firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 12:04:18 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BElTooAYvN_dATxZt9hCN9vHeW0xIW4vZCtcybG0VvcimYtnsafr3Q==
Age: 1695
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9291
Expires: Tue, 06 Sep 2022 15:07:24 GMT
Date: Tue, 06 Sep 2022 12:32:33 GMT
Connection: keep-alive
mjaassociates.co.uk/
199.188.201.231301 Moved Permanently 707 B IP 199.188.201.231:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Tue, 06 Sep 2022 12:32:33 GMT
server: LiteSpeed
location: https://mjaassociates.co.uk/
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: THLhAuBoBr3snYOmKSs3Re7irFgWpV6L9oWZs3PL2FcA9pvsxojO9w==
age: 40636
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 12:32:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 06 Sep 2022 11:38:18 GMT
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 12:38:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Kt9xjfygDxyyO_F3Z41Mxaa4UYpypXYm624V10MxdWpCCyDfCZfzUQ==
Age: 3255
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 9089d08621010ea83ebeb1644ffe2dea
b4b3902bf0adcb03e4ace964788700adbfde228d
e22a23c285d59ee42dd5caa77529da1ff45bb654ede1f9da797dfe58d084d2d4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 12:32:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 13:53:56 GMT
Expires: Sun, 11 Sep 2022 13:53:55 GMT
Etag: "b4b3902bf0adcb03e4ace964788700adbfde228d"
Cache-Control: max-age=436281,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74673a6219c3b4f3-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1572
Cache-Control: max-age=158422
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:32:34 GMT
Etag: "6316ff94-1d7"
Expires: Thu, 08 Sep 2022 08:32:56 GMT
Last-Modified: Tue, 06 Sep 2022 08:06:44 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.155.157.101101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.155.157.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /Zl2z8sj5T9LHBAGhBcJgw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3tfLYccOlp0Eft9LkQz8nRNLPpU=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f41565238dc856269109dcc30c34c535
28517f51eb3b6cd08981afbf878446d635430741
9e314961a8fca836481ea022db365cc463bcef3b5003c63ccece611b8ff77fe6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:32:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3df811ac19fde08f49ef246c29cef161
e1c8d54b357adaf32e80427028cc884fa35959e0
e2749178e0bf0c4045a96388a58029ddd92d13a866021737864cd68e11317292
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:32:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f41565238dc856269109dcc30c34c535
28517f51eb3b6cd08981afbf878446d635430741
9e314961a8fca836481ea022db365cc463bcef3b5003c63ccece611b8ff77fe6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:32:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit&ver=6.0.2
142.250.74.164200 OK 579 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit&ver=6.0.2
IP 142.250.74.164:0
File type ASCII text, with very long lines (909), with no line terminators
Hash 9d85868fad536a54994eb1aacba53025
1c01a472511b4d1055a639dfb5e22e425a335e35
c2d07c3e881d590c29ce402c55b5d0a1d9729587985137188b4d9daaeb121653
GET /recaptcha/api.js?onload=onloadCallback&render=explicit&ver=6.0.2 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mjaassociates.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 06 Sep 2022 12:32:35 GMT
date: Tue, 06 Sep 2022 12:32:35 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 579
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 80f29cbbe260408ee1418a6fbce5a537
96cfe52bcf90cfdba5cba7907d49a91f44adc032
de264b42b7c59bdadf606387adaca04af680705a947096d048f288c3e5be8517
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:32:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4654
Expires: Tue, 06 Sep 2022 13:50:09 GMT
Date: Tue, 06 Sep 2022 12:32:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4654
Expires: Tue, 06 Sep 2022 13:50:09 GMT
Date: Tue, 06 Sep 2022 12:32:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:31:02 GMT
age: 28893
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Cinzel%3Aregular%2C700%2C900&subset=latin&ver=6.0.2
142.250.74.10200 OK 7.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Cinzel%3Aregular%2C700%2C900&subset=latin&ver=6.0.2
IP 142.250.74.10:0
Hash 976f08a3fc4154a61fb12fcae1db5cf4
d1cd70758375b429b7c500df023083c6c87fa027
dd2ed92a0c2736158a0a9f41f49a2f0f3dc2bad752e126032e70159095cd95f2
GET /css?family=Cinzel%3Aregular%2C700%2C900&subset=latin&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mjaassociates.co.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 12:32:35 GMT
date: Tue, 06 Sep 2022 12:32:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F228f042c-3a57-45c7-84c2-4aaaa1dd2f07.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F228f042c-3a57-45c7-84c2-4aaaa1dd2f07.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 19b452d6541a6028e7d3f90529477077
1c16eb50bc2490b4ebff6775ef611fdcb282f9f9
f4763a0f464067991c2c484c384df4fe791d7df6e3d6ad15650a954db537249f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F228f042c-3a57-45c7-84c2-4aaaa1dd2f07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10694
x-amzn-requestid: c3d2f71c-927d-41f6-93ab-bf041374a9f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWsgHQOIAMFvSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-5d2efd595cdf300972f4fb79;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eikhT8BkN5e163S6QriQybdyPNTKDTf3BCsHifNwfBJfrWv7LqgL8Q==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:06:45 GMT
age: 51950
etag: "1c16eb50bc2490b4ebff6775ef611fdcb282f9f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GSRJIWisH465dPqbKyPj1iZk1jAu3RGrgwj1CX3X8A397zv9Nt0cHA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 08:35:06 GMT
age: 14249
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c4b2d6a516e93799b54fe2bbd6630f86
b5a7380f294876dd308c7fde294f36a425c1be01
7463878d8967ff31d7ce20d5a4408c23ad59123032a990c21a47df0881edcb86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5377
x-amzn-requestid: 2adc68e8-1889-4233-8ac4-e2a8d44ccbdd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X_4XzF1FoAMF3AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63163a98-5918897d7de556f75bbfab34;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 18:06:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DpNb6dBygeDbRbFWIkeXYVddcgxlSVuq4y73JvG315Xp-wkwiDhZyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 18:06:16 GMT
age: 66379
etag: "b5a7380f294876dd308c7fde294f36a425c1be01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a87857b93f99eab3118aae97a1c9d22
3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80
97ce11c0e0efe83d6568f173f9235160157c52b4ab4299823d508c072f113ddc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5775
x-amzn-requestid: dc0a6d9c-5aec-44a3-be54-69cec17f9de1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYfxE0noAMFz0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166dfe-6c8ec4b03fc761d81c988132;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z3WamVQsZqAoYnfPZ0rgyYXGzs1jsv56D1oF4Wzva-H-T8a-xPU8mg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:00:00 GMT
age: 52355
etag: "3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/fonts/dfd_icon_set/dfd_icon_set.css?ver=6.0.2
199.188.201.231200 OK 12 kB URL HTTP/2 mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/fonts/dfd_icon_set/dfd_icon_set.css?ver=6.0.2
IP 199.188.201.231:0
File type ASCII text, with CR line terminators
Hash 9ab0b5e0b8afa0fd719b0b98076a805e
888600e10fc7b5a95621a03b16887bfb377355bc
7596838cd758cde9ef82a3a4bcb5d82cf80c2aaac7653f7abbe3c44e8c4a857d
GET /wp-content/themes/dfd-ronneby/assets/fonts/dfd_icon_set/dfd_icon_set.css?ver=6.0.2 HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:34 GMT
content-type: text/css
last-modified: Fri, 01 Jul 2022 11:58:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11896
date: Tue, 06 Sep 2022 12:32:34 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
199.188.201.231200 OK 11 kB URL HTTP/2 mjaassociates.co.uk/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 199.188.201.231:0
File type ASCII text, with very long lines (43771)
Hash d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:34 GMT
content-type: text/css
last-modified: Tue, 12 Jul 2022 21:11:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10946
date: Tue, 06 Sep 2022 12:32:34 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/themes/dfd-ronneby_child/style.css
199.188.201.231200 OK 205 B URL HTTP/2 mjaassociates.co.uk/wp-content/themes/dfd-ronneby_child/style.css
IP 199.188.201.231:0
Hash 8484af2a63a1e21d8549f5da24c940ee
bc417b9cd6628a89aad12b572e971a17c9ff9d6b
6ce149bed5940f33e526f9944d4b75f3f81cede96a59f588546589ef147c8077
GET /wp-content/themes/dfd-ronneby_child/style.css HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:34 GMT
content-type: text/css
last-modified: Thu, 10 Jun 2021 13:08:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 205
date: Tue, 06 Sep 2022 12:32:34 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/css/mobile-responsive.css
199.188.201.231200 OK 12 kB URL HTTP/2 mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/css/mobile-responsive.css
IP 199.188.201.231:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5279535c0387ad99606574941b645858
7a9097a5bb000c18b1256678cb188db0e4cabf98
f5a23572605999f35b55ded9f118d5f95790a376dc6dea486ba1446e0a72a683
GET /wp-content/themes/dfd-ronneby/assets/css/mobile-responsive.css HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:34 GMT
content-type: text/css
last-modified: Fri, 01 Jul 2022 11:58:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12278
date: Tue, 06 Sep 2022 12:32:34 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
199.188.201.231200 OK 4.6 kB URL HTTP/2 mjaassociates.co.uk/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 199.188.201.231:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:34 GMT
content-type: application/javascript
last-modified: Tue, 30 Aug 2022 21:13:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Tue, 06 Sep 2022 12:32:34 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/css/visual-composer.css
199.188.201.231200 OK 62 kB URL HTTP/2 mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/css/visual-composer.css
IP 199.188.201.231:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 051472030feeb1e30feb918e2aa91268
f5bc5c2f972e90ee2edfaf585c2e1e98ecb3f309
9a4e59fedbc7f1e796289fe134d7cb8eb4e643bcfd6ad213e29abe28e789e9bc
GET /wp-content/themes/dfd-ronneby/assets/css/visual-composer.css HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:34 GMT
content-type: text/css
last-modified: Fri, 01 Jul 2022 11:58:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 62109
date: Tue, 06 Sep 2022 12:32:34 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/css/styled-button.css
199.188.201.231200 OK 1.6 kB URL HTTP/2 mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/css/styled-button.css
IP 199.188.201.231:0
File type ASCII text, with very long lines (14068), with no line terminators
Hash bae2b44cf08b26d9b103c7d3b94c9bb4
3312d166bf552f7f9e39dc84d9780fca1f64dfed
88863883f6b1b0a796492108b520729bcc5af067071ddb198d7e9b452508e603
GET /wp-content/themes/dfd-ronneby/assets/css/styled-button.css HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: text/css
last-modified: Fri, 01 Jul 2022 11:58:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1609
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
199.188.201.231200 OK 42 kB URL HTTP/2 mjaassociates.co.uk/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
IP 199.188.201.231:0
File type ASCII text, with very long lines (65358)
Hash 6d4b0d5a5a72ede7cb1b41f1888b1472
36bf958ff03d07059e93bd8388f75ba5cbf9044b
f4adbeefd0b26c8c194986bb2f09825ddad65a562ae5718de1e76d7ba653a0d1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0 HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: text/css
last-modified: Fri, 01 Jul 2022 10:13:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 42034
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
199.188.201.231200 OK 30 kB URL HTTP/2 mjaassociates.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 199.188.201.231:0
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: application/javascript
last-modified: Tue, 30 Aug 2022 21:13:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
199.188.201.231200 OK 4.0 kB URL HTTP/2 mjaassociates.co.uk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 199.188.201.231:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: application/javascript
last-modified: Tue, 30 Aug 2022 21:13:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/uploads/2021/07/DarkLogo.png
199.188.201.231200 OK 3.8 kB URL HTTP/2 mjaassociates.co.uk/wp-content/uploads/2021/07/DarkLogo.png
IP 199.188.201.231:0
File type PNG image data, 198 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash a53f7af13045cf02391b78af53f705e7
0382ec9db3d2323c89c826606ff3758d308aabd4
e5584f72cbd586819b4c7f78105caacd55a25878ebbb37018e385e32df584d03
GET /wp-content/uploads/2021/07/DarkLogo.png HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: image/png
last-modified: Thu, 29 Jul 2021 11:57:34 GMT
accept-ranges: bytes
content-length: 3787
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/plugins/revslider/public/assets/assets/dummy.png
199.188.201.231200 OK 68 B URL HTTP/2 mjaassociates.co.uk/wp-content/plugins/revslider/public/assets/assets/dummy.png
IP 199.188.201.231:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: image/png
last-modified: Fri, 01 Jul 2022 16:28:29 GMT
accept-ranges: bytes
content-length: 68
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/uploads/2021/07/LightLogo.png
199.188.201.231200 OK 3.7 kB URL HTTP/2 mjaassociates.co.uk/wp-content/uploads/2021/07/LightLogo.png
IP 199.188.201.231:0
File type PNG image data, 198 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash aaf271cf35e8ebc61049154dcfe082bb
555b94840ead543819106065fc995107256d92f5
30f9df09428bad507e4e74625a6c5cd5b04208be598f26adcd0ced74276e95e9
GET /wp-content/uploads/2021/07/LightLogo.png HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: image/png
last-modified: Thu, 29 Jul 2021 11:58:01 GMT
accept-ranges: bytes
content-length: 3703
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:32:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:32:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:32:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
142.250.74.163200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mjaassociates.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 21:13:12 GMT
expires: Tue, 05 Sep 2023 21:13:12 GMT
cache-control: public, max-age=31536000
age: 55166
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/greatvibes/v14/RWmMoKWR9v4ksMfaWd_JN9XFiaQ.woff2
142.250.74.163200 OK 33 kB URL HTTP/2 fonts.gstatic.com/s/greatvibes/v14/RWmMoKWR9v4ksMfaWd_JN9XFiaQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 33404, version 1.0\012- data
Hash ef83fe0e20f5e349121b341d29883015
7e9f91f6973f92ed81f26279b0cd800033b36c83
553fd833571d149d17f3dfd32a4d92422431dc852be5b1af1576b2298c65c4d3
GET /s/greatvibes/v14/RWmMoKWR9v4ksMfaWd_JN9XFiaQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mjaassociates.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 17:17:03 GMT
expires: Fri, 01 Sep 2023 17:17:03 GMT
cache-control: public, max-age=31536000
age: 414935
last-modified: Thu, 21 Apr 2022 16:28:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/cinzel/v19/8vIJ7ww63mVu7gt79mT7.woff2
142.250.74.163200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/cinzel/v19/8vIJ7ww63mVu7gt79mT7.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 24880, version 1.0\012- data
Hash 60337f4929e607883108c207a551f3c4
a362b7463f901e670973729b259f8c39a9cbf23c
5dc3de1acae3f4da0c269de47f720023720ab9ca0b84e61be6d57e1481a9e224
GET /s/cinzel/v19/8vIJ7ww63mVu7gt79mT7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mjaassociates.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24880
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 07:03:51 GMT
expires: Fri, 01 Sep 2023 07:03:51 GMT
cache-control: public, max-age=31536000
age: 451727
last-modified: Fri, 24 Jun 2022 18:49:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/droidserif/v19/tDbK2oqRg1oM3QBjjcaDkOr4nAfcHg.woff2
142.250.74.163200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/droidserif/v19/tDbK2oqRg1oM3QBjjcaDkOr4nAfcHg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 20452, version 1.0\012- data
Hash 748e4474d6c6b46abba5a50f0a986152
575fd87ae9167d233d8c024ade8544d09c1b9eef
722d1d506241600936dd8a2bd82430e214405cefb4ee2496194ddedc92f0d193
GET /s/droidserif/v19/tDbK2oqRg1oM3QBjjcaDkOr4nAfcHg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mjaassociates.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 22:36:56 GMT
expires: Wed, 30 Aug 2023 22:36:56 GMT
cache-control: public, max-age=31536000
age: 568542
last-modified: Tue, 19 Apr 2022 19:27:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptsg8zYS_SKggPNyCg4TYFq.woff2
142.250.74.163200 OK 49 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptsg8zYS_SKggPNyCg4TYFq.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 48620, version 1.0\012- data
Hash 8b3f45fbebe40f151e3bdadf9062f2c6
d4b9145fb8346c6442cc946bc25da699dd035e0e
4defd36147167542db6c6ac44452d3784f51bf7f124128fe5f4581bbdb8d2ccc
GET /s/raleway/v28/1Ptsg8zYS_SKggPNyCg4TYFq.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mjaassociates.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 00:36:42 GMT
expires: Wed, 06 Sep 2023 00:36:42 GMT
cache-control: public, max-age=31536000
age: 42956
last-modified: Mon, 18 Jul 2022 19:45:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:32:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
142.250.74.163200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 22476, version 1.0\012- data
Hash c221fd7b9d189773de5e54745a6dc28c
9a58a6bd08f6cda6acbfaaa160375d3e1c5c93f0
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
GET /s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mjaassociates.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22476
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 22:34:11 GMT
expires: Wed, 30 Aug 2023 22:34:11 GMT
cache-control: public, max-age=31536000
age: 568707
last-modified: Tue, 19 Apr 2022 19:19:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rnbtheme.com/twenty_two/wp-content/uploads/2017/04/soomka.jpg?id=35
212.83.166.133301 Moved Permanently 162 B URL HTTP/1.1 rnbtheme.com/twenty_two/wp-content/uploads/2017/04/soomka.jpg?id=35
IP 212.83.166.133:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /twenty_two/wp-content/uploads/2017/04/soomka.jpg?id=35 HTTP/1.1
Host: rnbtheme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 06 Sep 2022 12:32:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://rnbtheme.com:443/twenty_two/wp-content/uploads/2017/04/soomka.jpg?id=35
rnbtheme.com/twenty_two/wp-content/uploads/2017/04/pencil_bg.jpg?id=84
212.83.166.133301 Moved Permanently 162 B URL HTTP/1.1 rnbtheme.com/twenty_two/wp-content/uploads/2017/04/pencil_bg.jpg?id=84
IP 212.83.166.133:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /twenty_two/wp-content/uploads/2017/04/pencil_bg.jpg?id=84 HTTP/1.1
Host: rnbtheme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 06 Sep 2022 12:32:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://rnbtheme.com:443/twenty_two/wp-content/uploads/2017/04/pencil_bg.jpg?id=84
rnbtheme.com/twenty_two/wp-content/uploads/2017/04/phone_man.jpg?id=57
212.83.166.133301 Moved Permanently 162 B URL HTTP/1.1 rnbtheme.com/twenty_two/wp-content/uploads/2017/04/phone_man.jpg?id=57
IP 212.83.166.133:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /twenty_two/wp-content/uploads/2017/04/phone_man.jpg?id=57 HTTP/1.1
Host: rnbtheme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 06 Sep 2022 12:32:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://rnbtheme.com:443/twenty_two/wp-content/uploads/2017/04/phone_man.jpg?id=57
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a7ac600b85681aa501e2a48efc9361dd
5057da5a04ea24ce509eec44405718648832aafd
3f57b051668802dde616354a848b974ca0a6560a076286057479e855784d7b6d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F57B051668802DDE616354A848B974CA0A6560A076286057479E855784D7B6D"
Last-Modified: Sun, 04 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15428
Expires: Tue, 06 Sep 2022 16:49:46 GMT
Date: Tue, 06 Sep 2022 12:32:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a7ac600b85681aa501e2a48efc9361dd
5057da5a04ea24ce509eec44405718648832aafd
3f57b051668802dde616354a848b974ca0a6560a076286057479e855784d7b6d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F57B051668802DDE616354A848B974CA0A6560A076286057479E855784D7B6D"
Last-Modified: Sun, 04 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15428
Expires: Tue, 06 Sep 2022 16:49:46 GMT
Date: Tue, 06 Sep 2022 12:32:38 GMT
Connection: keep-alive
rnbtheme.com/twenty_two/wp-content/uploads/2017/04/soomka.jpg?id=35
212.83.166.133200 OK 22 kB URL HTTP/1.1 rnbtheme.com/twenty_two/wp-content/uploads/2017/04/soomka.jpg?id=35
IP 212.83.166.133:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1115, components 3\012- data
Hash a5676e1a350037a885569ba666ce531a
ef967588f28576b8946c3c7f82b2a2826fa91937
69c4bec5408aacff8a2deb59bb618ab3a1faf26861d7a5303c26ee6b3cca287c
GET /twenty_two/wp-content/uploads/2017/04/soomka.jpg?id=35 HTTP/1.1
Host: rnbtheme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 12:32:38 GMT
Content-Type: image/jpeg
Content-Length: 21954
Last-Modified: Wed, 23 Aug 2017 11:10:12 GMT
Connection: keep-alive
ETag: "599d6294-55c2"
Expires: Thu, 06 Oct 2022 12:32:38 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
rnbtheme.com/twenty_two/wp-content/uploads/2017/04/phone_man.jpg?id=57
212.83.166.133200 OK 27 kB URL HTTP/1.1 rnbtheme.com/twenty_two/wp-content/uploads/2017/04/phone_man.jpg?id=57
IP 212.83.166.133:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1115, components 3\012- data
Hash 988870f3666bbf7cd8cd7d46bf47489c
dd4f59ebd3b56ff9e508649ae66c30ac970887a3
d436b27ef39447c73321ba24bf1266191dde535f6ac7599224119022100cdbc3
GET /twenty_two/wp-content/uploads/2017/04/phone_man.jpg?id=57 HTTP/1.1
Host: rnbtheme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 12:32:38 GMT
Content-Type: image/jpeg
Content-Length: 26655
Last-Modified: Wed, 23 Aug 2017 11:10:12 GMT
Connection: keep-alive
ETag: "599d6294-681f"
Expires: Thu, 06 Oct 2022 12:32:38 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
rnbtheme.com/twenty_two/wp-content/uploads/2017/04/pencil_bg.jpg?id=84
212.83.166.133200 OK 20 kB URL HTTP/1.1 rnbtheme.com/twenty_two/wp-content/uploads/2017/04/pencil_bg.jpg?id=84
IP 212.83.166.133:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x965, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 0-0, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 419154481905664.000000\012- data
Hash 8005682bbcb9dbcb7637e3db5dd8974d
ee9efa4f6676c10a1a4ffb8a6be232f4450a3c9d
9cfd0edda14f949d2345ae71efe81ed2377361a7c75b359a86a07c44924ec39a
GET /twenty_two/wp-content/uploads/2017/04/pencil_bg.jpg?id=84 HTTP/1.1
Host: rnbtheme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 12:32:38 GMT
Content-Type: image/jpeg
Content-Length: 19836
Last-Modified: Wed, 23 Aug 2017 11:10:12 GMT
Connection: keep-alive
ETag: "599d6294-4d7c"
Expires: Thu, 06 Oct 2022 12:32:38 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
mjaassociates.co.uk/wp-content/uploads/2022/07/woman_think.jpg
199.188.201.231200 OK 21 kB URL HTTP/2 mjaassociates.co.uk/wp-content/uploads/2022/07/woman_think.jpg
IP 199.188.201.231:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 379x253, components 3\012- data
Hash 4d07e02387444526f721f92d78dfd005
07839ccdca74b74d2e9cecbaec5b3e926601bb3b
573230060f38ca8aa435ad691e5404a0b400894f14ec960be18e2f50547b39c2
GET /wp-content/uploads/2022/07/woman_think.jpg HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: image/jpeg
last-modified: Fri, 01 Jul 2022 12:28:39 GMT
accept-ranges: bytes
content-length: 20597
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/uploads/2022/07/planning.jpg
199.188.201.231200 OK 36 kB URL HTTP/2 mjaassociates.co.uk/wp-content/uploads/2022/07/planning.jpg
IP 199.188.201.231:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 379x253, components 3\012- data
Hash 64c29c485ba54f1a74f3fab2aae1e144
2f03a539b50f8795eadd7619210757c03bb51936
94bc94adc0935f2c6dba62d5b15416e8d443447c9a14732df6a6a5efab5ee082
GET /wp-content/uploads/2022/07/planning.jpg HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: image/jpeg
last-modified: Fri, 01 Jul 2022 12:28:46 GMT
accept-ranges: bytes
content-length: 35583
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/uploads/2022/07/wom2-80x80-1-80x80.jpg
199.188.201.231200 OK 1.8 kB URL HTTP/2 mjaassociates.co.uk/wp-content/uploads/2022/07/wom2-80x80-1-80x80.jpg
IP 199.188.201.231:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash 5c7a671da098154dcdc871adccd26fe3
86bb1eef0234d64ea46e85a7d2272aed1f8ff4f7
b4b350697447a65e7cd1b6103101a32a11a90a8caf0b4449bde85229af6e38e1
GET /wp-content/uploads/2022/07/wom2-80x80-1-80x80.jpg HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: image/jpeg
last-modified: Fri, 01 Jul 2022 13:02:01 GMT
accept-ranges: bytes
content-length: 1842
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/uploads/2022/07/man1-80x80-1-80x80.jpg
199.188.201.231200 OK 1.9 kB URL HTTP/2 mjaassociates.co.uk/wp-content/uploads/2022/07/man1-80x80-1-80x80.jpg
IP 199.188.201.231:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash 218b400ea41793184c96219b42ce66cd
e8776f8c11d7bef3dcc81b493bbb372faa90569d
ae7475237e32b58c6fd26776b1a033ceb91ab057cb7ffcb8aaa91678ece59d4b
GET /wp-content/uploads/2022/07/man1-80x80-1-80x80.jpg HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: image/jpeg
last-modified: Fri, 01 Jul 2022 13:02:01 GMT
accept-ranges: bytes
content-length: 1886
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
199.188.201.231200 OK 7.5 kB URL HTTP/2 mjaassociates.co.uk/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
IP 199.188.201.231:0
File type Web Open Font Format, TrueType, length 7536, version 1.0\012- data
Hash 04eb8fc57f27498e5ae37523e3bfb2c7
d942ae11706c3f7e511e3c49b0e4574d7ad199c4
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: font/woff
last-modified: Fri, 01 Jul 2022 16:28:29 GMT
accept-ranges: bytes
content-length: 7536
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/plugins/ronneby-core//inc/vc_custom/user_form/assets/css/jquery-ui-1.11.4.custom/jquery-ui.min.css?ver=6.0.2
199.188.201.231200 OK 3.3 kB URL HTTP/2 mjaassociates.co.uk/wp-content/plugins/ronneby-core//inc/vc_custom/user_form/assets/css/jquery-ui-1.11.4.custom/jquery-ui.min.css?ver=6.0.2
IP 199.188.201.231:0
File type ASCII text, with very long lines (17400), with CRLF line terminators
Hash 795d683dd7aeda4d7bb46841abdf53b2
cf74acca8565c24e7e607bc644b5e5413c375176
8aac4da55a1c25b5b7e35a30e58eef8ea34080a02c0b11cd49c8c31844a9de64
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ronneby-core//inc/vc_custom/user_form/assets/css/jquery-ui-1.11.4.custom/jquery-ui.min.css?ver=6.0.2 HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: text/css
last-modified: Fri, 01 Jul 2022 10:13:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3252
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
199.188.201.231200 OK 5.7 kB URL HTTP/2 mjaassociates.co.uk/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
IP 199.188.201.231:0
File type ASCII text, with very long lines (16109), with no line terminators
Hash 6687910f2f31618bc2b3772b2d7ce77b
3b5ab3572c57dbe3fb274ca85ea8ad6156052daf
f78e26de908c858c29cdf8851ceae6d1609bd41f35505c2136300f00e729a93c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: application/javascript
last-modified: Tue, 30 Aug 2022 21:13:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5702
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
199.188.201.231200 OK 10 kB URL HTTP/2 mjaassociates.co.uk/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
IP 199.188.201.231:0
File type ASCII text, with very long lines (36560)
Hash 6a3abc4777f2019e8a4a56ef15fad918
f9a62dfb1c9a97a5339cb908c38bbe4e41e925d1
3dbaeb84eedb9802084c31f8f2962282fe36d32e7b6f9f36115aba450230cb0c
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1 HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: application/javascript
last-modified: Tue, 30 Aug 2022 21:13:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10499
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.25
199.188.201.231200 OK 12 kB URL HTTP/2 mjaassociates.co.uk/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.25
IP 199.188.201.231:0
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 321bfaa421b4c110fd9f5cbdcbd0e935
9d35d9a77eeeb902bb7322960d989df003751866
fd87ba70ff28ac7d086520cd83505af88c9fd280edda2d2f4f89ae1e8acabe46
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.25 HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: text/css
last-modified: Fri, 01 Jul 2022 16:28:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11987
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/plugins/ronneby-core//inc/vc_custom/user_form/assets/js/contact_form.js
199.188.201.231200 OK 2.8 kB URL HTTP/2 mjaassociates.co.uk/wp-content/plugins/ronneby-core//inc/vc_custom/user_form/assets/js/contact_form.js
IP 199.188.201.231:0
File type ASCII text, with very long lines (1789), with CRLF line terminators
Hash 68821e72c7a55d95273eee105c56c70c
9d70bfdeb26d3e0e6c3c5c281584bbca1643a380
1a099500a163d00f6cb17694685b00dc6e90006d1d000be547332051bb5b067a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ronneby-core//inc/vc_custom/user_form/assets/js/contact_form.js HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: application/javascript
last-modified: Fri, 01 Jul 2022 10:13:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2821
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0
199.188.201.231200 OK 6.4 kB URL HTTP/2 mjaassociates.co.uk/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0
IP 199.188.201.231:0
File type ASCII text, with very long lines (21885)
Hash 12ce6455cdad827694ef9f664289df77
46263ea1604342a6ddc8d9869ff0df07a4c6d98a
ddd18c9991c67107d99550781f66b1ab1f5e373bd444c22d62e25aa6906ffb81
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0 HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: application/javascript
last-modified: Fri, 01 Jul 2022 10:13:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6383
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
199.188.201.231200 OK 6.6 kB URL HTTP/2 mjaassociates.co.uk/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 199.188.201.231:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 139a41f01d192d239e7dce15ca307983
62a3e7c0c77209832dc649bc5583e5e0b4918bf5
d796462a5d212cd93b315b43dafb6e77dbe1c3aa567964dc40c1ab0e2c28f405
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: application/javascript
last-modified: Tue, 30 Aug 2022 21:13:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6637
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/uploads/2022/07/bobi.jpg
199.188.201.231200 OK 28 kB URL HTTP/2 mjaassociates.co.uk/wp-content/uploads/2022/07/bobi.jpg
IP 199.188.201.231:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 379x253, components 3\012- data
Hash 98f2f03f64bd21835f68f7ee5b89f5ac
6f46b115e2cbc0bae0239f89f519a006385924a1
4b821f00bc7526d3b5657df4ad28c5f28d292d7163d32bc9d9907ba96e324287
GET /wp-content/uploads/2022/07/bobi.jpg HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: image/jpeg
last-modified: Fri, 01 Jul 2022 12:28:55 GMT
accept-ranges: bytes
content-length: 27751
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/uploads/2022/07/Businessman_boeder.png
199.188.201.231200 OK 81 kB URL HTTP/2 mjaassociates.co.uk/wp-content/uploads/2022/07/Businessman_boeder.png
IP 199.188.201.231:0
File type PNG image data, 667 x 645, 8-bit colormap, non-interlaced\012- data
Hash 1bc1d365a60242d67aed49e4ba37b8ef
d732e65416d0c8706f452e4152407afd35d739f4
9564458db6cd6fb87061e7b4b0caa021569077e8444bcb143c5d23505e2f849e
GET /wp-content/uploads/2022/07/Businessman_boeder.png HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: image/png
last-modified: Fri, 01 Jul 2022 12:24:36 GMT
accept-ranges: bytes
content-length: 80995
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
199.188.201.231200 OK 48 kB URL HTTP/2 mjaassociates.co.uk/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
IP 199.188.201.231:0
File type ASCII text, with very long lines (45108), with CRLF line terminators
Hash 2aac8017157a6a73a417059987903480
5da32b2834f55fccf13c394ad32a93099fa12506
f97d494026469f8e8d6bc6e70c1eeaeeeb3111abf3ffb2d22930e79467132fbe
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18 HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: application/javascript
last-modified: Fri, 01 Jul 2022 16:28:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 48207
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.25
199.188.201.231200 OK 99 kB URL HTTP/2 mjaassociates.co.uk/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.25
IP 199.188.201.231:0
File type ASCII text, with very long lines (64288)
Hash 73c03cd7e8b19e2d38df81bfa7800def
c0fed01c57008d9216cd9f68fe41a56e660d7260
d059c05eb0e668c751f61133f0431e6be005e3d130133598c40e89f4e2a9bb38
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.25 HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: application/javascript
last-modified: Fri, 01 Jul 2022 16:28:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 98655
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/fonts/texgyreadventor-regular-webfont.woff2
199.188.201.231200 OK 19 kB URL HTTP/2 mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/fonts/texgyreadventor-regular-webfont.woff2
IP 199.188.201.231:0
File type Web Open Font Format (Version 2), TrueType, length 19020, version 2.196\012- data
Hash f6f922faab4b5ffdb54ccd30543d9dba
36e8f5ffe3ba96df0c3cafeffc2f5922f620df36
72a0599bc3100f4036770719e8e6a6de6cdc3881838cec384b1f7c7011f0374e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dfd-ronneby/assets/fonts/texgyreadventor-regular-webfont.woff2 HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/css/app.css
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:38 GMT
content-type: font/woff2
last-modified: Fri, 01 Jul 2022 11:58:34 GMT
accept-ranges: bytes
content-length: 19020
date: Tue, 06 Sep 2022 12:32:38 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/fonts/fontello.woff?2586346
199.188.201.231200 OK 3.0 kB URL HTTP/2 mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/fonts/fontello.woff?2586346
IP 199.188.201.231:0
File type Web Open Font Format, TrueType, length 3032, version 1.0\012- data
Hash bce14a7401e228c6b5252fbfa442ceca
de70301d9b3c65fe737d859a6a31a4d187d98108
676cbab8d3501dfa1accebe5952d21a380df7b5dfc6dc886a70364ce56b21194
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dfd-ronneby/assets/fonts/fontello.woff?2586346 HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/css/app.css
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:38 GMT
content-type: font/woff
last-modified: Fri, 01 Jul 2022 11:58:34 GMT
accept-ranges: bytes
content-length: 3032
date: Tue, 06 Sep 2022 12:32:38 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/fonts/dfd-added-font-icon.ttf?uwi5vc
199.188.201.231200 OK 14 kB URL HTTP/2 mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/fonts/dfd-added-font-icon.ttf?uwi5vc
IP 199.188.201.231:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, dfd-added-font-icon\012- data
Hash d4e4725bb248f858374ec8572b6bd326
6f830ab627051b02e8277af0fe98b859c39fce78
3225dc06dda4717cca73b8118f028881019a7ba76773b5f6e48c1f8aaf96af50
GET /wp-content/themes/dfd-ronneby/assets/fonts/dfd-added-font-icon.ttf?uwi5vc HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/css/app.css
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:38 GMT
content-type: font/ttf
last-modified: Fri, 01 Jul 2022 11:58:34 GMT
accept-ranges: bytes
content-length: 14320
date: Tue, 06 Sep 2022 12:32:38 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/uploads/revslider/gfonts/great-vibes/great-vibes-400.woff2
199.188.201.231200 OK 65 kB URL HTTP/2 mjaassociates.co.uk/wp-content/uploads/revslider/gfonts/great-vibes/great-vibes-400.woff2
IP 199.188.201.231:0
File type TrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409\012- data
Hash f6a78180f8a5919877e1801c7ec24545
59357fb529a9b8b961e597b74737de428b579bfd
4b45d6dc100b854486e3110b1961b7d07f64333991b3fcf8b7d4643fa7b2b9bf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/revslider/gfonts/great-vibes/great-vibes-400.woff2 HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:38 GMT
content-type: font/woff2
last-modified: Fri, 01 Jul 2022 17:09:53 GMT
accept-ranges: bytes
content-length: 65412
date: Tue, 06 Sep 2022 12:32:38 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js
IP 142.250.74.163:0
File type HTML document, ASCII text, with very long lines (579)
Size 158 kB (158056 bytes)
Hash d63a69f898e1d00cfc7c871744ded8c4
e166540eccb571c95c8c1135c2168cf5df306991
ed7892ca1498d6dfc0ff8b354ab8c409eed81b1fa77b427467815d0c7f45021c
GET /recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mjaassociates.co.uk
Connection: keep-alive
Referer: https://mjaassociates.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 21:31:14 GMT
expires: Sat, 02 Sep 2023 21:31:14 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
content-type: text/javascript
age: 313287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rnbtheme.com/twenty_two/wp-content/themes/ronneby/assets/img/favicon/favicon.ico
212.83.166.133301 Moved Permanently 162 B URL HTTP/1.1 rnbtheme.com/twenty_two/wp-content/themes/ronneby/assets/img/favicon/favicon.ico
IP 212.83.166.133:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /twenty_two/wp-content/themes/ronneby/assets/img/favicon/favicon.ico HTTP/1.1
Host: rnbtheme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 06 Sep 2022 12:32:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://rnbtheme.com:443/twenty_two/wp-content/themes/ronneby/assets/img/favicon/favicon.ico
mjaassociates.co.uk/
199.188.201.231200 OK 0 B IP 199.188.201.231:0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.30
set-cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
link: <https://mjaassociates.co.uk/wp-json/>; rel="https://api.w.org/", <https://mjaassociates.co.uk/wp-json/wp/v2/pages/60>; rel="alternate"; type="application/json", <https://mjaassociates.co.uk/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 12:32:33 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic%7CDroid%20Serif:400,700,400italic,700italic%7CCinzel:400,700,900%7CGreat%20Vibes:400&subset=latin-ext,latin&display=swap&ver=1661608843
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic%7CDroid%20Serif:400,700,400italic,700italic%7CCinzel:400,700,900%7CGreat%20Vibes:400&subset=latin-ext,latin&display=swap&ver=1661608843
IP 142.250.74.10:0
GET /css?family=Raleway:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic%7CDroid%20Serif:400,700,400italic,700italic%7CCinzel:400,700,900%7CGreat%20Vibes:400&subset=latin-ext,latin&display=swap&ver=1661608843 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mjaassociates.co.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 12:32:35 GMT
date: Tue, 06 Sep 2022 12:32:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/uploads/2022/07/people_22.jpg
199.188.201.231200 OK 0 B URL HTTP/2 mjaassociates.co.uk/wp-content/uploads/2022/07/people_22.jpg
IP 199.188.201.231:0
GET /wp-content/uploads/2022/07/people_22.jpg HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:41 GMT
content-type: image/jpeg
last-modified: Fri, 01 Jul 2022 12:46:05 GMT
accept-ranges: bytes
content-length: 166784
date: Tue, 06 Sep 2022 12:32:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/js_pub/compresed.min.js
199.188.201.231200 OK 0 B URL HTTP/2 mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/js_pub/compresed.min.js
IP 199.188.201.231:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dfd-ronneby/assets/js_pub/compresed.min.js HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:35 GMT
content-type: application/javascript
last-modified: Fri, 01 Jul 2022 11:58:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 116041
date: Tue, 06 Sep 2022 12:32:35 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/css/app.css
199.188.201.231200 OK 0 B URL HTTP/2 mjaassociates.co.uk/wp-content/themes/dfd-ronneby/assets/css/app.css
IP 199.188.201.231:0
GET /wp-content/themes/dfd-ronneby/assets/css/app.css HTTP/1.1
Host: mjaassociates.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mjaassociates.co.uk/
Connection: keep-alive
Cookie: PHPSESSID=b3fc9b4fb4959396254388bd2bb9cbef
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 12:32:34 GMT
content-type: text/css
last-modified: Fri, 01 Jul 2022 11:58:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 12:32:34 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2