firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 07:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8kqZvkfGb_NQNpfQH0-NxjokY5JT78UzCZiIxoyw1ynpQNi-Czh5Pg==
Age: 2485
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6931
Expires: Fri, 23 Sep 2022 09:51:03 GMT
Date: Fri, 23 Sep 2022 07:55:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash afb65a07bf7214addf83d17a53acba32
a8e973204431320aa7b362a4e73944520c4b51b9
46e1a9e6c98245afb7fa84bc6d9ba6844105024e2d3f56e28748e6c321475d02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2822
Expires: Fri, 23 Sep 2022 08:42:34 GMT
Date: Fri, 23 Sep 2022 07:55:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GSVXMa8F5VTHuBgMLOldkLtH5hhLhqtFBLR1I/2gBKx9kZZlLLWMT9duXLPr+ctegX9HaX9rgjFkWvtNcrGrQg==
x-amz-request-id: KMNTVCGQ4X258DAZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Sep 2022 07:44:16 GMT
age: 676
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 07:55:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 23 Sep 2022 07:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 23 Sep 2022 07:25:29 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LQucxO7BaHTHNqU1lQycbzUhc3BG-ykaIwSzdmJUwD5eyKClY1Rv8A==
Age: 3130
ocsp.digicert.com/
200 OK 471 B IP
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1687
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:55:32 GMT
Last-Modified: Fri, 23 Sep 2022 07:27:25 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
insuringfla.com/
301 Moved Permanently 0 B IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 23 Sep 2022 07:55:32 GMT
Server: Apache
X-Powered-By: PHP/7.3.33
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://insuringfla.com/
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8VAWhFNGNbamn5XQy6TsmQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ik5sqONEmL0uE5vAIw6eQG8a/d4=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3958
Expires: Fri, 23 Sep 2022 09:01:32 GMT
Date: Fri, 23 Sep 2022 07:55:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3958
Expires: Fri, 23 Sep 2022 09:01:32 GMT
Date: Fri, 23 Sep 2022 07:55:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3958
Expires: Fri, 23 Sep 2022 09:01:32 GMT
Date: Fri, 23 Sep 2022 07:55:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3958
Expires: Fri, 23 Sep 2022 09:01:32 GMT
Date: Fri, 23 Sep 2022 07:55:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac33f06-9198-44a5-b43b-9cbcc092cf52.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac33f06-9198-44a5-b43b-9cbcc092cf52.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1eab8da8cc1495a0221efadddd1a0bcc
4156c37b612d5fb99c6b061187a3cb0b314ae4a8
2fc5dbd9216f775cd305de80d17db2e6c74abcb1e30bfa7065c4d763a7345026
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac33f06-9198-44a5-b43b-9cbcc092cf52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9481
x-amzn-requestid: d527d22a-6822-4b90-b9cb-034f58f73c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0IGl7oAMFSKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4e7-13a676d9596cbd20663d2d8f;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V8vtLV7n0bPpR5xQtqcH6WK7uBV4ObaMdy_9qN_TtISqAozEwPe0hA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:15 GMT
age: 35059
etag: "4156c37b612d5fb99c6b061187a3cb0b314ae4a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b877ead4a15221fdd278ef27f281a7ec
48c10714503e8dfdd3e3c3d39b919ef2792f0d15
f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:28 GMT
age: 35286
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 2ff2c324-51c5-484d-b049-3eacbdc1024a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yyj8THHdoAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a804e-0f4da4ba2a84679b3fd297fc;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 03:09:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z0uCxl-5L4gijwJsCjssxmgnJr4yhzvtiZdcX4wOXzgiuh8-Yj92vg==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 04:32:56 GMT
age: 12158
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd24d050-0f4e-43ea-b109-09eb13cf70e5.jpeg
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd24d050-0f4e-43ea-b109-09eb13cf70e5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d540596f820baceec10c6f88915b4b31
a0446558f4fb73d9f0ef044f19c901f8da94583e
26a61b39202e89bf8a92401ba9c3f04c3891ab96350fb6e9584ae8049824d605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd24d050-0f4e-43ea-b109-09eb13cf70e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6984
x-amzn-requestid: ec7457c0-b12b-4d17-b8ed-0c94d0c2ffda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y1-EWzIAMF7nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-4403cf134c3da3fc3c5dcc48;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1-TYuqDumtvV9U1bfgBkD1RA7w0T0p8w5g_CGb-t_nE3Bq2JtXM2kg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:09:45 GMT
age: 35149
etag: "a0446558f4fb73d9f0ef044f19c901f8da94583e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b318ea5c36d2b22b925f7dfe382df5f
0264e73c4cfff0bb255757c7e1c760a5ad3ece80
0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 35048
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7606ff88f05062b66970d9805f38987a
d47db5fcd83023b4a8de40a47d4510e183de387a
20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8497
x-amzn-requestid: 8543ac70-48ab-4523-856f-5d5fa1191c97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yin-pEryoAMFTfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324205d-660bba3f655f940d143bc437;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:06:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e9KUFhjuFMzjuh37rFiNKaMNVaGZwPGBkLrv0zgfSTT7dCIuWj4G9Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:27 GMT
age: 35047
etag: "d47db5fcd83023b4a8de40a47d4510e183de387a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
insuringfla.com/
200 OK 25 kB IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (26341)
Hash 3569744c5f242e16789d1c13d82d5ed3
e595c9dc65e349852110cf3d7a0dff5861b7d207
f5de46007a092c00bcd710176c402cb368dcd38936afc4d4e9c98d76cfbade29
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.3.33
link: <https://insuringfla.com/wp-json/>; rel="https://api.w.org/", <https://insuringfla.com/wp-json/wp/v2/pages/309>; rel="alternate"; type="application/json", <https://insuringfla.com/>; rel=shortlink
vary: Accept-Encoding
content-encoding: br
content-length: 24913
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 07:55:33 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-content/et-cache/309/et-divi-dynamic-309-late.css?ver=1663338112
200 OK 961 B URL HTTP/2 insuringfla.com/wp-content/et-cache/309/et-divi-dynamic-309-late.css?ver=1663338112
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (4768)
Hash 668ee1e3dde9b56d09b6b09b2212938b
41b79c7facda81497864a6b5765dd8039778e7fd
975c78f34a2fed618e687dbdabeaf3f6e4fb38669d21980b7170270573496a76
GET /wp-content/et-cache/309/et-divi-dynamic-309-late.css?ver=1663338112 HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Sep 2022 14:21:52 GMT
etag: "1820de3-1510-5e8cc155a4b55-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 961
content-type: text/css
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.6.7
200 OK 340 B URL HTTP/2 insuringfla.com/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.6.7
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (3860), with no line terminators
Hash 08ecbbd9a4a0f7977713dc51870bbf31
50cfb84b45d20b37b2de3f570a4121de500d7396
7baff0f1f2b26e248dce62c5367da8a4f4f6ff6ee5828c8d00f8825e0f0b7468
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.6.7 HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 18:55:10 GMT
etag: "248184c-f14-5e94899c6bbb6-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 340
content-type: text/css
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.6.7
200 OK 1.0 kB URL HTTP/2 insuringfla.com/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.6.7
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (8407), with no line terminators
Hash 6c9fc3db1073dc79f6d72b9a54520863
7cb1600a4760366dcd635de2c8278cf66314a2ee
b14a9f4389fbca7903a35db3342368d9421121ffbea6c78eb13ae99a5cec0ae1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.6.7 HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 18:55:10 GMT
etag: "2481843-20d7-5e94899c6b7ce-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1049
content-type: text/css
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.6.7
200 OK 12 kB URL HTTP/2 insuringfla.com/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.6.7
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash dc2f9a65b5e717fce79836c44781ebf0
7428dfe66d25251ab430290244b581aa6c2d3de7
80e725bceb250f41cb9be26c80193e2f705bd3dbef80ccc2de471bb5248fcae0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.6.7 HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 18:55:10 GMT
etag: "2481849-13aba-5e94899c6bbb6-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 11667
content-type: text/css
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.6.7
200 OK 3.2 kB URL HTTP/2 insuringfla.com/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.6.7
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (30749), with no line terminators
Hash 72afcee797bcb152db30ea4fbadbf971
a64925bf3f4c166e02b3fe803da1094032a5c239
2589840896fc6fc2ba4f7202aac444af3b86117551e48c816477c7823423b21e
GET /wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.6.7 HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 18:55:10 GMT
etag: "2481852-781d-5e94899c6bbb6-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3197
content-type: text/css
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.7
200 OK 882 B URL HTTP/2 insuringfla.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.7
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1840), with no line terminators
Hash ae47d446cb8ff663a0afe71046841b7e
10cec1629ee2d7e66ec6e71e4f727c57b52d86f5
2c38bf5ad105b3244ef5550eb9c073215e51d57e9d1edf6ff065b89ceca5b175
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.7 HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 18:55:10 GMT
etag: "24a07c9-730-5e94899c6cf3e-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 882
content-type: application/javascript
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.0 kB URL HTTP/2 insuringfla.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (11126)
Hash 1fbb59519536e28eeb7ae7173973c39f
f6542c5d0f96f621eea4f3cb442021dfe33863fa
b1b54befd52c3605721bf8b5a6c0290c572929138358738826873751256b191c
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: "1862334-2bd8-5b45debe27b80-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3998
content-type: application/javascript
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1663337979
200 OK 695 B URL HTTP/2 insuringfla.com/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1663337979
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1899), with no line terminators
Hash 224dae65437a455907a8bb2e7c6c2ba6
dbee500e74baa9a516f7b3550e0dc3e9fedc4190
4409af9d02060dfda4375e9af495fd14e6ba670de7099fead1fd49f1444d1039
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1663337979 HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Sep 2022 14:19:39 GMT
etag: "1820de0-76b-5e8cc0d6df842-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 695
content-type: text/css
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
200 OK 30 kB URL HTTP/2 insuringfla.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65447)
Hash d5935cacfd471ce64891335a0e163f0f
883b406801168b978994e8d8c7f252a31321cf61
caea13ed31fcdedf7f54e2383e8a64c1d86d6767c11f227c046ab2952a7d3ce9
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
etag: "186233c-15db1-5bd3006388300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 30310
content-type: application/javascript
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.7
200 OK 13 kB URL HTTP/2 insuringfla.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.7
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (44329), with no line terminators
Hash 061ae77d800c869d12b540164991c84b
227e0a2949b1a6c6f2b8a90451f267d1d568f304
5559cea50ab14d0253be285840fd570fe5a9ab18ac3f3e849283e10d79b96a8d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.7 HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 18:55:10 GMT
etag: "24a07d6-ad29-5e94899c6d326-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 12822
content-type: application/javascript
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-includes/js/dist/dom-ready.min.js?ver=ecda74de0221e1c2ce5c57cbb5af09d5
200 OK 551 B URL HTTP/2 insuringfla.com/wp-includes/js/dist/dom-ready.min.js?ver=ecda74de0221e1c2ce5c57cbb5af09d5
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1222)
Hash 0abbaff5cf80978ed6e99950ac07225a
5745e028541a7e9567cfb88f8bdc91689868d430
5cbbc0e4e5a9b719271d792272cb9dec9f89f206be14d0bd23cbc100a2327150
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/dom-ready.min.js?ver=ecda74de0221e1c2ce5c57cbb5af09d5 HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 May 2021 00:17:06 GMT
etag: "18018d1-4e9-5c344ade1c480-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 551
content-type: application/javascript
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
200 OK 2.3 kB URL HTTP/2 insuringfla.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (6494), with no line terminators
Hash 64fcbf4f0f2ff0fdbd1d0357d9b14c80
695b5047aebad8d9758b4035904f9355712c2d07
a39e9a026574d6cdc79847f959710a17772a18d8cde300126e7b53b4134669ef
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Nov 2021 16:35:13 GMT
etag: "1a02a70-195e-5d0d6649ad240-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2334
content-type: application/javascript
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-includes/js/dist/a11y.min.js?ver=68e470cf840f69530e9db3be229ad4b6
200 OK 1.1 kB URL HTTP/2 insuringfla.com/wp-includes/js/dist/a11y.min.js?ver=68e470cf840f69530e9db3be229ad4b6
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (3033)
Hash 60abf48dbfa544945a43e2990f6d701c
a3783207b476fd37f835818973ce01bf1ced130e
84bd1f433f29a6ab02bb4b222f5eedae8b1c8d8191c8dc9f94e0c2c44a76558c
GET /wp-includes/js/dist/a11y.min.js?ver=68e470cf840f69530e9db3be229ad4b6 HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
etag: "18018ad-bfd-5d0d3402e3440-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1069
content-type: application/javascript
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834
200 OK 3.8 kB URL HTTP/2 insuringfla.com/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 2aa0b83248ad5588d6726f678ee44a06
11abf5704cac01059784ca06c34c535b77421a35
7de2be1d0c5c3b70a570bfa96a0826bb0b51d267f658debf4343a26c16c4b4ff
GET /wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834 HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
etag: "18018e7-28a7-5d0d3402e3440-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3814
content-type: application/javascript
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.6.7
200 OK 1.6 kB URL HTTP/2 insuringfla.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.6.7
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (4610)
Hash e4fcebbec92b84d43e700d5ae6c71651
20be94200acec1130fa8ac9abd0c6d092e264392
f406008340075735432193aa32121cc81f000532bec595f1431b101abc23daa0
GET /wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.6.7 HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 18:55:10 GMT
etag: "24a07ec-121f-5e94899c6daf6-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1604
content-type: application/javascript
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:55:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
insuringfla.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
200 OK 6.8 kB URL HTTP/2 insuringfla.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (19111)
Hash 8aa9a8a4750b4f0fb7aec238b2ece3c1
2a1295b876aeab755668b714113edef08b989d08
d3da0b21783538c746068229d435e5cc29bd726c9450f349c8699d7307669bc0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
etag: "1a02a80-4b3d-5d0d3402e3440-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 6826
content-type: application/javascript
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.17.3
200 OK 490 B URL HTTP/2 insuringfla.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.17.3
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash ee17d99496ac4821e1587463b0a885ef
517237695d013cfd58c436443b1e3c4279cbb3e5
609ad33eeffca0d77419ac5f83bc391a27db80b25f57512886d4a46b96271b70
GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.17.3 HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Apr 2022 18:58:52 GMT
etag: "1be19cf-53f-5dd9348a11300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 490
content-type: application/javascript
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-content/uploads/2016/10/69980756-florida-health-insurance-renew-white_03h01903h011000004.png
200 OK 3.0 kB URL HTTP/2 insuringfla.com/wp-content/uploads/2016/10/69980756-florida-health-insurance-renew-white_03h01903h011000004.png
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 125 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash d2cf11bb298d707e75a6bc74484a22d5
9f4044ec791c5fa548caa883faf69949a871f88f
2431ae1b38c15bf56aad26d9aed58c949ff7653c0f59e5480e7cf8190160cf59
GET /wp-content/uploads/2016/10/69980756-florida-health-insurance-renew-white_03h01903h011000004.png HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 12 Oct 2016 10:43:53 GMT
etag: "25c1b25-bd1-53ea8ab4e0c40"
accept-ranges: bytes
content-length: 3025
content-type: image/png
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-content/plugins/gravityforms/js/jquery.maskedinput.min.js?ver=2.6.7
200 OK 1.7 kB URL HTTP/2 insuringfla.com/wp-content/plugins/gravityforms/js/jquery.maskedinput.min.js?ver=2.6.7
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (4210), with no line terminators
Hash 700e38086a580407f004f9d300cc4a3f
2554cae4504dc91b1e39d69d81527a93937b9248
262adb9690952026e01bb2971e71feb9c4d79770bac2b24663a7222a87a7aa94
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/js/jquery.maskedinput.min.js?ver=2.6.7 HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 18:55:10 GMT
etag: "24a07be-1072-5e94899c6cb56-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1717
content-type: application/javascript
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c
200 OK 1.8 kB URL HTTP/2 insuringfla.com/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (5655)
Hash 1d248bbbb64e1cdc59d315f8c181b857
b5575c7ff4f354f0293358fca63bd8bfad79041f
1e40fb36abd7a987a1f4758089403f2779a9231dcb140df685d25bdc456a8c20
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
etag: "18018e3-163a-5d0d3402e3440-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1782
content-type: application/javascript
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:55:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:55:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yourlowquote.com/wp-content/uploads/2016/09/8b326ad5-florida-health-insurance-renew.png
200 OK 8.0 kB URL HTTP/2 yourlowquote.com/wp-content/uploads/2016/09/8b326ad5-florida-health-insurance-renew.png
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 336 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 20ef5709964d87331738a0f0e308692b
dcf76dcfee73de6c4d705bd7e040c03efec0b786
d3a53a04f007f2d8929fcc3ba47f7013f2ece8921957a73ff9d98119200138d5
GET /wp-content/uploads/2016/09/8b326ad5-florida-health-insurance-renew.png HTTP/1.1
Host: yourlowquote.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 27 Sep 2016 12:39:38 GMT
etag: "27c0e12-1f55-53d7c89a3b680"
accept-ranges: bytes
content-length: 8021
content-type: image/png
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-T3P7G8
200 OK 48 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-T3P7G8
IP
File type ASCII text, with very long lines (4936)
Hash c09e184afca15434c77792c06e4b5047
a910a3c457c30b7cdd3249aabf3693935f0070b8
33ae2a561db912a5653ada35d2c8a852e53075082135f2c672f2498c2a1b8710
GET /gtm.js?id=GTM-T3P7G8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Sep 2022 07:55:35 GMT
expires: Fri, 23 Sep 2022 07:55:35 GMT
cache-control: private, max-age=900
last-modified: Fri, 23 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47645
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4i.woff2
200 OK 56 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4i.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 56348, version 1.0\012- data
Hash 441a81103fda7f9c3b41cffd77d8c65c
3a2d883b3fc09a347376088e206f5e0fd17aab72
52a27a6a1c1821efdf20d91ece59d5f29ba3ba28cc8480e2f73f3007216e7729
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4i.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://insuringfla.com
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 56348
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 18:53:50 GMT
expires: Tue, 19 Sep 2023 18:53:50 GMT
cache-control: public, max-age=31536000
age: 306105
last-modified: Mon, 15 Aug 2022 18:12:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4i.woff2
200 OK 55 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4i.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 54576, version 1.0\012- data
Hash 85cb2c73cbeffb7cb359827c68b20e91
a89fb47d4a581c6e2e3cc622f3410d0d9fe9d6a4
bba8d203d019c6f11367d6279cdeb0efbc5895b75dfa68a008686d22194e8d67
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4i.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://insuringfla.com
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 54576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 18:53:50 GMT
expires: Tue, 19 Sep 2023 18:53:50 GMT
cache-control: public, max-age=31536000
age: 306105
last-modified: Mon, 15 Aug 2022 18:16:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:55:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:55:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
insuringfla.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.17.3
200 OK 57 kB URL HTTP/2 insuringfla.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.17.3
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65467)
Hash 87ba7c925ed2c8024ff5fadcdf6ab2a2
51465c9c5dcc4070153b57f677cbade4a3f22261
bde25af2ba357dc499fc77fd3009bbdbb1c69091777f83c6ef5458e46966ced1
GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.17.3 HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Apr 2022 18:58:52 GMT
etag: "18429e2-42cce-5dd9348a11300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 56918
content-type: application/javascript
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ab9170d59e1c01422d2c55356248b569
0df99ca360de0b69a7e79d8e79b6383fec4a5453
7747cc09f59efbc03c3663c9be6bb63248a43f8f310c1bae1466255e83a72455
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:55:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
File type ASCII text, with very long lines (32065)
Hash 6d973c8b7e2439d958e09c0a1ab9fe50
05ae0830200c20b9a2dfd5a825adc400481a60fb
f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 20:21:06 GMT
expires: Tue, 19 Sep 2023 20:21:06 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 300870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
insuringfla.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
200 OK 36 kB URL HTTP/2 insuringfla.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, modules \012- data
Hash 9dad0aa94f2545b721f81541b60fb879
2080e5261d6cb799690c3d099e4c730361e8f333
1e2835821a64834c924c1df23cdd9b3f2b242deceae4a4dcbb569b86e70d07e2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/wp-content/et-cache/309/et-divi-dynamic-309-late.css?ver=1663338112
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Apr 2022 18:58:52 GMT
etag: "1c40cad-168f0-5dd9348a11300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 36317
content-type: font/ttf
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-content/et-cache/309/et-divi-dynamic-309-late.css
200 OK 961 B URL HTTP/2 insuringfla.com/wp-content/et-cache/309/et-divi-dynamic-309-late.css
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (4768)
Hash 668ee1e3dde9b56d09b6b09b2212938b
41b79c7facda81497864a6b5765dd8039778e7fd
975c78f34a2fed618e687dbdabeaf3f6e4fb38669d21980b7170270573496a76
GET /wp-content/et-cache/309/et-divi-dynamic-309-late.css HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Sep 2022 14:21:52 GMT
etag: "1820de3-1510-5e8cc155a4b55-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 961
content-type: text/css
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ab9170d59e1c01422d2c55356248b569
0df99ca360de0b69a7e79d8e79b6383fec4a5453
7747cc09f59efbc03c3663c9be6bb63248a43f8f310c1bae1466255e83a72455
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:55:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.0/jquery.mask.min.js
200 OK 2.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.0/jquery.mask.min.js
IP
File type ASCII text, with very long lines (532)
Hash c733180c857b5e80f8efdb0cef960fe8
185d1e1af6afd2ad90be9be6e1c0a7641561c443
26340ad563e459757a5b66abd966b61f33d96e732c095bf1c89ebc42e8b14cc9
GET /ajax/libs/jquery.mask/1.14.0/jquery.mask.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 07:55:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 2384
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-18ae"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 728285
expires: Wed, 13 Sep 2023 07:55:36 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVCBQZVV90wIpIeYVM4k1nRH1FN1WekYEI5soOcliEh0Yk4aBPn2MFa0%2BFpKZSppo9MPTxz5FDvCSTMmzZa%2B3IjNi58EjafazF9PzpoR3RR24qqypK2WQvoAZFGo32WDT4b6otv3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f1b80f5f93b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
insuringfla.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.4
200 OK 10 kB URL HTTP/2 insuringfla.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.4
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (39791)
Hash fa010c5c4f35423b2ee713efc7a10726
70d72cf774bdfd56b3ada4f5f1daf58c32e5b3a8
c2dcf4191030910e4a285d074e16fc98848d3cf32744c23a110f90a9bcdb43f6
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9.4 HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Mar 2022 11:30:25 GMT
etag: "b43257-145db-5db6ddf21b640-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 10546
content-type: text/css
date: Fri, 23 Sep 2022 07:55:36 GMT
server: Apache
X-Firefox-Spdy: h2
yourlowquote.com/wp-content/uploads/2016/09/FLA-1.png
200 OK 127 kB URL HTTP/2 yourlowquote.com/wp-content/uploads/2016/09/FLA-1.png
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 500 x 476, 8-bit/color RGBA, non-interlaced\012- data
Size 127 kB (126581 bytes)
Hash 2b3332b3d1de18bf13a8213ea9b715fa
baa19b5ac1484c1f4e120fab615fe4af4c047f7c
6c977ec06dc886a66f20babd2e483377b70646661e2f70d83173a6cb7a1156e3
GET /wp-content/uploads/2016/09/FLA-1.png HTTP/1.1
Host: yourlowquote.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 27 Sep 2016 14:21:16 GMT
etag: "27c0e20-1ee75-53d7df51bcf00"
accept-ranges: bytes
content-length: 126581
content-type: image/png
date: Fri, 23 Sep 2022 07:55:35 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 088fd54c49c3761d7537bd8ceadf8af4
c450a99446fadeaa81f2426367b7d200d11ef67d
9e171b74ae7c3f96a03cf14f423b05ab0ad7329844061b9200d81f6bc381a561
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3770
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:55:36 GMT
Last-Modified: Fri, 23 Sep 2022 06:52:46 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Fri, 23 Sep 2022 06:41:09 GMT
expires: Fri, 23 Sep 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 4467
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 9ecd89752214ef749272eef344b9089a
70a58a49c08934265ee34c74efb01d6b3124095d
f76c51487e348977288fcaf83984cd8fe4e73758cc352402774d9eb94680d528
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: l3rvw2bm/H8/saR/PdOC6npd+etmkEcgFPp053ZQmZ8q7zfb0kPZJMY6AdCB8tC/xFXzCn7kPZJ4I7zaMkmzZA==
priority: u=3,i
content-length: 26839
x-fb-trip-id: 1679558926
date: Fri, 23 Sep 2022 07:55:36 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j97&a=849507407&t=pageview&_s=1&dl=https%3A%2F%2Finsuringfla.com%2F&ul=en-us&de=UTF-8&dt=Health%20Insurance%20%7C%20Insuring%20FLA&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAAABAAAAAC~&jid=3723209&gjid=686264182&cid=415991316.1663919736&tid=UA-85523286-1&_gid=1584288581.1663919736&_r=1>m=2wg9l0T3P7G8&z=1965297560
200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=849507407&t=pageview&_s=1&dl=https%3A%2F%2Finsuringfla.com%2F&ul=en-us&de=UTF-8&dt=Health%20Insurance%20%7C%20Insuring%20FLA&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAAABAAAAAC~&jid=3723209&gjid=686264182&cid=415991316.1663919736&tid=UA-85523286-1&_gid=1584288581.1663919736&_r=1>m=2wg9l0T3P7G8&z=1965297560
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j97&a=849507407&t=pageview&_s=1&dl=https%3A%2F%2Finsuringfla.com%2F&ul=en-us&de=UTF-8&dt=Health%20Insurance%20%7C%20Insuring%20FLA&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAAABAAAAAC~&jid=3723209&gjid=686264182&cid=415991316.1663919736&tid=UA-85523286-1&_gid=1584288581.1663919736&_r=1>m=2wg9l0T3P7G8&z=1965297560 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://insuringfla.com
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://insuringfla.com
date: Fri, 23 Sep 2022 07:55:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 088fd54c49c3761d7537bd8ceadf8af4
c450a99446fadeaa81f2426367b7d200d11ef67d
9e171b74ae7c3f96a03cf14f423b05ab0ad7329844061b9200d81f6bc381a561
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3770
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 07:55:36 GMT
Last-Modified: Fri, 23 Sep 2022 06:52:46 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
yourlowquote.com/wp-content/uploads/2016/09/223d0a20-insuring-florida-renew-obama-health-care-2.jpg
200 OK 164 kB URL HTTP/2 yourlowquote.com/wp-content/uploads/2016/09/223d0a20-insuring-florida-renew-obama-health-care-2.jpg
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1200, components 3\012- data
Size 164 kB (163951 bytes)
Hash 98eb21578d3ff1690e00cadde1886159
c40f671e732fa3600a4736b008b1be6fc8927f2a
0a3b95e46545b02d49e07acbb3a3e247dd1434f86f270816c63006be2dc7f2e2
GET /wp-content/uploads/2016/09/223d0a20-insuring-florida-renew-obama-health-care-2.jpg HTTP/1.1
Host: yourlowquote.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 27 Sep 2016 12:42:16 GMT
etag: "27c0e00-2806f-53d7c930e9a00"
accept-ranges: bytes
content-length: 163951
content-type: image/jpeg
date: Fri, 23 Sep 2022 07:55:36 GMT
server: Apache
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=149595078982817&ev=PageView&dl=https%3A%2F%2Finsuringfla.com%2F&rl=&if=false&ts=1663919736265&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663919736264.1088887189&it=1663919736012&coo=false&rqm=GET
200 OK 86 kB URL HTTP/2 www.facebook.com/tr/?id=149595078982817&ev=PageView&dl=https%3A%2F%2Finsuringfla.com%2F&rl=&if=false&ts=1663919736265&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663919736264.1088887189&it=1663919736012&coo=false&rqm=GET
IP
File type gzip compressed data, from Unix\012- data
Hash 28cc6e70fc3d0d3e844a21ccee67e326
2f8c18c6a8c7e1cc23c3ade7103671de5d8d8ffc
c11e21e66d1be5dcdce3fb320512063065829dcb4d84603e2dc3d102aae45ead
GET /tr/?id=149595078982817&ev=PageView&dl=https%3A%2F%2Finsuringfla.com%2F&rl=&if=false&ts=1663919736265&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663919736264.1088887189&it=1663919736012&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Fri, 23 Sep 2022 07:55:36 GMT
X-Firefox-Spdy: h2
insuringfla.com/favicon.ico
302 Found 1 B URL HTTP/2 insuringfla.com/favicon.ico
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
GET /favicon.ico HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://insuringfla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
x-powered-by: PHP/7.3.33
link: <https://insuringfla.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
location: https://insuringfla.com/wp-includes/images/w-logo-blue-white-bg.png
vary: Accept-Encoding
content-encoding: br
content-length: 1
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 07:55:36 GMT
server: Apache
X-Firefox-Spdy: h2
insuringfla.com/wp-includes/images/w-logo-blue-white-bg.png
200 OK 4.1 kB URL HTTP/2 insuringfla.com/wp-includes/images/w-logo-blue-white-bg.png
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: insuringfla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://insuringfla.com/
Connection: keep-alive
Cookie: _ga=GA1.2.415991316.1663919736; _gid=GA1.2.1584288581.1663919736; _gat_UA-85523286-1=1; _fbp=fb.1.1663919736264.1088887189
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Nov 2021 00:04:01 GMT
etag: "b22195-1017-5d0dca9a37e40"
accept-ranges: bytes
content-length: 4119
content-type: image/png
date: Fri, 23 Sep 2022 07:55:37 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea09a2e-db97-4846-b5c4-9bc0e69977bc.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea09a2e-db97-4846-b5c4-9bc0e69977bc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 634db5bfe2b27e608c3f3518b0c44ebb
06f5f63e681d711bd68626805c5dd2b902ebf9cf
935d3442ed37fe78df5fe40fac87ca00466a3e19ef3c72a80dae17ffbcacd45d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea09a2e-db97-4846-b5c4-9bc0e69977bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 13000
x-amzn-requestid: 0658a29b-3c96-431c-ab00-952ab7365e1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioLNHd1oAMFkbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420ad-488015441a19070348de1398;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vhg1m3Tpmoo68IBbutFCvjCLD6iBW3YWysB7hA837CwDK3DSSFp_KA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 09:35:19 GMT
age: 80422
etag: "06f5f63e681d711bd68626805c5dd2b902ebf9cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
216.69.170.151
23.36.76.226
157.240.200.35
104.17.24.14
93.184.220.29