r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8728
Expires: Tue, 29 Nov 2022 01:18:18 GMT
Date: Mon, 28 Nov 2022 22:52:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9414
Expires: Tue, 29 Nov 2022 01:29:44 GMT
Date: Mon, 28 Nov 2022 22:52:50 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2206
Cache-Control: max-age=130517
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:52:50 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:08:07 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: O6Ewuu70NHCxUTWrJBJwEAqJBfCuuTcBXLV8SAWUl3Q08iTOp9GJJm9cQblJLsYoV/1RgspW/sM=
x-amz-request-id: MAGMRM4MH5MX9N3J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 22:42:15 GMT
age: 635
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 22:19:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1997
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a16aa3a13442abaff371333f4bc50a4e
858530df75d4e580546f61b01f90590633924d2d
8e86271564cfb475d858dec66077879101cc2e253b6f6912a35547ec05f94aad
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 22:52:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 11:41:48 GMT
Expires: Sun, 04 Dec 2022 11:41:47 GMT
Etag: "858530df75d4e580546f61b01f90590633924d2d"
Cache-Control: max-age=477536,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7716ad225da8b4f9-OSL
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 22:52:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 22:08:55 GMT
cache-control: public,max-age=3600
age: 2636
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2261
Cache-Control: max-age=125505
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:52:51 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 09:44:36 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6b4620c230107c4a41a550936ae73d30
41c55d76d7fec5f9e9b6b41c63be76039ab51d7b
84323dcb2bf41d37624d351e7102832e267b2af6772e06575f52012d510ebacb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4946
Cache-Control: max-age=120652
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:52:51 GMT
Etag: "63845cbd-116"
Expires: Wed, 30 Nov 2022 08:23:43 GMT
Last-Modified: Mon, 28 Nov 2022 07:01:17 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
192.0.77.37200 OK 217 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
IP 192.0.77.37:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /c/6.1.1/wp-includes/css/classic-themes.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 22:52:51 GMT
content-type: text/css
content-length: 217
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
expires: Tue, 28 Nov 2023 22:52:51 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:52:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:52:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:52:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.officialnd.com/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
66.29.146.22200 OK 537 B URL HTTP/2 www.officialnd.com/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
IP 66.29.146.22:0
Hash 912417e2f1dc528315cd897c614a4728
b1a691de86c05ef439850bf18cc5747b1c777d0a
ff745eec876a0fe33c5b164e90a1196970ee2c5ce79a269002d6b928b993f469
GET /wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0 HTTP/1.1
Host: www.officialnd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/cole-van-note-announces-johnson-county-data-breach-investigation-officialnd/?feed_id=42740&_unique_id=6385136460c1f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 22:52:08 GMT
content-type: text/css
last-modified: Tue, 01 Nov 2022 15:37:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 537
date: Mon, 28 Nov 2022 22:52:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.officialnd.com/wp-content/themes/mh-magazine-lite/style.css?ver=2.9.2
66.29.146.22200 OK 8.8 kB URL HTTP/2 www.officialnd.com/wp-content/themes/mh-magazine-lite/style.css?ver=2.9.2
IP 66.29.146.22:0
File type ASCII text, with very long lines (739)
Hash b4588be584fdfc6f3c8997ce49940a0f
f1b50682d29aa349889fea0469a12ed31deb25cb
c609f96251492512f62d975430d7d977a812b78031dad2797d12dbdf34d562db
GET /wp-content/themes/mh-magazine-lite/style.css?ver=2.9.2 HTTP/1.1
Host: www.officialnd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/cole-van-note-announces-johnson-county-data-breach-investigation-officialnd/?feed_id=42740&_unique_id=6385136460c1f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 22:52:08 GMT
content-type: text/css
last-modified: Tue, 01 Nov 2022 14:08:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8842
date: Mon, 28 Nov 2022 22:52:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.officialnd.com/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
66.29.146.22200 OK 6.7 kB URL HTTP/2 www.officialnd.com/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
IP 66.29.146.22:0
File type ASCII text, with very long lines (30837)
Hash 97c6ce9b4936f66aa388ad33c39aba2d
3f14a7e78fbb4935cf35c20779dc2035531849a9
1eea453c424793fc56ef14093c10b373e3ca8388a70e847394e8084048c5ce38
GET /wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css HTTP/1.1
Host: www.officialnd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/cole-van-note-announces-johnson-county-data-breach-investigation-officialnd/?feed_id=42740&_unique_id=6385136460c1f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 22:52:08 GMT
content-type: text/css
last-modified: Tue, 01 Nov 2022 14:08:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6658
date: Mon, 28 Nov 2022 22:52:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.officialnd.com/wp-content/plugins/mango-buttons/public/style/mb-button.css?ver=1.2.9
66.29.146.22200 OK 1.2 kB URL HTTP/2 www.officialnd.com/wp-content/plugins/mango-buttons/public/style/mb-button.css?ver=1.2.9
IP 66.29.146.22:0
Hash 41ea2be1c36e1072c97749245b63af65
364780ea2ef694eac94d8956878f37ac3254e018
fb57074e16a397f4dbd4f15a5e5350fdd9f209ba432cbe737362cdc5a649a4ac
GET /wp-content/plugins/mango-buttons/public/style/mb-button.css?ver=1.2.9 HTTP/1.1
Host: www.officialnd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/cole-van-note-announces-johnson-county-data-breach-investigation-officialnd/?feed_id=42740&_unique_id=6385136460c1f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 22:52:08 GMT
content-type: text/css
last-modified: Sun, 13 Nov 2022 03:12:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1162
date: Mon, 28 Nov 2022 22:52:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 31 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (65447)
Hash 516b8eeec753644c36caed02fa772f64
f649469b7076d28d98012226b67c6784c83774d4
e25632c803fb07736dfe1fcbb1f85f90811e6cee465edaa237b5b2d33d73ca8d
GET /c/6.1.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 22:52:51 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
content-encoding: br
expires: Tue, 28 Nov 2023 22:52:51 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-Y0TGQ6KH7Q
142.250.74.168200 OK 80 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-Y0TGQ6KH7Q
IP 142.250.74.168:0
File type ASCII text, with very long lines (25492)
Hash 036b2320d6f0229d4f7fc3e8eb5f3d3e
24c5ee87324303b6fbee75ace87713cad5de9019
2e4e1d0d0051defd148144d2ca9d0765518a4a086e921d733c361e4127f46b5e
GET /gtag/js?id=G-Y0TGQ6KH7Q HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 22:52:51 GMT
expires: Mon, 28 Nov 2022 22:52:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79605
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:52:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:52:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.officialnd.com/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.1.1
66.29.146.22200 OK 316 B URL HTTP/2 www.officialnd.com/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.1.1
IP 66.29.146.22:0
Hash 98562a00d396f4e497bd060365515379
b6e09dd87b22b6a7293551423b3e318d4a504ada
da6c3b5ec1baea8dfefe9a30abfa3ee6ba64464cb5ff44856d0704fb45323d40
GET /wp-content/plugins/wp-automatic/js/main-front.js?ver=6.1.1 HTTP/1.1
Host: www.officialnd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/cole-van-note-announces-johnson-county-data-breach-investigation-officialnd/?feed_id=42740&_unique_id=6385136460c1f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 22:52:08 GMT
content-type: application/javascript
last-modified: Tue, 01 Nov 2022 15:37:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 316
date: Mon, 28 Nov 2022 22:52:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.officialnd.com/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.2
66.29.146.22200 OK 11 kB URL HTTP/2 www.officialnd.com/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.2
IP 66.29.146.22:0
File type ASCII text, with very long lines (21960)
Hash 2eadad08e686f6256300f68abbc9e781
79d828e10925973c9d60cc8465971233e0abdbba
11bc9f9824f106fcd705a41ffad0ec8ab8d6515ee403b9b0e4de85545acbcea7
GET /wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.2 HTTP/1.1
Host: www.officialnd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/cole-van-note-announces-johnson-county-data-breach-investigation-officialnd/?feed_id=42740&_unique_id=6385136460c1f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 22:52:08 GMT
content-type: application/javascript
last-modified: Tue, 01 Nov 2022 14:08:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11268
date: Mon, 28 Nov 2022 22:52:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.officialnd.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.2.1
66.29.146.22200 OK 918 B URL HTTP/2 www.officialnd.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.2.1
IP 66.29.146.22:0
Hash ff98a2d5f2f2ad26eb5e4ac74aa9702b
83bf52f910c78babbe737914acc7e36a8b0f35df
9158326d8570a2ac4ecf0d34c7befd54bb857a0c139a3e19dd19bf894642ec89
GET /wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.2.1 HTTP/1.1
Host: www.officialnd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/cole-van-note-announces-johnson-county-data-breach-investigation-officialnd/?feed_id=42740&_unique_id=6385136460c1f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 22:52:07 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 18:48:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 918
date: Mon, 28 Nov 2022 22:52:07 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.officialnd.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
66.29.146.22200 OK 4.6 kB URL HTTP/2 www.officialnd.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 66.29.146.22:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.officialnd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/cole-van-note-announces-johnson-county-data-breach-investigation-officialnd/?feed_id=42740&_unique_id=6385136460c1f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 22:52:07 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Mon, 28 Nov 2022 22:52:07 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qRFKtJ2Ob5Hb613QOB7OGA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XS0F/IFJdki0MCvXGTOb8GDipiU=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 417026ffcf017bb63ec97c8422595242
db286af6e87434de4a8201c7ad609903844c61d9
8f233b2cfb7372dbc20740aca75a14a438fbd608989f7aa51aab13dbad874938
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F233B2CFB7372DBC20740ACA75A14A438FBD608989F7AA51AAB13DBAD874938"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3373
Expires: Mon, 28 Nov 2022 23:49:05 GMT
Date: Mon, 28 Nov 2022 22:52:52 GMT
Connection: keep-alive
phoosi.com/wp-content/uploads/2022/06/2-44.jpg
191.96.56.201200 OK 6.6 kB URL HTTP/2 phoosi.com/wp-content/uploads/2022/06/2-44.jpg
IP 191.96.56.201:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 612x350, components 3\012- data
Hash 8e6bcc971d1d779dbcdb68c722ca72a9
a36915d3c5656427ab5f6bc113a180160016e41c
30cbfe30d1fb4ed11d8dce1d9beae05e1c904ab7ea512f4281ef270ad9bb2a6b
GET /wp-content/uploads/2022/06/2-44.jpg HTTP/1.1
Host: phoosi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Tue, 28 Nov 2023 22:52:52 GMT
content-type: image/jpeg
last-modified: Sat, 25 Jun 2022 09:36:14 GMT
accept-ranges: bytes
content-length: 6551
date: Mon, 28 Nov 2022 22:52:52 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
pl16977271.highperformancecpmgate.com/83/ae/aa/83aeaa6b3377a47861dd648f772d716c.js
192.243.61.225200 OK 13 kB URL HTTP/1.1 pl16977271.highperformancecpmgate.com/83/ae/aa/83aeaa6b3377a47861dd648f772d716c.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37131), with no line terminators
Hash a8e398dd6db96339a041e31b2dc8c4fc
8a69c8f0ae66f2d6ac58e00f091cd196c4c31d90
4fffa7d4bb401235614d1d078984def32d72adc50d542564c5c401d44c0d38be
Analyzer Verdict Alert quad9 Sinkholed
GET /83/ae/aa/83aeaa6b3377a47861dd648f772d716c.js HTTP/1.1
Host: pl16977271.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 22:52:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a050172fa9d803afd8ef86c9ada31fc5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
c0.wp.com/c/6.1.1/wp-includes/js/comment-reply.min.js
192.0.77.37200 OK 1.7 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/comment-reply.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (2946)
Hash a61d5ee76218981b21353bf83f7624c7
4df8502f1e93e98db466c466b3fa295a643d0d36
7a480796b9c459bacfea4951ef3d2bace7c99d442498f97430f1475e841d6066
GET /c/6.1.1/wp-includes/js/comment-reply.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 22:52:51 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
content-encoding: br
expires: Tue, 28 Nov 2023 22:52:51 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:52:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55703d3bfe2eb684148ed6c064f04955
7ebd83b433d0f21d992c54c5cb686fac8031a0cf
ace43109e30792780c3b526994d017abac37d7bedec0382de7b0fb3a10d62041
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "ACE43109E30792780C3B526994D017ABAC37D7BEDEC0382DE7B0FB3A10D62041"
Last-Modified: Sun, 27 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8323
Expires: Tue, 29 Nov 2022 01:11:35 GMT
Date: Mon, 28 Nov 2022 22:52:52 GMT
Connection: keep-alive
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.officialnd.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 407401
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:52:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 94d394d6beaad25971b7f1e02d93b841
07359fac8e3e5c10dee86bdb0d2a468ab90d8f9a
06c4f25efd09668ee6bc8cc7b4d278841c5abb5d31c0e029cda8b43c4ee4a489
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140137
Date: Mon, 28 Nov 2022 22:52:52 GMT
Etag: "6384b816-1d7"
Expires: Wed, 30 Nov 2022 13:48:29 GMT
Last-Modified: Mon, 28 Nov 2022 13:31:02 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jDb3QUXzbSaF2r1SHtHpAwtWWRD21vV1GglMn7RJnUvuwZkcEXv85Q==
Age: 1047
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=4.3.0
104.18.11.207200 OK 5.4 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=4.3.0
IP 104.18.11.207:0
File type ASCII text, with very long lines (23577)
Hash 3d4c8902bff0f20c09d0a1588ce59aca
a7694b2fd88668acdb744d12da74498e6d7bedca
cdbe6432f74adc6f8c98d0d827771b46d2b6803a4e176b3e8e5f51af34049b91
GET /font-awesome/4.3.0/css/font-awesome.min.css?ver=4.3.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:52:51 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 21:08:57
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: f4e260a1f051a51bf706bf42d8bf3299
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 5297118
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7716ad270836b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55703d3bfe2eb684148ed6c064f04955
7ebd83b433d0f21d992c54c5cb686fac8031a0cf
ace43109e30792780c3b526994d017abac37d7bedec0382de7b0fb3a10d62041
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "ACE43109E30792780C3B526994D017ABAC37D7BEDEC0382DE7B0FB3A10D62041"
Last-Modified: Sun, 27 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8323
Expires: Tue, 29 Nov 2022 01:11:35 GMT
Date: Mon, 28 Nov 2022 22:52:52 GMT
Connection: keep-alive
region1.google-analytics.com/g/collect?v=2&tid=G-Y0TGQ6KH7Q>m=2oeb90&_p=1923557931&cid=1411466859.1669675971&ul=en-us&sr=1280x1024&_s=1&sid=1669675971&sct=1&seg=0&dl=https%3A%2F%2Fwww.officialnd.com%2Fcole-van-note-announces-johnson-county-data-breach-investigation-officialnd%2F%3Ffeed_id%3D42740%26_unique_id%3D6385136460c1f&dt=Cole%20%26%20Van%20Note%20Announces%20Johnson%20County%20Data%20Breach%20Investigation%20%C2%BB%20officialnd%20%E2%80%93%20OfficialND&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-Y0TGQ6KH7Q>m=2oeb90&_p=1923557931&cid=1411466859.1669675971&ul=en-us&sr=1280x1024&_s=1&sid=1669675971&sct=1&seg=0&dl=https%3A%2F%2Fwww.officialnd.com%2Fcole-van-note-announces-johnson-county-data-breach-investigation-officialnd%2F%3Ffeed_id%3D42740%26_unique_id%3D6385136460c1f&dt=Cole%20%26%20Van%20Note%20Announces%20Johnson%20County%20Data%20Breach%20Investigation%20%C2%BB%20officialnd%20%E2%80%93%20OfficialND&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-Y0TGQ6KH7Q>m=2oeb90&_p=1923557931&cid=1411466859.1669675971&ul=en-us&sr=1280x1024&_s=1&sid=1669675971&sct=1&seg=0&dl=https%3A%2F%2Fwww.officialnd.com%2Fcole-van-note-announces-johnson-county-data-breach-investigation-officialnd%2F%3Ffeed_id%3D42740%26_unique_id%3D6385136460c1f&dt=Cole%20%26%20Van%20Note%20Announces%20Johnson%20County%20Data%20Breach%20Investigation%20%C2%BB%20officialnd%20%E2%80%93%20OfficialND&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.officialnd.com
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.officialnd.com
date: Mon, 28 Nov 2022 22:52:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ecf9d0f97eecb3d4bf9d89c6470ca33
c44c7b8f173243a226f6b747c73d16c7880c82f3
bcf459d144029c2f585741de7d15019a4622856bc34feeffa76615ed59db6c4e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BCF459D144029C2F585741DE7D15019A4622856BC34FEEFFA76615ED59DB6C4E"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17030
Expires: Tue, 29 Nov 2022 03:36:42 GMT
Date: Mon, 28 Nov 2022 22:52:52 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600
142.250.74.10200 OK 11 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600
IP 142.250.74.10:0
File type ASCII text, with very long lines (26984)
Hash 404e22f4c5fb17ba201dece040f140d6
cd51e214f1c8d56507a2c205bba1708e9f41d6bd
28dd026296e80cdbc9bed03c958f71575c3393426d8ea2067d926b58976abef4
GET /css?family=Open+Sans:400,400italic,700,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 22:52:51 GMT
date: Mon, 28 Nov 2022 22:52:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&blog=211968167&post=37705&tz=5&srv=www.officialnd.com&j=1%3A11.5.1&host=www.officialnd.com&ref=&fcp=1931&rand=0.16967945628137548
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=211968167&post=37705&tz=5&srv=www.officialnd.com&j=1%3A11.5.1&host=www.officialnd.com&ref=&fcp=1931&rand=0.16967945628137548
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=211968167&post=37705&tz=5&srv=www.officialnd.com&j=1%3A11.5.1&host=www.officialnd.com&ref=&fcp=1931&rand=0.16967945628137548 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 22:52:53 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f6cfc2d928d16436d2d2ba14743e7f72
8a0b8be6b23cba807fd44351fe683d51c49256da
080b151b35f2301d20d54eb684426139a6c97bb950a0441875559c151b81d74c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=91935
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:52:53 GMT
Etag: "6383ffe4-117"
Expires: Wed, 30 Nov 2022 00:25:08 GMT
Last-Modified: Mon, 28 Nov 2022 00:25:08 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5e8c2d94ac5837e396de5c60fa58e2bd
6ad5f0c7312230ca7eb2cd4d61e0a4c5565bc97e
fb8583076a68608096bb19db1931a1fd12e4863206cf2fa55599f251c3d27a6a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=159244
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:52:53 GMT
Etag: "638506d1-117"
Expires: Wed, 30 Nov 2022 19:06:57 GMT
Last-Modified: Mon, 28 Nov 2022 19:06:57 GMT
Server: nginx
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8755
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 22:52:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8755
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 22:52:53 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%2C700&ver=6.1.1
142.250.74.10200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%2C700&ver=6.1.1
IP 142.250.74.10:0
Hash 1340360b5af853930919056fef3f6913
eff51fab4b450a47ea1eda66ebfadb69110e5381
c5d803f9ed9dda7676a07420e4634a7691b3bb593f38e13077f085a61057dd2a
GET /css?family=Open+Sans%3A400%2C300%2C700&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 22:52:51 GMT
date: Mon, 28 Nov 2022 22:52:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4058fd62595d15c58b3d3266de9865a
d0dff35eb78f129b5da407043037bcf9c27e55c0
ab996c23d58871a2ad53f0c34688c87f0d7c0eac5d0c1d8265b86951248449fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4871
x-amzn-requestid: e2dfa7b8-ded7-4104-a913-1b84746a3c6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLDUUEy_oAMFgSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638118e8-0b229e0f60ff019d26800dd9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 19:35:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9BUuT9WFwAQMnl8JiTDKo-zHgDL0AdjAAAIh0Mx405zbGwhvRouebQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 12:30:42 GMT
age: 37331
etag: "d0dff35eb78f129b5da407043037bcf9c27e55c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.withinnigeria.com/entertainment/wp-content/uploads/sites/6/2022/11/ifeoluwaunusual/2022/11/28/3E158536-0C81-4132-9A09-1A480A7832D8.jpeg
104.26.15.210200 OK 114 kB URL HTTP/2 www.withinnigeria.com/entertainment/wp-content/uploads/sites/6/2022/11/ifeoluwaunusual/2022/11/28/3E158536-0C81-4132-9A09-1A480A7832D8.jpeg
IP 104.26.15.210:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 850x460, components 3\012- data
Size 114 kB (113575 bytes)
Hash 0996e999f0e5057ecfbb6fb4bc4ee965
43e789c9d51c26e5edff229d4f3d188ce6a6011e
9210f64eb7974cc2022e6131a21110a892f0a714eff1088bb6d9711720337a7a
GET /entertainment/wp-content/uploads/sites/6/2022/11/ifeoluwaunusual/2022/11/28/3E158536-0C81-4132-9A09-1A480A7832D8.jpeg HTTP/1.1
Host: www.withinnigeria.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:52:53 GMT
content-type: image/jpeg
content-length: 113575
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=122262, status=webp_bigger
access-control-allow-origin: *
etag: "63850ccf-1dd96"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 28 Nov 2022 19:32:31 GMT
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: WordOps
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6MKevLFj0X9owlYyeFTHbZ3MQAVXlGOEIiWyiu7mylLoBtQZnS9AWvcgtXia6%2BoiVXiIP4fWTimARULXw98Rx3LKbOPagoL4%2B9SxNj1SecdZUK2HptaB6t5fUmc8WTy6tFQ3i5HLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716ad313d101c06-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faee65fe0-e370-42e3-be13-065dcb4d76e1.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faee65fe0-e370-42e3-be13-065dcb4d76e1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 748366131b496e41f92e15ce7d1cd0e0
a6c7a59a6599ece2cf0e76c778c920dea94ff469
b9ea2d419742c67e2b14536379e7383524f22645b1af988d5bd72154647fc602
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faee65fe0-e370-42e3-be13-065dcb4d76e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4862
x-amzn-requestid: 17c6fb35-2dc8-45e4-a226-a74ba94323b3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYlHXxIAMFcpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5d0-5a0f4f667a3747166eb2b338;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XDdox2fz8xWMEWiTlHtpk_EeS6NUmzBRyWO3fTe47FfJOOvIehST1Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 09:08:40 GMT
age: 49453
etag: "a6c7a59a6599ece2cf0e76c778c920dea94ff469"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
192.0.77.37200 OK 18 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (47826)
Hash aee9ae1c0757e6ee9e15c6c718d45950
d94902108164a559b28fcbbfb57da968ca03d59d
6f416d70b3d8de0e8d35b2f47dfe9dbbaee0ee7ffbf6634885b470f7d49d1b53
GET /c/6.1.1/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 22:52:51 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
content-encoding: br
expires: Tue, 28 Nov 2023 22:52:51 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b1321c5f0e4b56276253fe7bc64c254
b2bf33a94e8d06d3dbca14821ce8a79083e54216
97ddae71f18ac3b849e6904eca94ad70896eb734bf8a43b1ed49706a26707f84
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "97DDAE71F18AC3B849E6904ECA94AD70896EB734BF8A43B1ED49706A26707F84"
Last-Modified: Mon, 28 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4491
Expires: Tue, 29 Nov 2022 00:07:44 GMT
Date: Mon, 28 Nov 2022 22:52:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad01b94-5d16-49b9-bf3e-5742e02ae8b6.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad01b94-5d16-49b9-bf3e-5742e02ae8b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e44c46db2ac9917110dc47aa38fdc85
b5b245c90705ad80c31d457c0d7c96709ca31e96
5024225a583b188860eaf21f7196c06cef8b2e89389ae4b1df6e314399f3b2ae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad01b94-5d16-49b9-bf3e-5742e02ae8b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8796
x-amzn-requestid: 2eed036c-fcda-425b-8c5d-0b0ff31214a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEEWMIAMFwKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-5cb071a2098d43d909eb8d5c;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uWzs8gOBoczTeYXB7-FfJemWbh-hYHwNcR3b9BM5VtJ55NRUzCZeTQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 09:53:45 GMT
age: 46748
etag: "b5b245c90705ad80c31d457c0d7c96709ca31e96"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5cb3e8f86da8f2a7e63b018579b5773e
e6d5b49298e968f11242152d33c12f34fab53759
d6f98e2943d76b0ea5438c702d5694853b6967f5b6b51a80461cae9dae6fec4b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6F98E2943D76B0EA5438C702D5694853B6967F5B6B51A80461CAE9DAE6FEC4B"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4290
Expires: Tue, 29 Nov 2022 00:04:23 GMT
Date: Mon, 28 Nov 2022 22:52:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F306bb762-e2a8-4771-9a39-086c46f94b11.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F306bb762-e2a8-4771-9a39-086c46f94b11.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 415b1b1d5a29fc17b4114bb3df1d1c22
600859401c885cc2cdd1f199cccc198eb41d6a04
abfbf4ecf2423736a29686859f6a8f2b77204b48f3f60d208f6d491e80611e7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F306bb762-e2a8-4771-9a39-086c46f94b11.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7549
x-amzn-requestid: bb37235a-8c7d-47fe-abb6-6cc633560165
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP-7lHmsoAMF9lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638311e3-1f2a4abc40119f3e026dc393;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:29:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -aUqAfyrtMO0hkr2J2lm5SNNFdtaJj-F2dpBULvXjfOV205Ksm0iHw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 4250
etag: "600859401c885cc2cdd1f199cccc198eb41d6a04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f14d18e0fbcae5ddd2d6dfcdf01e7c59
e38da905debd44205ebc6abb628d381c8ec3d3d6
21c884064648ce280ecbff448fe69a9e9b25e605d408ff26a0bd1630191e4617
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21C884064648CE280ECBFF448FE69A9E9B25E605D408FF26A0BD1630191E4617"
Last-Modified: Mon, 28 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4039
Expires: Tue, 29 Nov 2022 00:00:12 GMT
Date: Mon, 28 Nov 2022 22:52:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516776052e5e906ea9f42d25bae5cc85
be4c4d01fc67218e26a3e9d27a2f708e639c9d4b
28e70e38cfad65ad8a7a68ab1dc78747c7013a87b854fc35b163cc5765cd0570
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8460
x-amzn-requestid: 51416479-3854-4f1a-9d86-35e104c57f6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnkHuZIAMF-_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852963-180b323d4a45fa2f29f9b1fc;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3MKambAjrBl64HI6hBuOtNJi3Tj6gxtwH_lOfk0WNX15UnCrAJbNig==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:48:54 GMT
age: 3839
etag: "be4c4d01fc67218e26a3e9d27a2f708e639c9d4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.the-sun.com/wp-content/uploads/sites/6/2022/11/2022-group-h-soccer-match-779014041.jpg?strip=all&quality=100&w=1920&h=1080&crop=1
143.204.55.92200 OK 2.6 MB URL HTTP/2 www.the-sun.com/wp-content/uploads/sites/6/2022/11/2022-group-h-soccer-match-779014041.jpg?strip=all&quality=100&w=1920&h=1080&crop=1
IP 143.204.55.92:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 2.6 MB (2633290 bytes)
Hash a7e10bb70474b2fc65085377c61a2997
4e88f227f659fa02878c4265e6aae15ef89a2cc8
776479779ba63bf83760e363308c2aff0a615ffe0c8ffb747e4402efeca3af06
GET /wp-content/uploads/sites/6/2022/11/2022-group-h-soccer-match-779014041.jpg?strip=all&quality=100&w=1920&h=1080&crop=1 HTTP/1.1
Host: www.the-sun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 2633290
server: nginx
date: Mon, 28 Nov 2022 22:52:53 GMT
last-modified: Mon, 28 Nov 2022 19:59:57 GMT
expires: Tue, 28 Nov 2023 19:59:57 GMT
etag: "ad535aa754662a70"
strict-transport-security: max-age=31536000
cache-control: max-age=2592000
x-rq: lhr2 109 200 443
accept-ranges: bytes
set-cookie: nuk_customer_country_code=NO; Path=/; Secure; SameSite=None
nuk_customer_region_code=03; Path=/; Secure; SameSite=None
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ys1-isPwC-eseFJfTTJZCvFYtSXtnoqnFVzJ0I0klFZGtip4ulARuQ==
X-Firefox-Spdy: h2
www.newpakweb.com/wp-content/uploads/2022/11/images-31.jpeg
172.67.74.52200 OK 25 kB URL HTTP/2 www.newpakweb.com/wp-content/uploads/2022/11/images-31.jpeg
IP 172.67.74.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 512x288, components 3\012- data
Hash 3d1473105c25356e422a1b2e7f7026fb
789488450341eaf3090352a4794ae01e1dd1b0b4
6ac0a5066069bd2314aa1d1e95d3605a2b63ba60d883fd75d1e0ad444f8c6b1f
GET /wp-content/uploads/2022/11/images-31.jpeg HTTP/1.1
Host: www.newpakweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:52:53 GMT
content-type: image/jpeg
content-length: 25437
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=26167, status=webp_bigger
etag: "6384e182-6637"
last-modified: Mon, 28 Nov 2022 16:27:46 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDUo6wBXTm0CLVx5E81HkkDiDoQfoNSloET6rO%2Fa84%2FcHcXqno9aJpbqF5Gy8Y8FHWXx4DFWd%2FPaB51M77Y9Qt34tGwUNoHaI8J2eNm7RUhNBUQ6FCJRSl%2BdheXTgq2EJZCF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7716ad316a18b4ed-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e8a8b4f8e30f5a5b06dad47294c569e8
ad85deb8880913bac87caaa90f68bd72e847f5ae
d3e70b7f28dfd3bf61205ab67a77b8ab61ceb27d0654c4f9c81e80ab5f12045a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3E70B7F28DFD3BF61205AB67A77B8AB61CEB27D0654C4F9C81E80AB5F12045A"
Last-Modified: Sun, 27 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12485
Expires: Tue, 29 Nov 2022 02:20:58 GMT
Date: Mon, 28 Nov 2022 22:52:53 GMT
Connection: keep-alive
hydnews.in/wp-content/uploads/2022/11/Lions-Expected-to-Get-Key-Offensive-Defensive-Starters-Back-Week.jpg
104.21.77.222200 OK 53 kB URL HTTP/2 hydnews.in/wp-content/uploads/2022/11/Lions-Expected-to-Get-Key-Offensive-Defensive-Starters-Back-Week.jpg
IP 104.21.77.222:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 780x438, components 3\012- data
Hash 290319b1ee896bc4f4cc5c9db991cc1f
21486b80225a899ec57971be3e9406a719fdab65
66e513573dc3ec3f702d4acb5fd3ede36ea3020c4e9234cca0eb54e14bedd411
GET /wp-content/uploads/2022/11/Lions-Expected-to-Get-Key-Offensive-Defensive-Starters-Back-Week.jpg HTTP/1.1
Host: hydnews.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:52:53 GMT
content-type: image/jpeg
content-length: 53212
cache-control: public, max-age=10368000
expires: Tue, 28 Mar 2023 22:52:53 GMT
last-modified: Mon, 28 Nov 2022 19:53:29 GMT
vary: User-Agent,Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfHtEZTLU76bb4ripXGSiFbBaBMjaa88T6zH0yMd3VtQJp5SFE%2FwMSt%2BJAYYTFhZiTOJl%2BRqXpdugtxmpEeGLUNvVTLmBgjFatt6etoltYkn%2BnxxLBiQCKk0SkJ2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716ad31c9d8b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b1321c5f0e4b56276253fe7bc64c254
b2bf33a94e8d06d3dbca14821ce8a79083e54216
97ddae71f18ac3b849e6904eca94ad70896eb734bf8a43b1ed49706a26707f84
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "97DDAE71F18AC3B849E6904ECA94AD70896EB734BF8A43B1ED49706A26707F84"
Last-Modified: Mon, 28 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4491
Expires: Tue, 29 Nov 2022 00:07:44 GMT
Date: Mon, 28 Nov 2022 22:52:53 GMT
Connection: keep-alive
tallysaturatesnare.com/watch.1502918346394.js?key=bd98676cadeb63e4d1975be98f431a6a&kw=%5B%22cole%22%2C%22van%22%2C%22note%22%2C%22announces%22%2C%22johnson%22%2C%22county%22%2C%22data%22%2C%22breach%22%2C%22investigation%22%2C%22%C2%BB%22%2C%22officialnd%22%2C%22%E2%80%93%22%2C%22officialnd%22%5D&refer=https%3A%2F%2Fwww.officialnd.com%2Fcole-van-note-announces-johnson-county-data-breach-investigation-officialnd%2F%3Ffeed_id%3D42740%26_unique_id%3D6385136460c1f&tz=0&dev=e&res=12.1055&uuid=da676dcb-53f3-4b6a-8572-2b2383a72776%3A1%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 tallysaturatesnare.com/watch.1502918346394.js?key=bd98676cadeb63e4d1975be98f431a6a&kw=%5B%22cole%22%2C%22van%22%2C%22note%22%2C%22announces%22%2C%22johnson%22%2C%22county%22%2C%22data%22%2C%22breach%22%2C%22investigation%22%2C%22%C2%BB%22%2C%22officialnd%22%2C%22%E2%80%93%22%2C%22officialnd%22%5D&refer=https%3A%2F%2Fwww.officialnd.com%2Fcole-van-note-announces-johnson-county-data-breach-investigation-officialnd%2F%3Ffeed_id%3D42740%26_unique_id%3D6385136460c1f&tz=0&dev=e&res=12.1055&uuid=da676dcb-53f3-4b6a-8572-2b2383a72776%3A1%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1502918346394.js?key=bd98676cadeb63e4d1975be98f431a6a&kw=%5B%22cole%22%2C%22van%22%2C%22note%22%2C%22announces%22%2C%22johnson%22%2C%22county%22%2C%22data%22%2C%22breach%22%2C%22investigation%22%2C%22%C2%BB%22%2C%22officialnd%22%2C%22%E2%80%93%22%2C%22officialnd%22%5D&refer=https%3A%2F%2Fwww.officialnd.com%2Fcole-van-note-announces-johnson-county-data-breach-investigation-officialnd%2F%3Ffeed_id%3D42740%26_unique_id%3D6385136460c1f&tz=0&dev=e&res=12.1055&uuid=da676dcb-53f3-4b6a-8572-2b2383a72776%3A1%3A1 HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.officialnd.com
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Mon, 28 Nov 2022 22:52:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.officialnd.com
Access-Control-Allow-Origin: https://www.officialnd.com
Access-Control-Allow-Credentials: true
Location: https://tallysaturatesnare.com/watch.1502918346394.js?key=bd98676cadeb63e4d1975be98f431a6a&kw=%5B%22cole%22%2C%22van%22%2C%22note%22%2C%22announces%22%2C%22johnson%22%2C%22county%22%2C%22data%22%2C%22breach%22%2C%22investigation%22%2C%22%C2%BB%22%2C%22officialnd%22%2C%22%E2%80%93%22%2C%22officialnd%22%5D&refer=https%3A%2F%2Fwww.officialnd.com%2Fcole-van-note-announces-johnson-county-data-breach-investigation-officialnd%2F%3Ffeed_id%3D42740%26_unique_id%3D6385136460c1f&tz=0&dev=e&res=12.1055&uuid=da676dcb-53f3-4b6a-8572-2b2383a72776%3A1%3A1&shu=c6bc41276d6d7aa24fd6c7a29fdb6c32d1f1aecd3933f96e3deead93998a525512410b8d561dcf3cb5b1cfcaeff82a3635e681fb557b5d3f87a3af5c10d120bff2fc0b54df6192450700dc539fd37eea51a37575&pst=1669676033&rmtc=t
Set-Cookie: u_pl=16876768; expires=Tue, 29 Nov 2022 22:52:53 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjg3Njc2OCwiayI6ImJkOTg2NzZjYWRlYjYzZTRkMTk3NWJlOThmNDMxYTZhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzQ2MjIyLCJwaWQiOjM1NzkyMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJoZWRpNWMyNzMiLCJjcGtzIjp7ICIyOCI6ImZlM2IzMjkwZjA5MThiNzI4ZDAwZGYzYTY4MWRjNjY1In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vZmZpY2lhbG5kLmNvbS9jb2xlLXZhbi1ub3RlLWFubm91bmNlcy1qb2huc29uLWNvdW50eS1kYXRhLWJyZWFjaC1pbnZlc3RpZ2F0aW9uLW9mZmljaWFsbmQvP2ZlZWRfaWQ9NDI3NDBcdTAwMjZfdW5pcXVlX2lkPTYzODUxMzY0NjBjMWYifX0.OdgTco6DrZUOmB3hMWeTjAWwOJW9ZDEfTpVcjJgOjj8; expires=Mon, 28 Nov 2022 22:53:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9f29cda41ecdf80dee259e06c772e157
Strict-Transport-Security: max-age=0; includeSubdomains
wastedinvaluable.com/sbar.json?key=83aeaa6b3377a47861dd648f772d716c&uuid=da676dcb-53f3-4b6a-8572-2b2383a72776%3A1%3A1
192.243.59.13200 OK 4.1 kB URL HTTP/1.1 wastedinvaluable.com/sbar.json?key=83aeaa6b3377a47861dd648f772d716c&uuid=da676dcb-53f3-4b6a-8572-2b2383a72776%3A1%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5880), with no line terminators
Hash 85f9b2bf1d49cd6d2ac06c20ff6a8e7c
93a6fc0315c31897bfe091b08f4cc359a956ee50
5624c4f2f54b8e28a3e6f26f746e64af2a500e2238c08f09e7a86d738e10c128
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=83aeaa6b3377a47861dd648f772d716c&uuid=da676dcb-53f3-4b6a-8572-2b2383a72776%3A1%3A1 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.officialnd.com
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 28 Nov 2022 22:52:54 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.officialnd.com
Access-Control-Allow-Origin: https://www.officialnd.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16876772; expires=Tue, 29 Nov 2022 22:52:53 GMT; secure; SameSite=None
uid_id2=da676dcb-53f3-4b6a-8572-2b2383a72776:1:1; expires=Mon, 05 Dec 2022 22:52:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 22:52:54 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 22:52:54 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 29 Nov 2022 22:52:54 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 29 Nov 2022 22:52:54 GMT; secure; SameSite=None
slec83aeaa6b3377a47861dd648f772d716c=[3760946]; expires=Mon, 28 Nov 2022 22:52:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6bda2ed5febc4c7f93d87cbaa9aafa4e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
tallysaturatesnare.com/watch.1502918346394.js?key=bd98676cadeb63e4d1975be98f431a6a&kw=%5B%22cole%22%2C%22van%22%2C%22note%22%2C%22announces%22%2C%22johnson%22%2C%22county%22%2C%22data%22%2C%22breach%22%2C%22investigation%22%2C%22%C2%BB%22%2C%22officialnd%22%2C%22%E2%80%93%22%2C%22officialnd%22%5D&refer=https%3A%2F%2Fwww.officialnd.com%2Fcole-van-note-announces-johnson-county-data-breach-investigation-officialnd%2F%3Ffeed_id%3D42740%26_unique_id%3D6385136460c1f&tz=0&dev=e&res=12.1055&uuid=da676dcb-53f3-4b6a-8572-2b2383a72776%3A1%3A1&shu=c6bc41276d6d7aa24fd6c7a29fdb6c32d1f1aecd3933f96e3deead93998a525512410b8d561dcf3cb5b1cfcaeff82a3635e681fb557b5d3f87a3af5c10d120bff2fc0b54df6192450700dc539fd37eea51a37575&pst=1669676033&rmtc=t
192.243.59.13200 OK 2.0 kB URL HTTP/1.1 tallysaturatesnare.com/watch.1502918346394.js?key=bd98676cadeb63e4d1975be98f431a6a&kw=%5B%22cole%22%2C%22van%22%2C%22note%22%2C%22announces%22%2C%22johnson%22%2C%22county%22%2C%22data%22%2C%22breach%22%2C%22investigation%22%2C%22%C2%BB%22%2C%22officialnd%22%2C%22%E2%80%93%22%2C%22officialnd%22%5D&refer=https%3A%2F%2Fwww.officialnd.com%2Fcole-van-note-announces-johnson-county-data-breach-investigation-officialnd%2F%3Ffeed_id%3D42740%26_unique_id%3D6385136460c1f&tz=0&dev=e&res=12.1055&uuid=da676dcb-53f3-4b6a-8572-2b2383a72776%3A1%3A1&shu=c6bc41276d6d7aa24fd6c7a29fdb6c32d1f1aecd3933f96e3deead93998a525512410b8d561dcf3cb5b1cfcaeff82a3635e681fb557b5d3f87a3af5c10d120bff2fc0b54df6192450700dc539fd37eea51a37575&pst=1669676033&rmtc=t
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2518)
Hash 2aaf1ce45f3f3c95e34370ac35f4323f
b9801332c3c580108c53b97a4d0970ba450080a2
5cbc28dfd7ce12d4f32ed6e7891f803f7e4f2c68f0e6c2e6460cfdf833801038
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1502918346394.js?key=bd98676cadeb63e4d1975be98f431a6a&kw=%5B%22cole%22%2C%22van%22%2C%22note%22%2C%22announces%22%2C%22johnson%22%2C%22county%22%2C%22data%22%2C%22breach%22%2C%22investigation%22%2C%22%C2%BB%22%2C%22officialnd%22%2C%22%E2%80%93%22%2C%22officialnd%22%5D&refer=https%3A%2F%2Fwww.officialnd.com%2Fcole-van-note-announces-johnson-county-data-breach-investigation-officialnd%2F%3Ffeed_id%3D42740%26_unique_id%3D6385136460c1f&tz=0&dev=e&res=12.1055&uuid=da676dcb-53f3-4b6a-8572-2b2383a72776%3A1%3A1&shu=c6bc41276d6d7aa24fd6c7a29fdb6c32d1f1aecd3933f96e3deead93998a525512410b8d561dcf3cb5b1cfcaeff82a3635e681fb557b5d3f87a3af5c10d120bff2fc0b54df6192450700dc539fd37eea51a37575&pst=1669676033&rmtc=t HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.officialnd.com
Referer: https://www.officialnd.com/
Connection: keep-alive
Cookie: u_pl=16876768; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjg3Njc2OCwiayI6ImJkOTg2NzZjYWRlYjYzZTRkMTk3NWJlOThmNDMxYTZhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzQ2MjIyLCJwaWQiOjM1NzkyMSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJoZWRpNWMyNzMiLCJjcGtzIjp7ICIyOCI6ImZlM2IzMjkwZjA5MThiNzI4ZDAwZGYzYTY4MWRjNjY1In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vZmZpY2lhbG5kLmNvbS9jb2xlLXZhbi1ub3RlLWFubm91bmNlcy1qb2huc29uLWNvdW50eS1kYXRhLWJyZWFjaC1pbnZlc3RpZ2F0aW9uLW9mZmljaWFsbmQvP2ZlZWRfaWQ9NDI3NDBcdTAwMjZfdW5pcXVlX2lkPTYzODUxMzY0NjBjMWYifX0.OdgTco6DrZUOmB3hMWeTjAWwOJW9ZDEfTpVcjJgOjj8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 28 Nov 2022 22:52:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.officialnd.com
Access-Control-Allow-Origin: https://www.officialnd.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=da676dcb-53f3-4b6a-8572-2b2383a72776:1:1; expires=Mon, 05 Dec 2022 22:52:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 22:52:54 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 22:52:54 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 29 Nov 2022 22:52:54 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 29 Nov 2022 22:52:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cf08590726e4eeae115d5817927a7e22
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
wastedinvaluable.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSujhsQPRkEUVRGEIngzvbPzPSMOSzGGAnmjySSi5f6691yq7uaqu7p3cXDYlRyENzgxWPvN7tZ1BCSu6LMBkEGhIwH2YN78uJBFII5y8wOLD6oeq%2Fq%2Bw7v%2B977bKs8ID5Kun%2F5gllXWtOFdtNvnLyuMmEq17h4rRH4Tf9U47rKOq1TjdXJZftvBn676b%2FeeFfyFbMQ%2BoHvB37QOKusTMzqwhSFyu%2F0gmbPb7bCZtBuYdX%2B%2F%2B1KD456EP0DcgJKjI8v%2F3wfig%2BRpffOSLdSmPyNd9JS08JY9MXu%2B9lKZqoM6VGZWA9Jtjtjw7gxIV8dg8l2Zwpg%2BtsTBWBqTLzfArBsd9YmWH%2FnsFOmITMw8TSq%2FhBSD6HoENzcgBIPCcAFLl5Clt6%2BaGxF1w5ROkHHZO7xI6hqTOZ%2BfxZZeve0VquNq0aXhTKZw2pSQ60OoZaGyMs9FOseVLUHXnwMJX4hC4%2FPI0u3LzltoMT%2Bq4J24o7gbL4dJdF8i3XofLcdh%2FMhC6NuROMwjjtTi5QaQiVDaLkJ6jyUk6M8lImHMveQiv0GbfcS348TlkRRt8U5jyLO292OaIuo1U18lHyiYRNFvgmuN8HtBnK7gRV162H7BGz5I9xyDSc8uIKgL2pUkqByBBUlqBRBVRBU%2FXpHaBe6%2BrbQrmTBLIezHNUDUyxt0R1TLMmMbOUH5JmJd573yR9YkfuNbkQlpR0WRXFMW3G3EwjRaXWTOA5FHHQ4nKqh3LGp0nU1Ji%2FsNJGrMTnefwWM7sHpPXD1Imj5Emg1iEMfdHnQ6vpYz%2B5msnJUU1u4JjcphKmRF3Mo1rwtfUCen06xx0NIPlp8NPzig5P%2F7oHbGrmt8aF6QLCkbw6umIpsXzGVI%2Fcv5YVK1TqdTPhqQQs59817cq0yVpw74za%2FfotPgEl555p0xXmaCZUtOfLtaSWEtGeN5ZJ8f85dl%2Bxy6ZZPlzYr8%2FOX3z57Ls2tdE6ZbAiqHsZfgqsxeerCxnR3X%2F78AZQdwpY10nJEZgFl9sDzDbh8tPj3R3%2FdWrb34AyB1UcclnuoynpgQ3b0qdWYhI%2Beg5ajxe%2FuPBm89ucaKKvh5JENTI5%2B%2BOeQv%2BVuYsl6oMUNZGmNvq3R1zWo3oQrnxgUuR0t%2FhpNA0x7A6att8201bcO7XVqvyHbiZ9IP5Qs6bEkpr7oJa0eo71AxqxNAxRuzD899dN%2FAAAA%2F%2F8BAAD%2F%2F86u29iXBAAA
192.243.59.13200 OK 7 B URL HTTP/1.1 wastedinvaluable.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSujhsQPRkEUVRGEIngzvbPzPSMOSzGGAnmjySSi5f6691yq7uaqu7p3cXDYlRyENzgxWPvN7tZ1BCSu6LMBkEGhIwH2YN78uJBFII5y8wOLD6oeq%2Fq%2Bw7v%2B977bKs8ID5Kun%2F5gllXWtOFdtNvnLyuMmEq17h4rRH4Tf9U47rKOq1TjdXJZftvBn676b%2FeeFfyFbMQ%2BoHvB37QOKusTMzqwhSFyu%2F0gmbPb7bCZtBuYdX%2B%2F%2B1KD456EP0DcgJKjI8v%2F3wfig%2BRpffOSLdSmPyNd9JS08JY9MXu%2B9lKZqoM6VGZWA9Jtjtjw7gxIV8dg8l2Zwpg%2BtsTBWBqTLzfArBsd9YmWH%2FnsFOmITMw8TSq%2FhBSD6HoENzcgBIPCcAFLl5Clt6%2BaGxF1w5ROkHHZO7xI6hqTOZ%2BfxZZeve0VquNq0aXhTKZw2pSQ60OoZaGyMs9FOseVLUHXnwMJX4hC4%2FPI0u3LzltoMT%2Bq4J24o7gbL4dJdF8i3XofLcdh%2FMhC6NuROMwjjtTi5QaQiVDaLkJ6jyUk6M8lImHMveQiv0GbfcS348TlkRRt8U5jyLO292OaIuo1U18lHyiYRNFvgmuN8HtBnK7gRV162H7BGz5I9xyDSc8uIKgL2pUkqByBBUlqBRBVRBU%2FXpHaBe6%2BrbQrmTBLIezHNUDUyxt0R1TLMmMbOUH5JmJd573yR9YkfuNbkQlpR0WRXFMW3G3EwjRaXWTOA5FHHQ4nKqh3LGp0nU1Ji%2FsNJGrMTnefwWM7sHpPXD1Imj5Emg1iEMfdHnQ6vpYz%2B5msnJUU1u4JjcphKmRF3Mo1rwtfUCen06xx0NIPlp8NPzig5P%2F7oHbGrmt8aF6QLCkbw6umIpsXzGVI%2Fcv5YVK1TqdTPhqQQs59817cq0yVpw74za%2FfotPgEl555p0xXmaCZUtOfLtaSWEtGeN5ZJ8f85dl%2Bxy6ZZPlzYr8%2FOX3z57Ls2tdE6ZbAiqHsZfgqsxeerCxnR3X%2F78AZQdwpY10nJEZgFl9sDzDbh8tPj3R3%2FdWrb34AyB1UcclnuoynpgQ3b0qdWYhI%2Beg5ajxe%2FuPBm89ucaKKvh5JENTI5%2B%2BOeQv%2BVuYsl6oMUNZGmNvq3R1zWo3oQrnxgUuR0t%2FhpNA0x7A6att8201bcO7XVqvyHbiZ9IP5Qs6bEkpr7oJa0eo71AxqxNAxRuzD899dN%2FAAAA%2F%2F8BAAD%2F%2F86u29iXBAAA
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSujhsQPRkEUVRGEIngzvbPzPSMOSzGGAnmjySSi5f6691yq7uaqu7p3cXDYlRyENzgxWPvN7tZ1BCSu6LMBkEGhIwH2YN78uJBFII5y8wOLD6oeq%2Fq%2Bw7v%2B977bKs8ID5Kun%2F5gllXWtOFdtNvnLyuMmEq17h4rRH4Tf9U47rKOq1TjdXJZftvBn676b%2FeeFfyFbMQ%2BoHvB37QOKusTMzqwhSFyu%2F0gmbPb7bCZtBuYdX%2B%2F%2B1KD456EP0DcgJKjI8v%2F3wfig%2BRpffOSLdSmPyNd9JS08JY9MXu%2B9lKZqoM6VGZWA9Jtjtjw7gxIV8dg8l2Zwpg%2BtsTBWBqTLzfArBsd9YmWH%2FnsFOmITMw8TSq%2FhBSD6HoENzcgBIPCcAFLl5Clt6%2BaGxF1w5ROkHHZO7xI6hqTOZ%2BfxZZeve0VquNq0aXhTKZw2pSQ60OoZaGyMs9FOseVLUHXnwMJX4hC4%2FPI0u3LzltoMT%2Bq4J24o7gbL4dJdF8i3XofLcdh%2FMhC6NuROMwjjtTi5QaQiVDaLkJ6jyUk6M8lImHMveQiv0GbfcS348TlkRRt8U5jyLO292OaIuo1U18lHyiYRNFvgmuN8HtBnK7gRV162H7BGz5I9xyDSc8uIKgL2pUkqByBBUlqBRBVRBU%2FXpHaBe6%2BrbQrmTBLIezHNUDUyxt0R1TLMmMbOUH5JmJd573yR9YkfuNbkQlpR0WRXFMW3G3EwjRaXWTOA5FHHQ4nKqh3LGp0nU1Ji%2FsNJGrMTnefwWM7sHpPXD1Imj5Emg1iEMfdHnQ6vpYz%2B5msnJUU1u4JjcphKmRF3Mo1rwtfUCen06xx0NIPlp8NPzig5P%2F7oHbGrmt8aF6QLCkbw6umIpsXzGVI%2Fcv5YVK1TqdTPhqQQs59817cq0yVpw74za%2FfotPgEl555p0xXmaCZUtOfLtaSWEtGeN5ZJ8f85dl%2Bxy6ZZPlzYr8%2FOX3z57Ls2tdE6ZbAiqHsZfgqsxeerCxnR3X%2F78AZQdwpY10nJEZgFl9sDzDbh8tPj3R3%2FdWrb34AyB1UcclnuoynpgQ3b0qdWYhI%2Beg5ajxe%2FuPBm89ucaKKvh5JENTI5%2B%2BOeQv%2BVuYsl6oMUNZGmNvq3R1zWo3oQrnxgUuR0t%2FhpNA0x7A6att8201bcO7XVqvyHbiZ9IP5Qs6bEkpr7oJa0eo71AxqxNAxRuzD899dN%2FAAAA%2F%2F8BAAD%2F%2F86u29iXBAAA HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Cookie: u_pl=16876772; uid_id2=da676dcb-53f3-4b6a-8572-2b2383a72776:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec83aeaa6b3377a47861dd648f772d716c=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 28 Nov 2022 22:52:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1ddc49fbaea6f4f56969242191a60ac0
Strict-Transport-Security: max-age=0; includeSubdomains
tallysaturatesnare.com/fe/3b/32/fe3b3290f0918b728d00df3a681dc665.js
192.243.59.13200 OK 29 kB URL HTTP/1.1 tallysaturatesnare.com/fe/3b/32/fe3b3290f0918b728d00df3a681dc665.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 541720d2daa10cf9b51ee4e5de71bb69
b6b9a1695e59bce9e0abaaac9d2f6cac7d9b832d
e615dfc488e2219d5565ace862baf4b76cc81495b03168a3f81ad2bbeac7ba5d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /fe/3b/32/fe3b3290f0918b728d00df3a681dc665.js HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 28 Nov 2022 22:52:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 84c9658079f5ded2c8f8da3176cbad53
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d02308d366e622aa26e632ea017600cc
c16673d53c20ac70efbda483ca12b4374a76105c
ad8ccb9b049120b7e44a79dcbc9caab326567933cfce70608bc812237319a0ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD8CCB9B049120B7E44A79DCBC9CAAB326567933CFCE70608BC812237319A0EC"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13102
Expires: Tue, 29 Nov 2022 02:31:16 GMT
Date: Mon, 28 Nov 2022 22:52:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c7afa63a2e765a5889feedb036228204
546d048429118d6ff49049b948a6d39c3706b4e1
ce33ebbd5115ffaac9721eacc50f458d369b30dbc875379c5602fe846d078207
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE33EBBD5115FFAAC9721EACC50F458D369B30DBC875379C5602FE846D078207"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4693
Expires: Tue, 29 Nov 2022 00:11:07 GMT
Date: Mon, 28 Nov 2022 22:52:54 GMT
Connection: keep-alive
cdn.cloudimagesb.com/bi/21/36/8c/21368cfd3bd87429f35209612ffb15ef/1668177353.gif
45.133.44.10200 OK 156 kB URL HTTP/2 cdn.cloudimagesb.com/bi/21/36/8c/21368cfd3bd87429f35209612ffb15ef/1668177353.gif
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type GIF image data, version 89a, 300 x 250\012- data
Size 156 kB (156304 bytes)
Hash d699eae0d8e7df3c924ffc8f52b04e9e
10607ae43cb8975304e65d5eb45dcebdfc505836
b6ec5d7c75f1abe4005e7c1e66a1345a97e44c5a14d2662e9594acc53e3f9e4c
GET /bi/21/36/8c/21368cfd3bd87429f35209612ffb15ef/1668177353.gif HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:52:54 GMT
content-type: image/gif
content-length: 156304
server: nginx/1.17.6
last-modified: Fri, 11 Nov 2022 14:36:01 GMT
etag: "636e5dd1-26290"
expires: Wed, 30 Nov 2022 22:52:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3c6c713a6e569b6be734df3c5442f6d4
43dcd58bac78d858d9803004bb155b3828b96768
dd4366f4e239f7d5d0f9cc61a611dd994ac8b25ec0faa273f2c85c19b41dfa87
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DD4366F4E239F7D5D0F9CC61A611DD994AC8B25EC0FAA273F2C85C19B41DFA87"
Last-Modified: Mon, 28 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7948
Expires: Tue, 29 Nov 2022 01:05:22 GMT
Date: Mon, 28 Nov 2022 22:52:54 GMT
Connection: keep-alive
www.officialnd.com/favicon.ico
66.29.146.22404 Not Found 1.2 kB URL HTTP/2 www.officialnd.com/favicon.ico
IP 66.29.146.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: www.officialnd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/cole-van-note-announces-johnson-county-data-breach-investigation-officialnd/?feed_id=42740&_unique_id=6385136460c1f
Cookie: _ga_Y0TGQ6KH7Q=GS1.1.1669675971.1.0.1669675971.0.0.0; _ga=GA1.1.1411466859.1669675971; dom3ic8zudi28v8lr6fgphwffqoz0j6c=da676dcb-53f3-4b6a-8572-2b2383a72776%3A1%3A1; sb_main_83aeaa6b3377a47861dd648f772d716c=1; sb_count_83aeaa6b3377a47861dd648f772d716c=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=wastedinvaluable.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Mon, 28 Nov 2022 22:52:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
wastedinvaluable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=413
192.243.59.13200 OK 0 B URL HTTP/1.1 wastedinvaluable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=413
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=413 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Cookie: u_pl=16876772; uid_id2=da676dcb-53f3-4b6a-8572-2b2383a72776:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec83aeaa6b3377a47861dd648f772d716c=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 28 Nov 2022 22:52:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 627775c3a804fa2b204735ad46d1de68
71155acfaa5212049108b355b07665432467cc1a
937e883cae16f19760094e80022ae925e2723678dfde030638ebd64e72523820
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "937E883CAE16F19760094E80022AE925E2723678DFDE030638EBD64E72523820"
Last-Modified: Sun, 27 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11135
Expires: Tue, 29 Nov 2022 01:58:29 GMT
Date: Mon, 28 Nov 2022 22:52:54 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png
172.64.109.13200 OK 9.4 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png
IP 172.64.109.13:0
File type PNG image data, 240 x 240, 8-bit colormap, non-interlaced\012- data
Hash 910542c04f8bf2f90ee33d17d538a006
18d5943e5d51539038f7988c34bccef2937c5545
5969cb3c5c4f573f5c05035ddf9748ee17d5c71df6fca4e484f65d30e2694e57
GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:52:54 GMT
content-type: image/png
content-length: 9360
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: "612f708f-2490"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1155524
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHj1LZ5Wzb4s%2BqeT2ZKxXhdpeUd7b%2Bf5E1TIVD8dRKOiEpLk%2BUU%2FkAMaX%2FR1q2mcUhgTI6ysPq9WrECG1O5dsNcLfET7DqMFGJPvunYkoDM6OtviTAP6iuxw52jwGaLkKf2NBUEbO%2F7%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7716ad39bd247737-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js
172.64.109.13200 OK 31 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js
IP 172.64.109.13:0
File type ASCII text, with very long lines (32025), with CRLF line terminators
Hash 43699024b9d409a0e5b1bf8f521f0642
92fbb1a5522d50c9d58fb051e6d0c0a5c2f82348
33ca494d91c9a984cf2d8dd0d9daec822933233ecb9a244a65836c9f82a9b91f
GET /sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:52:54 GMT
content-type: application/javascript
last-modified: Wed, 01 Sep 2021 12:22:37 GMT
etag: W/"612f708d-149a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1155524
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlaB9XairJ5JXwME%2FECWjnxDlV9aUTWynGAJ0ekLIaNdGjjMD8DMdhBOwNhXNZweQvSgh3JhYjUqxS9YoLu%2FmOXy75vnPJq02Pm0Qo1uY36V%2F3lSBmf4%2BQNtssKUCcY0YmDK%2BkZdbCbd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7716ad39bd267737-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lightssyrupdecree.com/pixel/purst?dl=0&th=0&sc=0&rs=3727&rd=3727&fd=1058&bv=22.10.v.10&tmpl=136
173.233.137.44200 OK 0 B URL HTTP/1.1 lightssyrupdecree.com/pixel/purst?dl=0&th=0&sc=0&rs=3727&rd=3727&fd=1058&bv=22.10.v.10&tmpl=136
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=3727&rd=3727&fd=1058&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 22:52:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
wastedinvaluable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fanimate.css&l=79249&fd=322
192.243.59.13200 OK 0 B URL HTTP/1.1 wastedinvaluable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fanimate.css&l=79249&fd=322
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fanimate.css&l=79249&fd=322 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Cookie: u_pl=16876772; uid_id2=da676dcb-53f3-4b6a-8572-2b2383a72776:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec83aeaa6b3377a47861dd648f772d716c=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 28 Nov 2022 22:52:55 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
wastedinvaluable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fstyle.css&l=4522&fd=325
192.243.59.13200 OK 0 B URL HTTP/1.1 wastedinvaluable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fstyle.css&l=4522&fd=325
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fstyle.css&l=4522&fd=325 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Cookie: u_pl=16876772; uid_id2=da676dcb-53f3-4b6a-8572-2b2383a72776:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec83aeaa6b3377a47861dd648f772d716c=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 28 Nov 2022 22:52:55 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
wastedinvaluable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fjs%2Fscript.js&l=23003&fd=379
192.243.59.13200 OK 0 B URL HTTP/1.1 wastedinvaluable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fjs%2Fscript.js&l=23003&fd=379
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fjs%2Fscript.js&l=23003&fd=379 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Cookie: u_pl=16876772; uid_id2=da676dcb-53f3-4b6a-8572-2b2383a72776:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec83aeaa6b3377a47861dd648f772d716c=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 28 Nov 2022 22:52:55 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c1e0e890fa0d9f79c9d31d7e51050c45
7c8320ddaac9a281a8e991a370e7f04f56b52667
952ea85225c5754b61c1b640ca341fadec09162769ff53870d86ac578839feea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "952EA85225C5754B61C1B640CA341FADEC09162769FF53870D86AC578839FEEA"
Last-Modified: Sun, 27 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1042
Expires: Mon, 28 Nov 2022 23:10:17 GMT
Date: Mon, 28 Nov 2022 22:52:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c1e0e890fa0d9f79c9d31d7e51050c45
7c8320ddaac9a281a8e991a370e7f04f56b52667
952ea85225c5754b61c1b640ca341fadec09162769ff53870d86ac578839feea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "952EA85225C5754B61C1B640CA341FADEC09162769FF53870D86AC578839FEEA"
Last-Modified: Sun, 27 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1042
Expires: Mon, 28 Nov 2022 23:10:17 GMT
Date: Mon, 28 Nov 2022 22:52:55 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=da676dcb-53f3-4b6a-8572-2b2383a72776&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=fe3b3290f0918b728d00df3a681dc665&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=da676dcb-53f3-4b6a-8572-2b2383a72776&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=fe3b3290f0918b728d00df3a681dc665&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=da676dcb-53f3-4b6a-8572-2b2383a72776&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=fe3b3290f0918b728d00df3a681dc665&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 28 Nov 2022 22:52:55 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 68dee5253fd5aa68fb69472c3822ba28
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=da676dcb-53f3-4b6a-8572-2b2383a72776&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=83aeaa6b3377a47861dd648f772d716c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=da676dcb-53f3-4b6a-8572-2b2383a72776&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=83aeaa6b3377a47861dd648f772d716c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=da676dcb-53f3-4b6a-8572-2b2383a72776&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=83aeaa6b3377a47861dd648f772d716c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 28 Nov 2022 22:52:55 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0e4b1f12dee53ef40c36d177d92127c8
Strict-Transport-Security: max-age=0; includeSubdomains
wastedinvaluable.com/pixel/sbs?c=1
192.243.59.13200 OK 0 B URL HTTP/1.1 wastedinvaluable.com/pixel/sbs?c=1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Cookie: u_pl=16876772; uid_id2=da676dcb-53f3-4b6a-8572-2b2383a72776:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec83aeaa6b3377a47861dd648f772d716c=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 28 Nov 2022 22:52:55 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
wastedinvaluable.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSujhsQPRkEUVRGEIngzvbPzPSMOSzGGAnmjySSi5fqqurZcqu7mqru6dnFw2JUchCc4MVj7ze7WdQQkruizARBBoSMB9mDe%2FLiQRSCOcvMDiw%2BqHqv6vsO7%2Fve%2B2y7OCAuCrp%2F%2BYLelErRlWbdrZ28LlOuS1u7eK3muXX3VO26TFuNU7X%2B7DK9Nz23WXdfr70r2Lpe8V3PdT3Xq52VRsS6vzJHIbM7Ha%2FecesNv%2B41G%2Bib%2F79t4cBSB7x3QE5A8unxtZ%2FvQ7IR0uTeGWHXc5298U5SKJprgx7fez9dT3WZIjkqY%2BMgTvcWbGg7JeSrY9Dp3kIBdG9npgCRnBLnNw9RurdoE1Fv97DTSEGkiPjTKHsjCDWCpCMwfQOSPyQA47h4CWly%2B6I2Jd04ROkMnZKlx48gyylZ%2Bv1ZpMnd00r2a1e1KnKpU4t%2BXEH2R5DdEbJijHzTgSzHYPnHkPwXsvL4PNJk55JVGpLvv8ppK2xxFi03gzhYbkQtutxuhv6yH%2FlBO6ChH4atuUVSjiDjEZQYgFoHxexIB0XsoMgcJHy%2FRpud2HXDOIqDoN1gjAUBY812izd50GjHLgo20zBAng3A1ADMbCEzW1iXtx42T8AUP8KuVbDcgc0JerxCKQhKS1BSglISlDlB2at2ubK%2BrW5zZYvIW2R%2FkYNqqPPuNt3VeVekZDs7IM%2FMvHOcT%2F7AutivtQMqKG1FQRCGtBG2Wx7nrUY7DkOfh16LwcoK0h6bK92UU%2FLCbh2ZnJLjvVcQ0TGsGoPJF0GLl0DLYei7oGvDRtvFZno3FaWliprc1plOwHWFLF9CvuFsqwPy%2FHyKHeZDsMnqo9EXH5z8dwxmKmSmwofyAUFX3Rxe0SXZuaJLS%2B5fynKZyE06m%2FDVnOZi6Zv3xEapDT93xg6%2BfovNgFl555qw%2BXmacpl2Lfn2tORcmLPaMEG%2BP2evi%2BhyYddOFyYtsvOX3z57LsmMsFbqdAQqH4ZfgskpeerC1nx3X%2F78AaQZwRQVkmJCFgGpx2DZFmw2Wf37o79urZl7sJrAqCNOlDkoi2po%2FOjoU8kp8R89ByUmq9%2FdedJ77c8N0KiCFUc2RGLywz%2BH%2FG17E13jgOY3kCYVeqZCT1WgagBbPDHMMzNZ%2FTWYByLlDCNlnJ1IGXXr0F4r92tNryHaUTtknEeCcS%2BcbbXr%2Bpw3wo7wOsjtlH166qf%2FAAAA%2F%2F8BAAD%2F%2F9qmVT6XBAAA
192.243.59.13200 OK 7 B URL HTTP/1.1 wastedinvaluable.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSujhsQPRkEUVRGEIngzvbPzPSMOSzGGAnmjySSi5fqqurZcqu7mqru6dnFw2JUchCc4MVj7ze7WdQQkruizARBBoSMB9mDe%2FLiQRSCOcvMDiw%2BqHqv6vsO7%2Fve%2B2y7OCAuCrp%2F%2BYLelErRlWbdrZ28LlOuS1u7eK3muXX3VO26TFuNU7X%2B7DK9Nz23WXdfr70r2Lpe8V3PdT3Xq52VRsS6vzJHIbM7Ha%2FecesNv%2B41G%2Bib%2F79t4cBSB7x3QE5A8unxtZ%2FvQ7IR0uTeGWHXc5298U5SKJprgx7fez9dT3WZIjkqY%2BMgTvcWbGg7JeSrY9Dp3kIBdG9npgCRnBLnNw9RurdoE1Fv97DTSEGkiPjTKHsjCDWCpCMwfQOSPyQA47h4CWly%2B6I2Jd04ROkMnZKlx48gyylZ%2Bv1ZpMnd00r2a1e1KnKpU4t%2BXEH2R5DdEbJijHzTgSzHYPnHkPwXsvL4PNJk55JVGpLvv8ppK2xxFi03gzhYbkQtutxuhv6yH%2FlBO6ChH4atuUVSjiDjEZQYgFoHxexIB0XsoMgcJHy%2FRpud2HXDOIqDoN1gjAUBY812izd50GjHLgo20zBAng3A1ADMbCEzW1iXtx42T8AUP8KuVbDcgc0JerxCKQhKS1BSglISlDlB2at2ubK%2BrW5zZYvIW2R%2FkYNqqPPuNt3VeVekZDs7IM%2FMvHOcT%2F7AutivtQMqKG1FQRCGtBG2Wx7nrUY7DkOfh16LwcoK0h6bK92UU%2FLCbh2ZnJLjvVcQ0TGsGoPJF0GLl0DLYei7oGvDRtvFZno3FaWliprc1plOwHWFLF9CvuFsqwPy%2FHyKHeZDsMnqo9EXH5z8dwxmKmSmwofyAUFX3Rxe0SXZuaJLS%2B5fynKZyE06m%2FDVnOZi6Zv3xEapDT93xg6%2BfovNgFl555qw%2BXmacpl2Lfn2tORcmLPaMEG%2BP2evi%2BhyYddOFyYtsvOX3z57LsmMsFbqdAQqH4ZfgskpeerC1nx3X%2F78AaQZwRQVkmJCFgGpx2DZFmw2Wf37o79urZl7sJrAqCNOlDkoi2po%2FOjoU8kp8R89ByUmq9%2FdedJ77c8N0KiCFUc2RGLywz%2BH%2FG17E13jgOY3kCYVeqZCT1WgagBbPDHMMzNZ%2FTWYByLlDCNlnJ1IGXXr0F4r92tNryHaUTtknEeCcS%2BcbbXr%2Bpw3wo7wOsjtlH166qf%2FAAAA%2F%2F8BAAD%2F%2F9qmVT6XBAAA
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSujhsQPRkEUVRGEIngzvbPzPSMOSzGGAnmjySSi5fqqurZcqu7mqru6dnFw2JUchCc4MVj7ze7WdQQkruizARBBoSMB9mDe%2FLiQRSCOcvMDiw%2BqHqv6vsO7%2Fve%2B2y7OCAuCrp%2F%2BYLelErRlWbdrZ28LlOuS1u7eK3muXX3VO26TFuNU7X%2B7DK9Nz23WXdfr70r2Lpe8V3PdT3Xq52VRsS6vzJHIbM7Ha%2FecesNv%2B41G%2Bib%2F79t4cBSB7x3QE5A8unxtZ%2FvQ7IR0uTeGWHXc5298U5SKJprgx7fez9dT3WZIjkqY%2BMgTvcWbGg7JeSrY9Dp3kIBdG9npgCRnBLnNw9RurdoE1Fv97DTSEGkiPjTKHsjCDWCpCMwfQOSPyQA47h4CWly%2B6I2Jd04ROkMnZKlx48gyylZ%2Bv1ZpMnd00r2a1e1KnKpU4t%2BXEH2R5DdEbJijHzTgSzHYPnHkPwXsvL4PNJk55JVGpLvv8ppK2xxFi03gzhYbkQtutxuhv6yH%2FlBO6ChH4atuUVSjiDjEZQYgFoHxexIB0XsoMgcJHy%2FRpud2HXDOIqDoN1gjAUBY812izd50GjHLgo20zBAng3A1ADMbCEzW1iXtx42T8AUP8KuVbDcgc0JerxCKQhKS1BSglISlDlB2at2ubK%2BrW5zZYvIW2R%2FkYNqqPPuNt3VeVekZDs7IM%2FMvHOcT%2F7AutivtQMqKG1FQRCGtBG2Wx7nrUY7DkOfh16LwcoK0h6bK92UU%2FLCbh2ZnJLjvVcQ0TGsGoPJF0GLl0DLYei7oGvDRtvFZno3FaWliprc1plOwHWFLF9CvuFsqwPy%2FHyKHeZDsMnqo9EXH5z8dwxmKmSmwofyAUFX3Rxe0SXZuaJLS%2B5fynKZyE06m%2FDVnOZi6Zv3xEapDT93xg6%2BfovNgFl555qw%2BXmacpl2Lfn2tORcmLPaMEG%2BP2evi%2BhyYddOFyYtsvOX3z57LsmMsFbqdAQqH4ZfgskpeerC1nx3X%2F78AaQZwRQVkmJCFgGpx2DZFmw2Wf37o79urZl7sJrAqCNOlDkoi2po%2FOjoU8kp8R89ByUmq9%2FdedJ77c8N0KiCFUc2RGLywz%2BH%2FG17E13jgOY3kCYVeqZCT1WgagBbPDHMMzNZ%2FTWYByLlDCNlnJ1IGXXr0F4r92tNryHaUTtknEeCcS%2BcbbXr%2Bpw3wo7wOsjtlH166qf%2FAAAA%2F%2F8BAAD%2F%2F9qmVT6XBAAA HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Cookie: u_pl=16876772; uid_id2=da676dcb-53f3-4b6a-8572-2b2383a72776:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec83aeaa6b3377a47861dd648f772d716c=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 28 Nov 2022 22:52:55 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c988ee1be530fa1c847650d9fdd4195c
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg
IP 172.64.109.13:0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:52:54 GMT
content-type: image/svg+xml
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: W/"612f708f-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1155524
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hiYGbs8fbtCVZRCihmJ3%2FQ1uUPIS182X0hRWPzJo4g5RPO43K6MHVTKMFGDYVsOoWmSo218hh554ym%2BIIhgaees3IGHZIJ606TijBgJGYGJcwhGBIZ4iobnhGKQOwwEQ7PqOu1YK3dUw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7716ad39bd1c7737-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css
IP 172.64.109.13:0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.officialnd.com
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:52:54 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-11aa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOQwPGCChn0NpOhvCsXhH93TZjvXxK%2FwEHDqSya4gz6snmNR0BcY9Gez3DTkyNUeGavNPdEmSPEbmVm%2BcOkvx3gBrzB4AbWle%2FofRRAIiChH61JG5o%2BaG2CHPRmFNv2OCCKZOkd7HChR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7716ad397cc37737-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 22:52:51 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Tue, 28 Nov 2023 22:52:51 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.5.1/css/jetpack.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/css/jetpack.css
IP 192.0.77.37:0
GET /p/jetpack/11.5.1/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 22:52:51 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 25 Oct 2022 13:51:34 GMT
content-encoding: br
expires: Tue, 28 Nov 2023 22:52:51 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
stats.wp.com/e-202248.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202248.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 22:52:51 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Mon, 20 Nov 2023 01:50:03 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
www.officialnd.com/cole-van-note-announces-johnson-county-data-breach-investigation-officialnd/?feed_id=42740&_unique_id=6385136460c1f
66.29.146.22200 OK 0 B URL HTTP/2 www.officialnd.com/cole-van-note-announces-johnson-county-data-breach-investigation-officialnd/?feed_id=42740&_unique_id=6385136460c1f
IP 66.29.146.22:0
GET /cole-van-note-announces-johnson-county-data-breach-investigation-officialnd/?feed_id=42740&_unique_id=6385136460c1f HTTP/1.1
Host: www.officialnd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
x-pingback: https://www.officialnd.com/xmlrpc.php
link: <https://www.officialnd.com/wp-json/>; rel="https://api.w.org/", <https://www.officialnd.com/wp-json/wp/v2/posts/37705>; rel="alternate"; type="application/json", <https://www.officialnd.com/?p=37705>; rel=shortlink
etag: "68301-1669665642;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 22:52:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 22:52:51 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Tue, 28 Nov 2023 22:52:51 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 22:52:51 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Tue, 28 Nov 2023 22:52:51 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.141.24200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.141.24:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:52:52 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 19d851f71d72e082635eb2ca89cbb6fb
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 28 Nov 2022 22:52:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gOE6tIroYDG89sYy0nzLmw7r6ENvCaFlG09Hmk0InNXAYkHid4oswlXQKaaRzV9h6Ifd38ENNCfMQWy7Ir%2FOYWjmTjqB4hhrx6MRP9iO3sKJgcLGlnO4oLlspcOBrb39HII7xg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7716ad2c1a0a7714-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/interstitial/software/flashPlayer/mac/multi/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.officialnd.com
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:52:54 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 01 Sep 2021 12:22:33 GMT
etag: W/"612f7089-cfb"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Mon, 28 Nov 2022 23:52:54 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css
IP 172.64.109.13:0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.officialnd.com
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:52:54 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAGnYJN2%2Bbxs%2FKk2h9FO2O9RN9DGZ6Bt7i9obLt8S%2FKutzkvlny7WgbEdqULjkbSZl378nuMqWh%2By0jFVjrjtiIqAWe6Lj5CUYN19h7dCUsKbsfvpEqbIMmKV7v5i1Vu4ebHaujNPPKl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7716ad397cba7737-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js
IP 172.64.109.13:0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.officialnd.com
Connection: keep-alive
Referer: https://www.officialnd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:52:55 GMT
content-type: application/javascript
last-modified: Wed, 01 Sep 2021 12:22:36 GMT
etag: W/"612f708c-7082"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNCPftpAPndJghFd6we4iE5z%2F5OKrVJrCB7xm2VdVb%2BQ%2BNbQGxFFLNStM2xHQNFquOnrfgvRbZ%2FaVt2d%2B3YaL8djiiEEIy%2FS9EvwbGI3%2FoWc0vdXFKHjxW57HFTiVDdtl8VkcQRGMVoz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7716ad3a4e557737-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2