gnhomefinish.com/cbm88g.rar
216.152.143.240301 Moved Permanently 178 B URL HTTP/1.1 gnhomefinish.com/cbm88g.rar
IP 216.152.143.240:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert fortinet Malware
GET /cbm88g.rar HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 05 Nov 2022 10:24:50 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://gnhomefinish.com/cbm88g.rar
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b7be8442ec1e518ccc80739495f6d047
7a9d24b9d4046262c7753c49afaf9c19f4840626
b93410a9d62da3f219796d753b61a0f730cc272c13596724aa9d20efba298b44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B93410A9D62DA3F219796D753B61A0F730CC272C13596724AA9D20EFBA298B44"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2733
Expires: Sat, 05 Nov 2022 11:10:23 GMT
Date: Sat, 05 Nov 2022 10:24:50 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cd02b32dbc8416dcb10b468af2166c33
503a9c4cabdb19dfde769f5e2d3ef919c818c364
46ca638514d9d4cf252762fdac37a5e7b1da550fcc9911070b0b26a6aa6150a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5899
Cache-Control: max-age=89074
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 10:24:50 GMT
Etag: "6364dbd9-1d7"
Expires: Sun, 06 Nov 2022 11:09:24 GMT
Last-Modified: Fri, 04 Nov 2022 09:31:05 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 078950c3ba9ad01927f3da494b1d1de4
443c8a8247e4e3e04c14d21e0227fc4e8f396142
dd5dd09fec51669adf36b3014bbf65d7bff608f72018d037f9ed9b414675037c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD5DD09FEC51669ADF36B3014BBF65D7BFF608F72018D037F9ED9B414675037C"
Last-Modified: Fri, 04 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2271
Expires: Sat, 05 Nov 2022 11:02:41 GMT
Date: Sat, 05 Nov 2022 10:24:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IuCS2SkwbEMP/KnZn3Xe3Hb9lkSH+bsNZ90hH0t4Y1pLKDAjbZJsdOdNh7gPdqz0ChMqyP+voIYgqu5M36Jfmw==
x-amz-request-id: 5E70RMGA99RJSXXA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 05 Nov 2022 10:10:00 GMT
age: 890
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 10:24:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85b0d072a9c1e02ddd37eec06ddb2e67
ec5e2cc53792187866a51a683b54f46c23927917
a7bffaf2cd20beff0ffc4c2d1f6a46cde300e7cc6dc15b9a7a405d8f2a002eee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A7BFFAF2CD20BEFF0FFC4C2D1F6A46CDE300E7CC6DC15B9A7A405D8F2A002EEE"
Last-Modified: Fri, 04 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21563
Expires: Sat, 05 Nov 2022 16:24:14 GMT
Date: Sat, 05 Nov 2022 10:24:51 GMT
Connection: keep-alive
gnhomefinish.com/cbm88g.rar
216.152.143.240302 Found 0 B URL HTTP/1.1 gnhomefinish.com/cbm88g.rar
IP 216.152.143.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /cbm88g.rar HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 05 Nov 2022 10:24:51 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://gnhomefinish.com
Vary: Accept-Encoding
X-Varnish: 230622230 230559726
Age: 5
Via: 1.1 varnish (Varnish/5.2)
gnhomefinish.com/
216.152.143.240200 OK 7.5 kB IP 216.152.143.240:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1236), with CRLF, LF line terminators
Hash 67aba6aafdb1bcfdb1c83e3b87e5356c
ffc0dca05a6fa1eaab97382347f069bdfd6aee5a
538c83f7c2eafd6c50535198a5b242c28c3e1f057f633e79d8cb71b31ae4dc41
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:51 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 7468
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 257616441
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db63d54b77502dd6c7bdc792d4fd093e
026ad8186833988279468829c004c6e2a2f2626f
eff89ef67baa622e8a196ffcadc44d29aafff009bb531da3e979a1f47c3b1c36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2656
Cache-Control: max-age=167172
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 10:24:51 GMT
Etag: "63661997-1d7"
Expires: Mon, 07 Nov 2022 08:51:03 GMT
Last-Modified: Sat, 05 Nov 2022 08:06:47 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a2f6c296003d839bdee766ef4082e376
013ae64b10cb1355ae9b6ba38dcfa79f71a9b505
703d6582ab3344d6e4a0d5b7e0c9983b8f7e8179d73dd6584c37bbccc8c84308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 10:24:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11
142.250.74.138200 OK 7.3 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11
IP 142.250.74.138:0
File type ASCII text, with very long lines (28290)
Hash 29cec33e497be5e450f9703d98efca3b
4bcb24406115ca93d35ba145b78234b6f5e5d135
287e9a460040e8d091b9eb5381be54956185f293a41cadf7586ad05eaf23a012
GET /ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 7320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 15:20:35 GMT
expires: Wed, 01 Nov 2023 15:20:35 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
age: 327856
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a2f6c296003d839bdee766ef4082e376
013ae64b10cb1355ae9b6ba38dcfa79f71a9b505
703d6582ab3344d6e4a0d5b7e0c9983b8f7e8179d73dd6584c37bbccc8c84308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 10:24:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a2f6c296003d839bdee766ef4082e376
013ae64b10cb1355ae9b6ba38dcfa79f71a9b505
703d6582ab3344d6e4a0d5b7e0c9983b8f7e8179d73dd6584c37bbccc8c84308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 10:24:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gnhomefinish.com/cms_websites/css/dist/beacon-theme_san-antonio/theme.css?ver=1
216.152.143.240200 OK 52 kB URL HTTP/1.1 gnhomefinish.com/cms_websites/css/dist/beacon-theme_san-antonio/theme.css?ver=1
IP 216.152.143.240:0
Hash 523a9fd0cd04a6b9ab344d3806a3ad6c
7979ffd3de539aab3fd179b41c5701c723bf10dc
d77e4d0e8d5a660cdc2543d59a7d814c5485615acb7cbf5c86a2349836afe392
Analyzer Verdict Alert fortinet Malware
GET /cms_websites/css/dist/beacon-theme_san-antonio/theme.css?ver=1 HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:51 GMT
Content-Type: text/css
Content-Length: 52306
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 01:16:40 GMT
ETag: "6fbfe-5ea53720d3601-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 230622243
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
push.services.mozilla.com/
44.242.3.166101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.3.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: H6wN2KR5LcXXGQUDjynA3w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7PEXs4I/iw9N3e4LlMu8mLMihgo=
gnhomefinish.com/wp-content/themes/beacon-easton/js/min/theme-plugins-min.js
216.152.143.240200 OK 23 kB URL HTTP/1.1 gnhomefinish.com/wp-content/themes/beacon-easton/js/min/theme-plugins-min.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (31956)
Hash 20bfd63ec0482fcd8f5593e4172f5a91
fb4506839def74a1b7b8d24e806df068ebc5b4ea
ce0751118027f75c01a4e1d44514d0fe4b3833c7335801c61978b39c8fc4fc99
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/beacon-easton/js/min/theme-plugins-min.js HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:51 GMT
Content-Type: application/javascript
Content-Length: 23216
Connection: keep-alive
Last-Modified: Fri, 12 Jun 2020 00:07:25 GMT
ETag: "17376-5a7d7dcad7624-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 698123460
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
gnhomefinish.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js
216.152.143.240200 OK 465 B URL HTTP/1.1 gnhomefinish.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (1164), with no line terminators
Hash ae9e1ea6af46bf62a7469101eb4a8f55
e94958da3bfd259c99019190f6c4e449e0c16aee
bbf28048044a88f7b3f682c682dea0b058d7ff7e98daf046f6f161517e97fafa
Analyzer Verdict Alert fortinet Malware
GET /cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:51 GMT
Content-Type: application/javascript
Content-Length: 465
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:35 GMT
ETag: "48c-5d727b3527792-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 257683861
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
gnhomefinish.com/cms_websites/cms_custom_css.php?ver=248_11
216.152.143.240200 OK 5.1 kB URL HTTP/1.1 gnhomefinish.com/cms_websites/cms_custom_css.php?ver=248_11
IP 216.152.143.240:0
File type ASCII text, with very long lines (318)
Hash 3259ee0c3ce0a01518f90ef01a8d498e
08b4d02d761bf9666dc048f892c0a7d9aeaaa7b7
339ef8e684dcf00f5698e2ebf587f7bf820028ccfe70b64f206b276c7b8dbac6
Analyzer Verdict Alert fortinet Malware
GET /cms_websites/cms_custom_css.php?ver=248_11 HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:51 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 5059
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 230622261
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
gnhomefinish.com/cms_websites/cms_theme_custom_css.php?ver=248_11
216.152.143.240200 OK 4.1 kB URL HTTP/1.1 gnhomefinish.com/cms_websites/cms_theme_custom_css.php?ver=248_11
IP 216.152.143.240:0
File type assembler source, ASCII text
Hash 01b90411def74a0925c67443b862ab18
36f871010dc8a9af6d3192875308793d01acb6be
738e2fe25340c01b291b19d8a324d680aec37638a2b51c7a2c101ca8500ea2f3
Analyzer Verdict Alert fortinet Malware
GET /cms_websites/cms_theme_custom_css.php?ver=248_11 HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:51 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 4089
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 447203990
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
gnhomefinish.com/wp-includes/js/underscore.min.js?ver=1.8.3
216.152.143.240200 OK 5.8 kB URL HTTP/1.1 gnhomefinish.com/wp-includes/js/underscore.min.js?ver=1.8.3
IP 216.152.143.240:0
File type ASCII text, with very long lines (16194)
Hash 0de80519eb796dc06fa34efcf454c797
1274f536f1c2c51ad2b0c0f121da21cc43854ea5
059bc818c4f66d482fcd7a623fde7a0c66d9767f49a0fca0eed2fb4a6ccfdbf6
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:51 GMT
Content-Type: application/javascript
Content-Length: 5822
Connection: keep-alive
Last-Modified: Thu, 26 Sep 2019 19:18:32 GMT
ETag: "401a-59379a2a64404-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 230688866
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
gnhomefinish.com/wp-content/themes/beacon-theme_san-antonio/js/min/theme-min.js
216.152.143.240200 OK 2.4 kB URL HTTP/1.1 gnhomefinish.com/wp-content/themes/beacon-theme_san-antonio/js/min/theme-min.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (10443), with no line terminators
Hash 9fc421dfc60dcf4397481c1134b140e3
505dae58ea97c8cb8ced7e7fae55db7d3666a144
ef37883dc6ae806194145f521dd3c6b02221e04c3d3ebdc0ab3e4e604419efb6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/beacon-theme_san-antonio/js/min/theme-min.js HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:51 GMT
Content-Type: application/javascript
Content-Length: 2405
Connection: keep-alive
Last-Modified: Thu, 09 Sep 2021 00:06:15 GMT
ETag: "28cb-5cb84c46ef2c0-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 447203993
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
gnhomefinish.com/cms_websites/js/internal/beacon-lazy-load.min.js
216.152.143.240200 OK 1.5 kB URL HTTP/1.1 gnhomefinish.com/cms_websites/js/internal/beacon-lazy-load.min.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (711)
Hash 2d8efb282dc94590ef8e29cce1999c3e
a789f740b749b873e23bdf2de83bde7a04a5e89b
8ff9c2939ed58514693157d95935fcb312c08aa221300f4c01b0bbf0cc6e68db
Analyzer Verdict Alert fortinet Malware
GET /cms_websites/js/internal/beacon-lazy-load.min.js HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:51 GMT
Content-Type: application/javascript
Content-Length: 1511
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:49 GMT
ETag: "e96-5c189ea4b2d4d-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 257832640
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
gnhomefinish.com/cms_websites/tools/GAEventTracking/js/scripts.min.js
216.152.143.240200 OK 517 B URL HTTP/1.1 gnhomefinish.com/cms_websites/tools/GAEventTracking/js/scripts.min.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (1015), with no line terminators
Hash 09a9e3bc0d18d851d1276481ed543c9e
87f953897b9f07e27e0b080a4320a9b78fc80167
9293803448e5928f3b09835cf60749954d6f5e303f176e63b988dc0079a744bb
Analyzer Verdict Alert fortinet Malware
GET /cms_websites/tools/GAEventTracking/js/scripts.min.js HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:51 GMT
Content-Type: application/javascript
Content-Length: 517
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:41 GMT
ETag: "3f7-5d727b3a6c8f4-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 697970366
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
gnhomefinish.com/wp-content/themes/beacon-easton/js/theme-menu-horizontal-v1.min.js
216.152.143.240200 OK 2.1 kB URL HTTP/1.1 gnhomefinish.com/wp-content/themes/beacon-easton/js/theme-menu-horizontal-v1.min.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (2945)
Hash b090b8d374acdea0535eb0e08b1183fa
d8b4e3448ab0fb902ad5866a2965f63f72126de9
1c5b635bccee37b9e2e8ee5b2c730b0759c6ea249b5635aaa1b9eebc524a3a0b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/beacon-easton/js/theme-menu-horizontal-v1.min.js HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:51 GMT
Content-Type: application/javascript
Content-Length: 2063
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:48 GMT
ETag: "1a05-5c189ea479b33-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 447234841
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
gnhomefinish.com/cms_websites/js/external/scripts.js
216.152.143.240200 OK 121 kB URL HTTP/1.1 gnhomefinish.com/cms_websites/js/external/scripts.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (32077)
Size 121 kB (120679 bytes)
Hash 2b2400ce27b4d1d8ceca82bed3e8bad2
2ebaca6538cccffd5a042f53e46a18b2133acb9a
bd364f13dac56e31208849b685194592c91631fa41a8c396c5346417fccc47e7
Analyzer Verdict Alert fortinet Malware
GET /cms_websites/js/external/scripts.js HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:49 GMT
ETag: "634a9-5c189ea4b2d4d-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 257832634
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
gnhomefinish.com/cms_websites/img/lazy-load-placeholder.png
216.152.143.240200 OK 1.2 kB URL HTTP/1.1 gnhomefinish.com/cms_websites/img/lazy-load-placeholder.png
IP 216.152.143.240:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash da4a5f76c26dbfec59eb5fe8203260b6
4eaa1177c496eee6f870521341cd085ee01755a9
ce132516a708f2d42cff5f86b734d76e9b6da3066d399f0143ddd6d4c1c39e3c
GET /cms_websites/img/lazy-load-placeholder.png HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:52 GMT
Content-Type: image/png
Content-Length: 1202
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:49 GMT
ETag: "4b2-5c189ea4b0e0d"
Vary: Accept-Encoding
X-Varnish: 257832657
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
gnhomefinish.com/files/2021/12/LOGO-GN-HFI-TRANSPARENTE-300x99.png
216.152.143.240200 OK 11 kB URL HTTP/1.1 gnhomefinish.com/files/2021/12/LOGO-GN-HFI-TRANSPARENTE-300x99.png
IP 216.152.143.240:0
File type PNG image data, 300 x 99, 8-bit/color RGBA, non-interlaced\012- data
Hash ba4c2249bc2948e3397a5ee6da900dc1
f7484aa082b043d8a5cf5000fc3de29c3142b2c3
7691be928032c52eb1774e4dea26fea10951004c904182006f17437670f61523
GET /files/2021/12/LOGO-GN-HFI-TRANSPARENTE-300x99.png HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:52 GMT
Content-Type: image/png
Content-Length: 11331
Connection: keep-alive
Last-Modified: Mon, 13 Dec 2021 22:21:18 GMT
ETag: "b76891cf6b279c4d287e6cac0366afb8"
Expires: Mon, 05 Jan 2026 20:11:32 GMT
Vary: Accept-Encoding
X-Varnish: 697925194
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 10:24:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 10:24:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 10:24:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.195200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gnhomefinish.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 17:10:21 GMT
expires: Wed, 01 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 321271
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 10:24:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.195200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gnhomefinish.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 17:10:21 GMT
expires: Wed, 01 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 321271
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gnhomefinish.com/wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif
216.152.143.240200 OK 1.1 kB URL HTTP/1.1 gnhomefinish.com/wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif
IP 216.152.143.240:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 2a07edce0f76003d12f3693e7f62edc2
661766632e5fa48d967f8ed7ae8c0df2a4dead06
039a26881ec489fa598d5cc7b46025fc32b0f2c963f8fd904bf48799af646eb7
GET /wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/cms_websites/cms_theme_custom_css.php?ver=248_11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:52 GMT
Content-Type: image/gif
Content-Length: 1097
Connection: keep-alive
Last-Modified: Fri, 11 Oct 2013 16:05:10 GMT
ETag: "449-4e87948635980"
Vary: Accept-Encoding
X-Varnish: 257554653
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
gnhomefinish.com/cms_websites/css/dist/assets/img/loading.gif
216.152.143.240200 OK 8.8 kB URL HTTP/1.1 gnhomefinish.com/cms_websites/css/dist/assets/img/loading.gif
IP 216.152.143.240:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash f2fb2dede72a9575693bbb029a02c93f
5ba7daa929545eb8c57fd135584c1da88b16aaba
86a9c0085849080f88d7c027d257020714db2059bc9d6a3cbea01e82d98911cb
GET /cms_websites/css/dist/assets/img/loading.gif HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/cms_websites/css/dist/beacon-theme_san-antonio/theme.css?ver=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:52 GMT
Content-Type: image/gif
Content-Length: 8787
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 01:10:43 GMT
ETag: "2253-5e8acea235007"
Vary: Accept-Encoding
X-Varnish: 257683878
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
216.58.207.195200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data
Hash e46b4e2e3b47cc232937ebf72b4c537e
2675bc06ee643b8c935370325a327efb74746e6a
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gnhomefinish.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 21:29:12 GMT
expires: Fri, 03 Nov 2023 21:29:12 GMT
cache-control: public, max-age=31536000
age: 132940
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gnhomefinish.com/wp-content/themes/beacon-easton/img/transparent.png?w=1440&h=810&a=t&ct=1
216.152.143.240200 OK 16 kB URL HTTP/1.1 gnhomefinish.com/wp-content/themes/beacon-easton/img/transparent.png?w=1440&h=810&a=t&ct=1
IP 216.152.143.240:0
File type PNG image data, 1440 x 810, 8-bit/color RGBA, non-interlaced\012- data
Hash b6efdd13b4d959374c70586f1bad17a1
f8e4855c87e05b6c98fbd26fc139a1bd9ee0905d
53d53494c3ac89c9c3dc151b3cb0b20385b3df3432207635ab5043dd5f1e5507
GET /wp-content/themes/beacon-easton/img/transparent.png?w=1440&h=810&a=t&ct=1 HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:52 GMT
Content-Type: image/png
Content-Length: 16464
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 10:24:52 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Tue, 15 Nov 2022 10:24:52 GMT
Vary: Accept-Encoding
X-Varnish: 697942350
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 10:24:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gnhomefinish.com/cms_websites/css/dist/assets/fonts/bcn-icons/tsi-cms.ttf?jqz9p7
216.152.143.240200 OK 15 kB URL HTTP/1.1 gnhomefinish.com/cms_websites/css/dist/assets/fonts/bcn-icons/tsi-cms.ttf?jqz9p7
IP 216.152.143.240:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, tsi-cms \012- data
Hash 8502d84e441c2414f9d57278b37ca913
99aa2bb2ae83c276e2c87730bcc91a7a91f94b2d
90894ec30080285112af7874edd528fe7fef8326ff32c7551d756fc444d3dc92
Analyzer Verdict Alert fortinet Malware
GET /cms_websites/css/dist/assets/fonts/bcn-icons/tsi-cms.ttf?jqz9p7 HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/cms_websites/css/dist/beacon-theme_san-antonio/theme.css?ver=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:52 GMT
Content-Type: application/font-sfnt
Content-Length: 15128
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 01:10:45 GMT
ETag: "3b18-5e8acea36f0e7"
Vary: Accept-Encoding
X-Varnish: 697970406
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700&ver=248_11
142.250.74.10200 OK 7.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700&ver=248_11
IP 142.250.74.10:0
Hash 924c8981336bdc5142a7a5366c628c45
594b8128efcf57a8451f417fb6b9b62e48f79d3c
934670d7fb931c18f06e10034b7ae332e149a8e060eee24d300dbd7fb466346f
GET /css?family=Source+Sans+Pro%3A400%2C700&ver=248_11 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 05 Nov 2022 10:24:51 GMT
date: Sat, 05 Nov 2022 10:24:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gnhomefinish.com/files/2021/12/gn1.jpg?w=316&h=316&a=t
216.152.143.240200 OK 27 kB URL HTTP/1.1 gnhomefinish.com/files/2021/12/gn1.jpg?w=316&h=316&a=t
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 316x316, components 3\012- data
Hash c4394ca2e80b043011283d34a3b15c5f
7e81af46fd7e080c8e9dd4a3a00d890f24e8ef54
6785bc04d28e60ba11f3b0a4772e1318e845e78cde93211a1c9f03f1b4049db2
GET /files/2021/12/gn1.jpg?w=316&h=316&a=t HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:52 GMT
Content-Type: image/jpeg
Content-Length: 27256
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 10:24:52 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Tue, 15 Nov 2022 10:24:52 GMT
Vary: Accept-Encoding
X-Varnish: 697942359
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
gnhomefinish.com/files/2021/12/gn3.jpg?w=316&h=316&a=t
216.152.143.240200 OK 23 kB URL HTTP/1.1 gnhomefinish.com/files/2021/12/gn3.jpg?w=316&h=316&a=t
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 316x316, components 3\012- data
Hash 417963a54fa658c517353d06247ef1c9
0c7df4753996bc77c931b7adc0c2b7df7b3dd53a
f0896e3571ff64c8cf5a295701a9c9f66dbaac973c4da0c08db0032d79172214
GET /files/2021/12/gn3.jpg?w=316&h=316&a=t HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:52 GMT
Content-Type: image/jpeg
Content-Length: 22709
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 10:24:52 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Tue, 15 Nov 2022 10:24:52 GMT
Vary: Accept-Encoding
X-Varnish: 230688885
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
gnhomefinish.com/files/2021/12/gn2.jpg?w=316&h=316&a=t
216.152.143.240200 OK 36 kB URL HTTP/1.1 gnhomefinish.com/files/2021/12/gn2.jpg?w=316&h=316&a=t
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 316x316, components 3\012- data
Hash 66d9429f32f1e5591c3326aedd18b458
04edf32257e80f46e6466b8ffec0ef5888554468
2eb74edb8bea86a84cd3fb03ad18b472fc8199b1e0d51286fa90fdee69a2e2ef
GET /files/2021/12/gn2.jpg?w=316&h=316&a=t HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:52 GMT
Content-Type: image/jpeg
Content-Length: 35989
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 10:24:52 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Tue, 15 Nov 2022 10:24:52 GMT
Vary: Accept-Encoding
X-Varnish: 257832675
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5717
Expires: Sat, 05 Nov 2022 12:00:09 GMT
Date: Sat, 05 Nov 2022 10:24:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5717
Expires: Sat, 05 Nov 2022 12:00:09 GMT
Date: Sat, 05 Nov 2022 10:24:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5717
Expires: Sat, 05 Nov 2022 12:00:09 GMT
Date: Sat, 05 Nov 2022 10:24:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5717
Expires: Sat, 05 Nov 2022 12:00:09 GMT
Date: Sat, 05 Nov 2022 10:24:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877911e5-70a1-471d-b418-3ee8665daf00.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877911e5-70a1-471d-b418-3ee8665daf00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f787d03ccf6f14f05b9fb00149a92f49
0d3c7535f83ced168b1efb0f849e353de31d40db
bda8d5d8dee8c1b3b9a0dd81407bc920a3a2a737dceaaebf75e8554ef1cdcec8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877911e5-70a1-471d-b418-3ee8665daf00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8016
x-amzn-requestid: 971369d4-3728-4fef-9d82-794fd184d26d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC0S3FbeIAMFceg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63643412-0efd014e4b25ed9c4aed13cb;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:35:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZPGScUHAZtgr_egNkJ2bOzK_ftHSd0Yr1U_S7jYUelg56FCtTOC2TA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:53:09 GMT
age: 45103
etag: "0d3c7535f83ced168b1efb0f849e353de31d40db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z6Lnru_eeTvRGdsz-q37-HGFgFfIT6fLSFcJBvT3oPjAPilszTWkDw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 20:21:33 GMT
age: 50599
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca6c7517d7015fbc35fa290c1c2d6afd
594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c
a746b36be50209915a0e5657abd219aab382eee4b7556142aa1316daf3a9f5a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: f2e39db1-fb8a-4a9b-8a1d-ee08000ddeb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC1VyFHuIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636435be-7a03ef677f8dbd680f72de90;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SjV-J5oBG_0qHy-SE7_K9kj_MMjAee4JZva3thJf8On3ejAA1n1tfg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:53:04 GMT
age: 45108
etag: "594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3819323-4f77-4bb2-bbbb-6926d5bc62aa.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3819323-4f77-4bb2-bbbb-6926d5bc62aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6ee20d59c5ac266f8eb9c47057271a10
61dc4e78907f114519ff3fdd3c806b36557ab744
2cba117cfe96fa5e1b53981f98d42eb3e5f956083c3435a1d44d1d40784614bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3819323-4f77-4bb2-bbbb-6926d5bc62aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11427
x-amzn-requestid: 0dcc7ef4-d7fa-492e-8ddf-4342b4bc44e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGHxJGJZoAMFWlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365866d-7c3de2ed509a640f37c52843;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gAHLlJ0JzB6TfEUNw_sCNmrjMK-EX1hZbCY34i99xQok7R-wvcpqug==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:59:04 GMT
age: 44748
etag: "61dc4e78907f114519ff3fdd3c806b36557ab744"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f29b126-c6e5-4528-8307-e3c7fe12e225.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f29b126-c6e5-4528-8307-e3c7fe12e225.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 308da46611df43543d31ca502986bea2
0bf4de356c3a64785fe116161cb931b3b2476f5d
63996962e2763dcf2e0ae5e43aa12dfd8f8677082bb1cdf63528dfd00404f3e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f29b126-c6e5-4528-8307-e3c7fe12e225.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7619
x-amzn-requestid: 67308248-e660-4294-aafe-5f178970f822
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGHlcHHfIAMFyGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63658622-5b1ee875554a05eb1e8a6f16;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:37:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Qn6QTO-5bR2vT6wtmHT2zVZX556_FUz6ImAWK3O8hc8xSJ9XmNM96w==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:48:46 GMT
age: 45366
etag: "0bf4de356c3a64785fe116161cb931b3b2476f5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb68c0e1f-9b4b-402d-adfb-63432679006f.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb68c0e1f-9b4b-402d-adfb-63432679006f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 67e74cf7d9a4e6049faf9397c2622535
0bbd0adfc82650ad86e4b01345f2278a7201b01c
9aec0c1a5d04337c3919a12c75d76134c2c37d3e16766e3240afea78d588aaee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb68c0e1f-9b4b-402d-adfb-63432679006f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8618
x-amzn-requestid: 55cf973c-4d66-49af-9492-f5c04a7ff380
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apwiZH4QoAMF2yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a2e0f-167585190373891f6ad19e08;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 07:06:55 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6ReskNjF6L1w_T65XySf6bieICOEqjxHnyCpmD4aWU5xDzW8Yvqgzw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 12:00:31 GMT
age: 80661
etag: "0bbd0adfc82650ad86e4b01345f2278a7201b01c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gnhomefinish.com/files/2021/12/gn4.jpg?w=316&h=316&a=t
216.152.143.240200 OK 34 kB URL HTTP/1.1 gnhomefinish.com/files/2021/12/gn4.jpg?w=316&h=316&a=t
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 316x316, components 3\012- data
Hash 823e8cacd5636fde500dd543ddbd95f0
15f27dd731403a0440a172ea08c93566d10f6aa8
639b1f891a051e8274bd1ee48131a6904c417ccebf02967a1ac2dd8e2a412e18
GET /files/2021/12/gn4.jpg?w=316&h=316&a=t HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:52 GMT
Content-Type: image/jpeg
Content-Length: 34185
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 10:24:52 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Tue, 15 Nov 2022 10:24:52 GMT
Vary: Accept-Encoding
X-Varnish: 697942365
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
gnhomefinish.com/wp-content/uploads//b2b/stock/v2/bigstock/Close-up-of-a-man-using-mobile-53439139.jpg?w=316&h=316&a=t
216.152.143.240200 OK 23 kB URL HTTP/1.1 gnhomefinish.com/wp-content/uploads//b2b/stock/v2/bigstock/Close-up-of-a-man-using-mobile-53439139.jpg?w=316&h=316&a=t
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 316x316, components 3\012- data
Hash 1d0f2b3b41a97254820da8dadfbf0c15
089675947ac1c33fee84c6614e5f1e9d44a46f2a
a870a84fdaaa1b18426c10905e8a3828752fa80c169cb2848421815687538eae
GET /wp-content/uploads//b2b/stock/v2/bigstock/Close-up-of-a-man-using-mobile-53439139.jpg?w=316&h=316&a=t HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:52 GMT
Content-Type: image/jpeg
Content-Length: 22885
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 10:24:52 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Tue, 15 Nov 2022 10:24:52 GMT
Vary: Accept-Encoding
X-Varnish: 697970415
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
gnhomefinish.com/wp-content/uploads//b2b/stock/v2/bigstock/paintbrush-and-colorful-paint-18229064.jpg
216.152.143.240200 OK 565 kB URL HTTP/1.1 gnhomefinish.com/wp-content/uploads//b2b/stock/v2/bigstock/paintbrush-and-colorful-paint-18229064.jpg
IP 216.152.143.240:0
File type gzip compressed data, max compression\012- data
Size 565 kB (565164 bytes)
Hash 272962be942dae4a28b32d7c0aedb571
cc6ae0b36a67f85a6482f90948426e6c68a40d93
ab0a3dabe6ead5bf0a5fbe369e36bc33967b55a0ac6d4f25b6c550389d5e1ad9
GET /wp-content/uploads//b2b/stock/v2/bigstock/paintbrush-and-colorful-paint-18229064.jpg HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:52 GMT
Content-Type: image/jpeg
Content-Length: 564386
Connection: keep-alive
Last-Modified: Sat, 02 Nov 2013 03:24:00 GMT
ETag: "89ca2-4ea2936c0b400"
Vary: Accept-Encoding
X-Varnish: 697925200
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
gnhomefinish.com/files/2022/04/wall-g107eeec99_1280.jpg?w=1440&h=810&a=t
216.152.143.240200 OK 303 kB URL HTTP/1.1 gnhomefinish.com/files/2022/04/wall-g107eeec99_1280.jpg?w=1440&h=810&a=t
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1440x810, components 3\012- data
Size 303 kB (303138 bytes)
Hash da085aed87a5f2f9fd33e70bf0a74832
efcd4242da5c6838de52056251378dada778d2b3
c0bc3c034cb6f821f6b04cbbbd5f3db5d0d25cab987400ee2dfa911d690c6c96
GET /files/2022/04/wall-g107eeec99_1280.jpg?w=1440&h=810&a=t HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:52 GMT
Content-Type: image/jpeg
Content-Length: 303138
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 10:24:52 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Tue, 15 Nov 2022 10:24:52 GMT
Vary: Accept-Encoding
X-Varnish: 230688880
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d65c94a3bfe8605059e5e626ea0fa57e
b0fbc3577331b82efc8e320095b8d8705a6360d3
0878edd256a972f526d7053cdebceb28241db5662cc7660a10f1b4c3430c43c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 10:24:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gnhomefinish.com/files/2021/12/gn7.jpg?w=1440&h=810&a=t
216.152.143.240200 OK 299 kB URL HTTP/1.1 gnhomefinish.com/files/2021/12/gn7.jpg?w=1440&h=810&a=t
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1440x810, components 3\012- data
Size 299 kB (298582 bytes)
Hash 695ebbc8fd96012e840aa2b97094bd66
365e9946f9694c2e14a095102198d516d5fafced
f9fd47653cafd87426d2e191ca3f09b010edd303c6ca43a771255ee78cbec687
GET /files/2021/12/gn7.jpg?w=1440&h=810&a=t HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:52 GMT
Content-Type: image/jpeg
Content-Length: 298582
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 10:24:52 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Tue, 15 Nov 2022 10:24:52 GMT
Vary: Accept-Encoding
X-Varnish: 447234870
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
ssl.google-analytics.com/ga.js
142.250.74.104200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.104:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Sat, 05 Nov 2022 10:17:12 GMT
expires: Sat, 05 Nov 2022 12:17:12 GMT
cache-control: public, max-age=7200
age: 461
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=884063243&utmhn=gnhomefinish.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Interior%20Painting%20%26%20Pressure%20Washing%20%7C%20Naples%2C%20FL%20%7C%20G%26N%20Home%20Finish%20Inc&utmhid=957411321&utmr=-&utmp=%2F&utmht=1667643891803&utmac=UA-26792682-1&utmdid=i9k95&utmcc=__utma%3D198005241.2075049579.1667643892.1667643892.1667643892.1%3B%2B__utmz%3D198005241.1667643892.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~
142.250.74.104200 OK 35 B URL HTTP/2 ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=884063243&utmhn=gnhomefinish.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Interior%20Painting%20%26%20Pressure%20Washing%20%7C%20Naples%2C%20FL%20%7C%20G%26N%20Home%20Finish%20Inc&utmhid=957411321&utmr=-&utmp=%2F&utmht=1667643891803&utmac=UA-26792682-1&utmdid=i9k95&utmcc=__utma%3D198005241.2075049579.1667643892.1667643892.1667643892.1%3B%2B__utmz%3D198005241.1667643892.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.104:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /__utm.gif?utmwv=5.7.2&utms=2&utmn=884063243&utmhn=gnhomefinish.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Interior%20Painting%20%26%20Pressure%20Washing%20%7C%20Naples%2C%20FL%20%7C%20G%26N%20Home%20Finish%20Inc&utmhid=957411321&utmr=-&utmp=%2F&utmht=1667643891803&utmac=UA-26792682-1&utmdid=i9k95&utmcc=__utma%3D198005241.2075049579.1667643892.1667643892.1667643892.1%3B%2B__utmz%3D198005241.1667643892.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Fri, 04 Nov 2022 20:12:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 51147
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d65c94a3bfe8605059e5e626ea0fa57e
b0fbc3577331b82efc8e320095b8d8705a6360d3
0878edd256a972f526d7053cdebceb28241db5662cc7660a10f1b4c3430c43c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 10:24:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1149611032&utmhn=gnhomefinish.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Interior%20Painting%20%26%20Pressure%20Washing%20%7C%20Naples%2C%20FL%20%7C%20G%26N%20Home%20Finish%20Inc&utmhid=957411321&utmr=-&utmp=%2F&utmht=1667643891799&utmac=UA-149151885-69&utmdid=i9k95&utmcc=__utma%3D198005241.2075049579.1667643892.1667643892.1667643892.1%3B%2B__utmz%3D198005241.1667643892.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1915747657&utmredir=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~
142.250.74.104200 OK 35 B URL HTTP/2 ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1149611032&utmhn=gnhomefinish.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Interior%20Painting%20%26%20Pressure%20Washing%20%7C%20Naples%2C%20FL%20%7C%20G%26N%20Home%20Finish%20Inc&utmhid=957411321&utmr=-&utmp=%2F&utmht=1667643891799&utmac=UA-149151885-69&utmdid=i9k95&utmcc=__utma%3D198005241.2075049579.1667643892.1667643892.1667643892.1%3B%2B__utmz%3D198005241.1667643892.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1915747657&utmredir=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.104:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1149611032&utmhn=gnhomefinish.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Interior%20Painting%20%26%20Pressure%20Washing%20%7C%20Naples%2C%20FL%20%7C%20G%26N%20Home%20Finish%20Inc&utmhid=957411321&utmr=-&utmp=%2F&utmht=1667643891799&utmac=UA-149151885-69&utmdid=i9k95&utmcc=__utma%3D198005241.2075049579.1667643892.1667643892.1667643892.1%3B%2B__utmz%3D198005241.1667643892.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1915747657&utmredir=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Sat, 05 Nov 2022 10:24:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gnhomefinish.com/files/2021/12/GN-transparente-300x168_1.png?w=196&h=196&zc=0
216.152.143.240200 OK 18 kB URL HTTP/1.1 gnhomefinish.com/files/2021/12/GN-transparente-300x168_1.png?w=196&h=196&zc=0
IP 216.152.143.240:0
File type PNG image data, 196 x 196, 8-bit/color RGBA, non-interlaced\012- data
Hash d090d04cb0e5aa34391f4438de3be3cc
4b774c9d4c504e899213c1f60322a0d7f2e70c80
1f302296fbdf8ca54d362553dbac8d93ef484708fc80d7ffaaa8969e15347900
GET /files/2021/12/GN-transparente-300x168_1.png?w=196&h=196&zc=0 HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:53 GMT
Content-Type: image/png
Content-Length: 18166
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 10:24:53 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Tue, 15 Nov 2022 10:24:53 GMT
Vary: Accept-Encoding
X-Varnish: 697942375
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
gnhomefinish.com/cms_websites/css/dist/assets/img/ajax-loader.gif
216.152.143.240200 OK 4.2 kB URL HTTP/1.1 gnhomefinish.com/cms_websites/css/dist/assets/img/ajax-loader.gif
IP 216.152.143.240:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash c5cd7f5300576ab4c88202b42f6ded62
7a1aa43614396382bb15e5fde574d9cdcd21698f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
GET /cms_websites/css/dist/assets/img/ajax-loader.gif HTTP/1.1
Host: gnhomefinish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnhomefinish.com/cms_websites/css/dist/beacon-theme_san-antonio/theme.css?ver=1
Cookie: __utma=198005241.2075049579.1667643892.1667643892.1667643892.1; __utmb=198005241.2.10.1667643892; __utmc=198005241; __utmz=198005241.1667643892.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 10:24:53 GMT
Content-Type: image/gif
Content-Length: 4178
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 01:10:45 GMT
ETag: "1052-5e8acea373f07"
Vary: Accept-Encoding
X-Varnish: 697970434
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c7c9c908e891e7277f21a914fea9aa25
596c3c084ae3d850a5dc28e549b4e22f2b8cc71f
709c217b3ac09712d2af4366316c8977b1a4e2a73f887b3e30f10df1ed50bacd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9150
x-amzn-requestid: 7c179507-20a7-4fa3-993b-f79b3e7949ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apwiGHD_IAMFQZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a2e0d-337623ce79dc53c864632c72;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 07:06:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OM3hc6Jfl5pDWPikIlcQOexIScQavqJh9h-N-EvIGNpicWJwHMPKIA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 19:29:40 GMT
age: 53719
etag: "596c3c084ae3d850a5dc28e549b4e22f2b8cc71f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2