fa78fcc1092
6b9a81fc39288cee266e62591e4d4364e3afc702
ac09eeb8ea1d6dde86d859fae0a8425f4caed7b83a355a4a933c0c9e941e1360
Analyzer Verdict Alert fortinet Malware
GET /themes/durham-works-v1/assets/js/jcarousel.responsive.js HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 1437
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
devtest.durhamworks.info/themes/durham-works-v1/assets/js/ie10-viewport-bug-workaround.js
160.153.245.133200 OK 641 B URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/js/ie10-viewport-bug-workaround.js
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
Hash 90e29070de7dcd28a451465ec74047be
af717e217e39503f4dcaae216218d34540aabf9a
f663fd5d5698e04a8e56de60c13c54abcb6943adcb21c3d5e80866d0eda0604d
Analyzer Verdict Alert fortinet Malware
GET /themes/durham-works-v1/assets/js/ie10-viewport-bug-workaround.js HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 641
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2648db12984a09f2dec69b7d2047f187
b52d9496452542d8f1127d4b77c27e22107c34a1
1439e26d15f854c1f1ddd1b37e37846107a83eafd38945da4d48709052f638b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6257
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 07:49:03 GMT
Last-Modified: Mon, 30 Jan 2023 06:04:46 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280
devtest.durhamworks.info/themes/durham-works-v1/assets/js/bootstrap.min.js
160.153.245.133200 OK 37 kB URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/js/bootstrap.min.js
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type ASCII text, with very long lines (32033)
Hash 5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Analyzer Verdict Alert fortinet Malware
GET /themes/durham-works-v1/assets/js/bootstrap.min.js HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 37045
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
devtest.durhamworks.info/themes/durham-works-v1/assets/js/jquery.cookiebar.js
160.153.245.133200 OK 8.3 kB URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/js/jquery.cookiebar.js
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash f1a1b7b7f4871aad6c24d6c2d799cf19
cee82e7fe8495f9961c1a958344cf17ab470b11b
9d05743ecfc344a13cf9629cf36c53d0b06c4fa241d8633852d7bdd7ba85590b
Analyzer Verdict Alert fortinet Malware
GET /themes/durham-works-v1/assets/js/jquery.cookiebar.js HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 8341
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
devtest.durhamworks.info/themes/durham-works-v1/assets/js/jquery.smartmenus.bootstrap.min.js
160.153.245.133200 OK 2.8 kB URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/js/jquery.smartmenus.bootstrap.min.js
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type ASCII text, with very long lines (2684)
Hash dd369a8480abd04400f49188f8efbae2
ce6a0a73f6922fbea932c06e9afe5cff659b2aaa
7a93a80472fb87a338d1e9f5aeac957791f89becb715a77f44bf581dee52895b
Analyzer Verdict Alert fortinet Malware
GET /themes/durham-works-v1/assets/js/jquery.smartmenus.bootstrap.min.js HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Wed, 11 Jul 2018 12:22:12 GMT
Accept-Ranges: bytes
Content-Length: 2789
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
devtest.durhamworks.info/modules/system/assets/css/framework.extras-min.css
160.153.245.133200 OK 5.1 kB URL HTTP/1.1 devtest.durhamworks.info/modules/system/assets/css/framework.extras-min.css
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type ASCII text, with very long lines (437)
Hash f67da60090934b1578c3702f4ce50608
dd8d94be0c5aa5b6be0703df2bfa5a7174a183bf
448c9b440aaa290957e2af66b5e2a5e7a73b06d547a5cbf12a06708bff2b4475
GET /modules/system/assets/css/framework.extras-min.css HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Wed, 24 Apr 2019 10:08:30 GMT
Accept-Ranges: bytes
Content-Length: 5145
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
devtest.durhamworks.info/modules/system/assets/js/framework.combined-min.js
160.153.245.133200 OK 16 kB URL HTTP/1.1 devtest.durhamworks.info/modules/system/assets/js/framework.combined-min.js
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type ASCII text, with very long lines (567)
Hash b6ab0be9d32fe1f0d9ce34e11b07cbe1
e94c541f5524140a71de996071eaf487b5041a99
5fc1631b21c5bbc5d91e8e2565f844313c379b45e3cff152ce755cf34ff74767
Analyzer Verdict Alert fortinet Malware
GET /modules/system/assets/js/framework.combined-min.js HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Wed, 24 Apr 2019 10:08:30 GMT
Accept-Ranges: bytes
Content-Length: 15752
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2648db12984a09f2dec69b7d2047f187
b52d9496452542d8f1127d4b77c27e22107c34a1
1439e26d15f854c1f1ddd1b37e37846107a83eafd38945da4d48709052f638b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6257
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 07:49:03 GMT
Last-Modified: Mon, 30 Jan 2023 06:04:46 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280
devtest.durhamworks.info/themes/durham-works-v1/assets/js/jquery.min.js
160.153.245.133200 OK 97 kB URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/js/jquery.min.js
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type ASCII text, with very long lines (32077)
Hash 4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Analyzer Verdict Alert fortinet Malware
GET /themes/durham-works-v1/assets/js/jquery.min.js HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 97163
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
devtest.durhamworks.info/themes/durham-works-v1/assets/js/jquery.smartmenus.js
160.153.245.133200 OK 45 kB URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/js/jquery.smartmenus.js
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
Hash 59e498b39f1fa429ba418ef29b22b4ad
49350cf7d7f79c7a6f7650e1444bd1af75fc8b87
909cc5d431192654cae6765c05dce941015e632a56ccd7afe5aff278c9d2642d
Analyzer Verdict Alert fortinet Malware
GET /themes/durham-works-v1/assets/js/jquery.smartmenus.js HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Wed, 11 Jul 2018 12:21:40 GMT
Accept-Ranges: bytes
Content-Length: 45424
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
devtest.durhamworks.info/themes/durham-works-v1/assets/images/durham_county_council_logo.png
160.153.245.133200 OK 19 kB URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/images/durham_county_council_logo.png
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type PNG image data, 254 x 115, 8-bit/color RGBA, non-interlaced\012- data
Hash 3df215bbce575e9f30ee76f44df5d12e
ca59fa239749e44574ba5583ab92759eccd0d7a1
00b18b44c84e13f8e4d55fed92062eaacfaf9e4d9a46844de3e76e40a4061212
GET /themes/durham-works-v1/assets/images/durham_county_council_logo.png HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 18804
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
devtest.durhamworks.info/themes/durham-works-v1/assets/images/european_union_logo.png
160.153.245.133200 OK 14 kB URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/images/european_union_logo.png
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type PNG image data, 360 x 115, 8-bit/color RGBA, non-interlaced\012- data
Hash 326ab54e3e3ba3cf58f97bf32101314a
e810563ee11112e4377c58811b9df5dce63cdaa6
e27c37dc18982a92a2ca327fa43c8a24aa100839cffb2e555af8a446ee511f08
GET /themes/durham-works-v1/assets/images/european_union_logo.png HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 13488
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
devtest.durhamworks.info/storage/app/media/2022/european_union_logo_2.png
160.153.245.133200 OK 10 kB URL HTTP/1.1 devtest.durhamworks.info/storage/app/media/2022/european_union_logo_2.png
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type PNG image data, 360 x 86, 8-bit/color RGBA, non-interlaced\012- data
Hash 41898038475bc6cdc641fbd34b9186d3
d4642f2b65a0caf21f8aa104b789390b31318a59
e6583ea28d14131fd42dba9eff16ba00ad5f238bc645049b113f045f3701ad70
GET /storage/app/media/2022/european_union_logo_2.png HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 06 Jan 2022 10:18:49 GMT
Accept-Ranges: bytes
Content-Length: 10544
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
devtest.durhamworks.info/themes/durham-works-v1/assets/images/durham_works_logo.png
160.153.245.133200 OK 13 kB URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/images/durham_works_logo.png
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type PNG image data, 380 x 115, 8-bit/color RGBA, non-interlaced\012- data
Hash 0a8c06955a0fac62551c0ef3a11e9984
1c802ca1563cbc97e42c314f7ce642762d567f11
54e6e5da8d3f84c0005bd775f6f9d77db242af571a03ddc75e05b3d5f8ab8cc1
GET /themes/durham-works-v1/assets/images/durham_works_logo.png HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 12575
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
devtest.durhamworks.info/themes/durham-works-v1/assets/images/design/gradient_line.jpg
160.153.245.133200 OK 1.2 kB URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/images/design/gradient_line.jpg
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 41x3, components 3\012- data
Hash fb42e52a485300f5f5168a69575a8c75
9df34c78860298dfc325510aeea33dea1152ae70
0982f13cff3ca73ab5901617203e0bfeee8e19c140e3a602de1366124e51323e
GET /themes/durham-works-v1/assets/images/design/gradient_line.jpg HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/themes/durham-works-v1/assets/css/durhamworks.css
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 1177
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
devtest.durhamworks.info/themes/durham-works-v1/assets/images/design/white-bg.png
160.153.245.133200 OK 23 kB URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/images/design/white-bg.png
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type PNG image data, 728 x 850, 8-bit colormap, non-interlaced\012- data
Hash b89673c64f4957c8c6ac8d8cedb4fbcf
55ad14a0e031ff21e46a51659278ef4b40b0106d
e8f753e9c29193d90fea3c0b3aadbbecd15e2e6e61c4bdb6efb37e57f2489d0b
GET /themes/durham-works-v1/assets/images/design/white-bg.png HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/themes/durham-works-v1/assets/css/durhamworks.css
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 23240
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
devtest.durhamworks.info/themes/durham-works-v1/assets/images/design/white-bg-right.png
160.153.245.133200 OK 22 kB URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/images/design/white-bg-right.png
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type PNG image data, 728 x 850, 8-bit colormap, non-interlaced\012- data
Hash 519d97dbcc6a44f9c179c0cfa4b4e4e8
4cd517481c4bd457d6ee1b54b06a09f7f4fefe1b
cab947b985dbe4685284f3ee98773590bed0a8ef3fa61066f16746b6bdca1031
GET /themes/durham-works-v1/assets/images/design/white-bg-right.png HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/themes/durham-works-v1/assets/css/durhamworks.css
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 21622
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
devtest.durhamworks.info/themes/durham-works-v1/assets/images/design/social_sprite_v2.png
160.153.245.133200 OK 989 B URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/images/design/social_sprite_v2.png
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type PNG image data, 20 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash af5f628ade534b19a767d0f7ce989c56
fdaefbf7b00681bf4c1902f115a3e89fc2f21888
9e516786899ce745e1a51c0f50633d05e691b7d984970168a7f7ed8bbe1ca7ae
GET /themes/durham-works-v1/assets/images/design/social_sprite_v2.png HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/themes/durham-works-v1/assets/css/durhamworks.css
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Fri, 26 Nov 2021 15:55:04 GMT
Accept-Ranges: bytes
Content-Length: 989
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
devtest.durhamworks.info/themes/durham-works-v1/assets/fonts/OpenSans-Regular-webfont.woff
160.153.245.133200 OK 23 kB URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/fonts/OpenSans-Regular-webfont.woff
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type Web Open Font Format, TrueType, length 22660, version 1.0\012- data
Hash 79515ad0788973c533405f7012dfeccd
5092881fad2caffdc6bf71bdab1ea547b73d3564
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40
Analyzer Verdict Alert fortinet Malware
GET /themes/durham-works-v1/assets/fonts/OpenSans-Regular-webfont.woff HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://devtest.durhamworks.info/themes/durham-works-v1/assets/css/durhamworks.css
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 22660
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff
devtest.durhamworks.info/themes/durham-works-v1/assets/fonts/OpenSans-Bold-webfont.woff
160.153.245.133200 OK 22 kB URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/fonts/OpenSans-Bold-webfont.woff
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type Web Open Font Format, TrueType, length 22432, version 1.0\012- data
Hash 2e90d5152ce92858b62ba053c7b9d2cb
8cf65f42a2a8c349ccd6ab63b6cbd17c96fd665c
a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7
Analyzer Verdict Alert fortinet Malware
GET /themes/durham-works-v1/assets/fonts/OpenSans-Bold-webfont.woff HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://devtest.durhamworks.info/themes/durham-works-v1/assets/css/durhamworks.css
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 22432
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff
devtest.durhamworks.info/themes/durham-works-v1/assets/fonts/OpenSans-Semibold-webfont.woff
160.153.245.133200 OK 23 kB URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/fonts/OpenSans-Semibold-webfont.woff
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type Web Open Font Format, TrueType, length 22908, version 1.0\012- data
Hash 697574b47bcfdd2c45e3e63c7380dd67
4590722b795938e0b6ff1b99701d1abe37aeabef
26b216fadb2ffcd542ca56c2d84f9918f62e40de89bf88b4211fffacd2a4ad83
Analyzer Verdict Alert fortinet Malware
GET /themes/durham-works-v1/assets/fonts/OpenSans-Semibold-webfont.woff HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://devtest.durhamworks.info/themes/durham-works-v1/assets/css/durhamworks.css
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 22908
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff
devtest.durhamworks.info/themes/durham-works-v1/assets/fonts/OpenSans-ExtraBold-webfont.woff
160.153.245.133200 OK 24 kB URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/fonts/OpenSans-ExtraBold-webfont.woff
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type Web Open Font Format, TrueType, length 23764, version 1.0\012- data
Hash 6ad396399f4022ccd1616cf11d0985be
2bf5562b0953653292c0e02a7c4ef79b11e52a83
6f3401280248d0a841f0c9e9d18504c2fe7264b220270bfa0fd1b985bc9a4cd2
Analyzer Verdict Alert fortinet Malware
GET /themes/durham-works-v1/assets/fonts/OpenSans-ExtraBold-webfont.woff HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://devtest.durhamworks.info/themes/durham-works-v1/assets/css/durhamworks.css
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:02 GMT
Accept-Ranges: bytes
Content-Length: 23764
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 30 Jan 2023 07:49:03 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f420ea1155b60c594ce4724160516c28
36181ff9653743b8f4583e6b3f3ed067f45aeb74
3b852c6ad4b55279dcfb577c70d3f7a9bbe8cd9d5ace266a6fbbaa581dceae35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5808
Cache-Control: max-age=119585
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 07:49:03 GMT
Etag: "63d68fe0-117"
Expires: Tue, 31 Jan 2023 17:02:08 GMT
Last-Modified: Sun, 29 Jan 2023 15:25:20 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
devtest.durhamworks.info/storage/app/media/favicon/favicon.ico
160.153.245.133200 OK 1.2 kB URL HTTP/1.1 devtest.durhamworks.info/storage/app/media/favicon/favicon.ico
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash ccdddd7d1d31b24733e168d842990f79
ab3c17befd5d8a5925af0b7de5f0652b751443c5
21bcf16fe835cfa3ca0233c3d8dc446e93db3528d1faa61ff6a20bd2f463429c
GET /storage/app/media/favicon/favicon.ico HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9; cb-enabled=enabled; __atuvc=1%7C5; __atuvs=63d7767a8c10cdb6000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 02 Feb 2017 11:57:50 GMT
Accept-Ranges: bytes
Content-Length: 1150
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/x-icon
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=6962
date: Mon, 30 Jan 2023 07:49:03 GMT
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.210200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.210:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=82789
date: Mon, 30 Jan 2023 07:49:03 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c239475b53a2314c43c5922ef55e73f8
e30168fe4daa7e6ebe19591863e7175bf9ad784d
2f985a21771f800b54258c8b1e70a38c9249ef7b9bf2ec61e01d5717c2e204d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2055
Cache-Control: max-age=149672
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 07:49:03 GMT
Etag: "63d71410-1d7"
Expires: Wed, 01 Feb 2023 01:23:35 GMT
Last-Modified: Mon, 30 Jan 2023 00:49:20 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en/sdk.js
157.240.205.11200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en/sdk.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (1957)
Hash 71a6908164d04b26fead2ef4aa0cf913
5f184dab4266d6317658a68dc37020059497de20
930b9f7b85ce7b9f5fa17a656885e9cf328c493976808c6f5e7bfe1720cbef95
GET /en/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: e239294b91d47f04f7be67384fe55be3
etag: "184bb01624ac95d253b31cb564319308"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 30 Jan 2023 07:54:15 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: caaQgWTQSyb+rS70qgz5Ew==
x-fb-debug: tZW2/a9m2aA/+G8JNsba+Z+i0DhyYSZ3CdeIW8oQo3rE6uCrtXvrygxtuHp0t3/pgni/V2TTy5581+OzUo1+EQ==
content-length: 1686
x-fb-trip-id: 1679558926
date: Mon, 30 Jan 2023 07:49:03 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 07:49:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 30 Jan 2023 07:45:20 GMT
expires: Mon, 30 Jan 2023 09:45:20 GMT
cache-control: public, max-age=7200
age: 223
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c239475b53a2314c43c5922ef55e73f8
e30168fe4daa7e6ebe19591863e7175bf9ad784d
2f985a21771f800b54258c8b1e70a38c9249ef7b9bf2ec61e01d5717c2e204d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2055
Cache-Control: max-age=149672
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 07:49:03 GMT
Etag: "63d71410-1d7"
Expires: Wed, 01 Feb 2023 01:23:35 GMT
Last-Modified: Mon, 30 Jan 2023 00:49:20 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 07:49:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
m.addthis.com/live/red_lojson/300lo.json?si=63d7767ac27680fd&bkl=0&bl=1&pdt=526&sid=63d7767ac27680fd&pub=ra-54b90b9e0ae52761&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=devtest.durhamworks.info&fp=wp-wp%2FVystarCU%2Fvystarcu.org_%2Findex.php&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1675064954666&jsl=1&uvs=63d7767a8c10cdb6000&skipb=1&callback=addthis.cbs.jsonp__45895058345563820
23.38.200.123200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=63d7767ac27680fd&bkl=0&bl=1&pdt=526&sid=63d7767ac27680fd&pub=ra-54b90b9e0ae52761&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=devtest.durhamworks.info&fp=wp-wp%2FVystarCU%2Fvystarcu.org_%2Findex.php&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1675064954666&jsl=1&uvs=63d7767a8c10cdb6000&skipb=1&callback=addthis.cbs.jsonp__45895058345563820
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 7a0509145eecda92ff7f762fbe5e9ff0
aeeedcb70dccea134f2108011ea12c4e7ffdbf54
f4c2cd2729cc04803a1a5a42b61c6ef7c7ab6004eadc58aef9260ca5004b312c
GET /live/red_lojson/300lo.json?si=63d7767ac27680fd&bkl=0&bl=1&pdt=526&sid=63d7767ac27680fd&pub=ra-54b90b9e0ae52761&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=devtest.durhamworks.info&fp=wp-wp%2FVystarCU%2Fvystarcu.org_%2Findex.php&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1675064954666&jsl=1&uvs=63d7767a8c10cdb6000&skipb=1&callback=addthis.cbs.jsonp__45895058345563820 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Mon, 30 Jan 2023 07:49:03 GMT
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-54b90b9e0ae52761/_ate.track.config_resp
23.38.200.123200 OK 546 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-54b90b9e0ae52761/_ate.track.config_resp
IP 23.38.200.123:0
File type ASCII text, with very long lines (1595), with no line terminators
Hash 1a12ac45040d06c4252e0d02618aaf1d
1f5d5d65361d3a044433c3985206a6254b1e3123
7a3cc3d9dfa9a602d373774452d27dbcc9aa9b109701787466ea14cf57dd893c
GET /live/boost/ra-54b90b9e0ae52761/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 546
etag: -1035196197--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=60, s-maxage=86400
date: Mon, 30 Jan 2023 07:49:03 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=b6110b9a9fad65dd132b34b5f314dbb6
157.240.205.11200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=b6110b9a9fad65dd132b34b5f314dbb6
IP 157.240.205.11:0
File type ASCII text, with very long lines (13192)
Hash ae8fd915e4672718e02d46759aaad8d0
d795ef388af2e4da8b6dddbf74a4b1f15b7526a3
85dc638bbdd1f8a64abae76810a9460d94a720cc3ed89075a1ee11c9e0a60881
GET /en_US/sdk.js?hash=b6110b9a9fad65dd132b34b5f314dbb6 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://devtest.durhamworks.info
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: dfdb85299d81ff899c2670eee7755992
etag: "3b20f974e162486643a10e38392630f8"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 30 Jan 2024 06:01:49 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: ro/ZFeRnJxjgLUZ1mqrY0A==
x-fb-debug: +2SXV3TrN2/HSFTZhBNwJ2kRU6+V8ccPZgaGhFVlyxAR8Xni/1IhsvmcJeODt2Apol5C1DtavJkQxjSzVaSHaw==
content-length: 86952
x-fb-trip-id: 1679558926
date: Mon, 30 Jan 2023 07:49:03 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
23.38.200.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Mon, 30 Jan 2023 07:49:04 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=2751337&time=1675064954837&url=https%3A%2F%2Fdevtest.durhamworks.info%2Fwp-wp%2FVystarCU%2Fvystarcu.org_%2Findex.php
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=2751337&time=1675064954837&url=https%3A%2F%2Fdevtest.durhamworks.info%2Fwp-wp%2FVystarCU%2Fvystarcu.org_%2Findex.php
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=2751337&time=1675064954837&url=https%3A%2F%2Fdevtest.durhamworks.info%2Fwp-wp%2FVystarCU%2Fvystarcu.org_%2Findex.php HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2751337%26time%3D1675064954837%26url%3Dhttps%253A%252F%252Fdevtest.durhamworks.info%252Fwp-wp%252FVystarCU%252Fvystarcu.org_%252Findex.php%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLOczQAG_KvfgAAAYYBpqV-sDHGWX5nrgR14ehpH3K_RxwxXVt4kj63y8fs5gqZ5-IQIjY_4bvJaA; Max-Age=2592000; Expires=Wed, 01 Mar 2023 07:49:03 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQL_8bBXgRiCEAAAAYYBpqV-_9E3rF9jcppY0LdXQFkEQt555m_ayPF-Rg1mHAPmtL_1YbKIgSDWSM8oCQCbEQ; Max-Age=2592000; Expires=Wed, 01 Mar 2023 07:49:03 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&ce9ac124-70cd-4771-8213-622a7bf41835"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 30-Jan-2024 07:49:03 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2450:u=1:x=1:i=1675064944:t=1675151344:v=2:sig=AQFXsPy-dpnMEQsg4tHEJcDravBatiwl"; Expires=Tue, 31 Jan 2023 07:49:04 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXzdnL2XKLIpkkm+XTC/w==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 575B835A15814F62A279787A49166E96 Ref B: OSL30EDGE0509 Ref C: 2023-01-30T07:49:03Z
date: Mon, 30 Jan 2023 07:49:03 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 07:49:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-91265752-1&cid=1391849760.1675064955&jid=1646943423&gjid=907299687&_gid=1291158102.1675064955&_u=IEBAAEAAAAAAACAAI~&z=1947966885
64.233.165.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-91265752-1&cid=1391849760.1675064955&jid=1646943423&gjid=907299687&_gid=1291158102.1675064955&_u=IEBAAEAAAAAAACAAI~&z=1947966885
IP 64.233.165.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-91265752-1&cid=1391849760.1675064955&jid=1646943423&gjid=907299687&_gid=1291158102.1675064955&_u=IEBAAEAAAAAAACAAI~&z=1947966885 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://devtest.durhamworks.info
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://devtest.durhamworks.info
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Jan 2023 07:49:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 07:49:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f420ea1155b60c594ce4724160516c28
36181ff9653743b8f4583e6b3f3ed067f45aeb74
3b852c6ad4b55279dcfb577c70d3f7a9bbe8cd9d5ace266a6fbbaa581dceae35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5809
Cache-Control: max-age=119585
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 07:49:04 GMT
Etag: "63d68fe0-117"
Expires: Tue, 31 Jan 2023 17:02:09 GMT
Last-Modified: Sun, 29 Jan 2023 15:25:20 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2751337%26time%3D1675064954837%26url%3Dhttps%253A%252F%252Fdevtest.durhamworks.info%252Fwp-wp%252FVystarCU%252Fvystarcu.org_%252Findex.php%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2751337%26time%3D1675064954837%26url%3Dhttps%253A%252F%252Fdevtest.durhamworks.info%252Fwp-wp%252FVystarCU%252Fvystarcu.org_%252Findex.php%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2751337%26time%3D1675064954837%26url%3Dhttps%253A%252F%252Fdevtest.durhamworks.info%252Fwp-wp%252FVystarCU%252Fvystarcu.org_%252Findex.php%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://devtest.durhamworks.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2751337&time=1675064954837&url=https%3A%2F%2Fdevtest.durhamworks.info%2Fwp-wp%2FVystarCU%2Fvystarcu.org_%2Findex.php&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&fb75f8f5-1ae2-4a88-8541-4aedd1fa34f6"; Domain=.linkedin.com; Expires=Tue, 30-Jan-2024 07:49:04 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20230130074904cf470bbf-032b-4ec8-8136-315e2c1cba34AQHf3B9i7yaa62g5WMJ8KSR4A_UXVfXn"; Domain=.www.linkedin.com; Expires=Tue, 30-Jan-2024 07:49:04 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzUwNjQ5NDQ7MjswMjHhEcBnpQtQt/xbVqNgPEsKEd764oXLfuqwqAeDYpZYlg==; Domain=.linkedin.com; Expires=Sat, 29 Jul 2023 07:49:04 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2422:u=1:x=1:i=1675064944:t=1675151344:v=2:sig=AQF8BOevTGI7THAMqaHhWHpyVGua6_lM"; Expires=Tue, 31 Jan 2023 07:49:04 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXzdnL5H/TQ9vHYUKrVLg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: DB3E8664D2D24FBD81E834110FBF4555 Ref B: OSL30EDGE0509 Ref C: 2023-01-30T07:49:04Z
date: Mon, 30 Jan 2023 07:49:03 GMT
content-length: 0
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=2751337&time=1675064954837&url=https%3A%2F%2Fdevtest.durhamworks.info%2Fwp-wp%2FVystarCU%2Fvystarcu.org_%2Findex.php&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=2751337&time=1675064954837&url=https%3A%2F%2Fdevtest.durhamworks.info%2Fwp-wp%2FVystarCU%2Fvystarcu.org_%2Findex.php&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=2751337&time=1675064954837&url=https%3A%2F%2Fdevtest.durhamworks.info%2Fwp-wp%2FVystarCU%2Fvystarcu.org_%2Findex.php&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://devtest.durhamworks.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&4b21f152-0646-4345-82ea-40286b1e0ed9"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 30-Jan-2024 07:49:04 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2422:u=1:x=1:i=1675064944:t=1675151344:v=2:sig=AQF8BOevTGI7THAMqaHhWHpyVGua6_lM"; Expires=Tue, 31 Jan 2023 07:49:04 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXzdnL8JL6vOJonqNGo+Q==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 21478D41D56F4398979A026812F9F6A3 Ref B: OSL30EDGE0509 Ref C: 2023-01-30T07:49:04Z
date: Mon, 30 Jan 2023 07:49:03 GMT
content-length: 0
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js
104.22.24.131200 OK 63 kB URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js
IP 104.22.24.131:0
File type Unicode text, UTF-8 text, with very long lines (65464)
Hash 187020f852f4762032c86019c26c42be
21504fe3637ec30fb012abce439f4675146ef210
3347b3f139965aa5e1465470e2beb4bc6dfcf26594f185a90d42c4c678d978e5
GET /_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://devtest.durhamworks.info
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 07:49:04 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"70dac54eca3bb2143032bc4db3237623"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79189bdf1fd5b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css
188.114.99.234200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css
IP 188.114.99.234:0
GET /bootstrap/3.2.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 07:49:03 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-cachedat: 12/13/2021 21:33:25
cdn-edgestorageid: 723
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 8a2d6f9243b4e68411354ff658d407f2
cdn-cache: HIT
cf-cache-status: HIT
age: 20514389
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 79189bd83e6fb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js
104.22.24.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js
IP 104.22.24.131:0
GET /_s/v4/app/63b77dcd282/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://devtest.durhamworks.info
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 07:49:04 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79189bdf0fc9b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js
104.22.24.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js
IP 104.22.24.131:0
GET /_s/v4/app/63b77dcd282/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://devtest.durhamworks.info
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 07:49:04 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79189bdf1fdeb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js
104.22.24.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js
IP 104.22.24.131:0
GET /_s/v4/app/63b77dcd282/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://devtest.durhamworks.info
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 07:49:04 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79189bdf1fd4b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js
104.22.24.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js
IP 104.22.24.131:0
GET /_s/v4/app/63b77dcd282/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://devtest.durhamworks.info
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 07:49:04 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"385105148a50079bafff97e9c9476109"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79189bdf1fd8b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
devtest.durhamworks.info/themes/durham-works-v1/assets/css/durhamworks.css
160.153.245.133200 OK 0 B URL HTTP/1.1 devtest.durhamworks.info/themes/durham-works-v1/assets/css/durhamworks.css
IP 160.153.245.133:0
ASN #21501 Host Europe GmbH
GET /themes/durham-works-v1/assets/css/durhamworks.css HTTP/1.1
Host: devtest.durhamworks.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://devtest.durhamworks.info/wp-wp/VystarCU/vystarcu.org_/index.php
Cookie: durhamworks_session=eyJpdiI6Im50NXozOXBYRWpDYmUwV0JWaDZ1Znc9PSIsInZhbHVlIjoiblwvZnV0OCsrTEJzYjdqNDVlK0x0Q2J3d3c5b3NlOWQ0S1VcL2lkQlhCM0xUMW5STWVBOXFvMXgyNXRmYkJ0aGxnYXpkVmJ3MzJlUUhvT0s5azFRUXFDQT09IiwibWFjIjoiMjk5ZWJkN2VhZWNkOWFjYjVlZTk5MzcxYjllMjE3MDFhMzAwM2Q2ZjM3NGQwMTllNDcyZDcyZmQ5NjE2M2IzMyJ9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 07:49:03 GMT
Server: Apache
Last-Modified: Thu, 06 Jan 2022 09:19:05 GMT
Accept-Ranges: bytes
Content-Length: 41298
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
cdn.linkedin.oribi.io/partner/2751337/domain/devtest.durhamworks.info/token
54.230.111.112200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/2751337/domain/devtest.durhamworks.info/token
IP 54.230.111.112:0
GET /partner/2751337/domain/devtest.durhamworks.info/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://devtest.durhamworks.info
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Mon, 30 Jan 2023 07:49:04 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3UvUWgH2RKjorFNr7-qydS0NwzCXdUplEDGYKt-IXrw1tFb0mD08bg==
X-Firefox-Spdy: h2
embed.tawk.to/5c38adc6361b3372892faa96/default
104.22.24.131200 OK 0 B URL HTTP/2 embed.tawk.to/5c38adc6361b3372892faa96/default
IP 104.22.24.131:0
GET /5c38adc6361b3372892faa96/default HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://devtest.durhamworks.info
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 07:49:04 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-63b77dcd282"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79189bd99872b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js
104.22.24.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js
IP 104.22.24.131:0
GET /_s/v4/app/63b77dcd282/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://devtest.durhamworks.info
Connection: keep-alive
Referer: https://devtest.durhamworks.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 07:49:04 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"de21d01e9f8b6cc35ea67267d0ba80ec"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79189bdf1fdbb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2