stjohnsatlanta.org/
301 Moved Permanently 238 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5f3f850f3678e175a832ba8e1beb5be6
1ab6167d958d9f1b372ffd0a045e88c52e79ee15
0a54f387232605c645b6f33525bd29a7ea3c069d0894b9c9598ce1eb8040b423
GET / HTTP/1.1
Host: stjohnsatlanta.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Dec 2022 15:06:54 GMT
Server: Apache
Location: http://www.stjohnsatlanta.org/
Content-Length: 238
Keep-Alive: timeout=10, max=68
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 555d8608594803d49eeb9581c6b70702
d01e0201e0ba0cf751ef97226620338a853bc635
2885cdac311a30161a8ac9ef8e54c788afafd4f86ed197a651fc6d8bda077908
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2885CDAC311A30161A8AC9EF8E54C788AFAFD4F86ED197A651FC6D8BDA077908"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13413
Expires: Tue, 13 Dec 2022 18:50:27 GMT
Date: Tue, 13 Dec 2022 15:06:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 358212db02ecc7c1fa088906bd2dba14
091a0688da9de609d97349215ba9e452dfc346a4
7486e512e4de8172ac07f07f47da3a96dd3ac7cb054b335f3e4929261440e672
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7486E512E4DE8172AC07F07F47DA3A96DD3AC7CB054B335F3E4929261440E672"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4570
Expires: Tue, 13 Dec 2022 16:23:04 GMT
Date: Tue, 13 Dec 2022 15:06:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 13 Dec 2022 14:33:45 GMT
content-type: application/json
age: 1989
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d29881eeb0456eff8cf415ad2ce64ba0
e3cfdd5f56ff88066257ec8f4726f53e3a733bd3
2cd90072f113163f976ddb8bc7017884efd3f764e7e8961b04e3ba5ec0a17d85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CD90072F113163F976DDB8BC7017884EFD3F764E7E8961B04E3BA5EC0A17D85"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10899
Expires: Tue, 13 Dec 2022 18:08:33 GMT
Date: Tue, 13 Dec 2022 15:06:54 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LxHpdtJsPXAQYNbUtsmfqWackVHqIccblQ5Xyy5olnTA8yzD7DSxTKaRDa6yLiURfE91f6FISt8=
x-amz-request-id: V38TJG4VRRH7VNHE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 13 Dec 2022 14:50:06 GMT
age: 1008
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 15:06:54 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 13 Dec 2022 14:33:17 GMT
age: 2018
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.stjohnsatlanta.org/
200 OK 11 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3158), with CRLF, LF line terminators
Hash 0308152f639ff267dc24679273a16f84
475235c6229bcc0a79c04b808b80cabc14f443ef
60a2edec1e3c46906c2f169c1cad651d2cc2dd2ebd26b944bcd471f9ae740b64
GET / HTTP/1.1
Host: www.stjohnsatlanta.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 15:06:55 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.stjohnsatlanta.org
language=en; expires=Tue, 27-Dec-2022 15:06:55 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"31dbd009f1cca9ea6d816fb057f8e9b1-gzip"
Content-Encoding: gzip
X-Host: grn40.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 11417
Keep-Alive: timeout=10, max=67
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cdn2.editmysite.com/css/old/fancybox.css?1670599780
200 OK 1.2 kB URL HTTP/1.1 cdn2.editmysite.com/css/old/fancybox.css?1670599780
IP
File type ASCII text, with very long lines (3910)
Hash b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
GET /css/old/fancybox.css?1670599780 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1218
Server: nginx
Content-Type: text/css
Last-Modified: Fri, 09 Dec 2022 14:38:36 GMT
ETag: "6393486c-f47"
Expires: Fri, 23 Dec 2022 15:37:34 GMT
Cache-Control: max-age=1209600
X-Host: grn87.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 13 Dec 2022 15:06:55 GMT
Age: 343761
X-Served-By: cache-sjc10024-SJC, cache-bma1640-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 27
X-Timer: S1670944015.381376,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/css/old/slideshow/slideshow.css?1670599780
200 OK 1.5 kB URL HTTP/1.1 cdn2.editmysite.com/css/old/slideshow/slideshow.css?1670599780
IP
File type ASCII text, with very long lines (7352)
Hash ba9bbd4df86b5b255f5ef44658e52130
3970cecb6939475f95556c2d32d17de0d1645f32
244b7b062e6e558009c622e46008d5542604b9163315220199a2ac50868ff3e5
GET /css/old/slideshow/slideshow.css?1670599780 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1488
Server: nginx
Content-Type: text/css
Last-Modified: Fri, 09 Dec 2022 14:38:50 GMT
ETag: W/"6393487a-1cb9"
Expires: Fri, 23 Dec 2022 15:37:30 GMT
Cache-Control: max-age=1209600
X-Host: grn32.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 13 Dec 2022 15:06:55 GMT
Age: 343765
X-Served-By: cache-sjc10070-SJC, cache-bma1676-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 26, 2
X-Timer: S1670944015.388435,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/css/sites.css?buildTime=1670599780
200 OK 30 kB URL HTTP/1.1 cdn2.editmysite.com/css/sites.css?buildTime=1670599780
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
GET /css/sites.css?buildTime=1670599780 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 29746
Server: nginx
Content-Type: text/css
Last-Modified: Fri, 09 Dec 2022 14:38:31 GMT
ETag: W/"63934867-347ac"
Expires: Fri, 23 Dec 2022 15:37:26 GMT
Cache-Control: max-age=1209600
X-Host: blu119.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 13 Dec 2022 15:06:55 GMT
Age: 343769
X-Served-By: cache-sjc10072-SJC, cache-bma1669-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 11, 399
X-Timer: S1670944015.377846,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/fonts/Playfair_Display/font.css?2
200 OK 332 B URL HTTP/1.1 cdn2.editmysite.com/fonts/Playfair_Display/font.css?2
IP
Hash d19ce27855300b97a4501c36fb6e1e0a
e7fd66d174d796dbe52e4fb2f22db19b575e5702
f75c76daf4f88f3977cd0f6cff4ad2897497d71349cbf3c8e1e610d4bbcdab0d
GET /fonts/Playfair_Display/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 332
Server: nginx
Content-Type: text/css
Last-Modified: Thu, 01 Dec 2022 15:08:26 GMT
ETag: "6388c36a-6da"
Expires: Thu, 15 Dec 2022 18:07:15 GMT
Cache-Control: max-age=1209600
X-Host: grn78.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 13 Dec 2022 15:06:55 GMT
Age: 1025979
X-Served-By: cache-sjc10078-SJC, cache-bma1640-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 27, 2
X-Timer: S1670944015.398293,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/fonts/Open_Sans/font.css?2
200 OK 367 B URL HTTP/2 cdn2.editmysite.com/fonts/Open_Sans/font.css?2
IP
Hash 52e94ffb1c814650bab35433c3034ac7
b42d636ac9b71805f751612208ddb34e93a6538d
fe0f821828a4b146e9b0aba7f9a4956a0caa14a2ac72541ced5ee1d2ed376462
GET /fonts/Open_Sans/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Thu, 01 Dec 2022 15:08:26 GMT
etag: "6388c36a-a2a"
expires: Mon, 19 Dec 2022 12:08:38 GMT
cache-control: max-age=1209600
x-host: grn110.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Dec 2022 15:06:55 GMT
age: 701896
x-served-by: cache-sjc10081-SJC, cache-bma1649-BMA
x-cache: HIT, HIT
x-cache-hits: 637, 153
x-timer: S1670944015.408072,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 367
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/site_membership.css?buildTime=1670599780
200 OK 11 kB URL HTTP/1.1 cdn2.editmysite.com/css/site_membership.css?buildTime=1670599780
IP
File type Unicode text, UTF-8 text, with very long lines (65460), with no line terminators
Hash 2c6df0e79227a7b5092ea87ec3e02e26
fbffc930ad527fdc1fa712bd4986d98ed29467bb
b948bc1c5c741e8d4ba78a9334e5be9d1d503492b4e6c2ea2c8dc23470104373
GET /css/site_membership.css?buildTime=1670599780 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 10785
Server: nginx
Content-Type: text/css
Last-Modified: Fri, 09 Dec 2022 14:38:30 GMT
ETag: W/"63934866-12199"
Expires: Fri, 23 Dec 2022 15:37:26 GMT
Cache-Control: max-age=1209600
X-Host: grn47.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 13 Dec 2022 15:06:55 GMT
Age: 343770
X-Served-By: cache-sjc10078-SJC, cache-bma1676-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 69, 1
X-Timer: S1670944015.407022,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1670599780&
200 OK 33 kB URL HTTP/1.1 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1670599780&
IP
File type ASCII text, with very long lines (65024)
Hash 58a9c1c02a5743ff2107715d041d28b7
619d9394e8b3afce9f9cc066b924ddb5d3265265
98b8090e2292b69bb8ad0ef4082f55458b891130ee6b3d9c6fce5075eec64dbf
GET /js/lang/en/stl.js?buildTime=1670599780& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 32800
Server: nginx
Content-Type: application/javascript
Last-Modified: Fri, 09 Dec 2022 14:37:27 GMT
ETag: "63934827-2c22a"
Expires: Fri, 23 Dec 2022 15:37:26 GMT
Cache-Control: max-age=1209600
X-Host: grn135.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 13 Dec 2022 15:06:55 GMT
Age: 343769
X-Served-By: cache-sjc10066-SJC, cache-bma1669-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 53, 247
X-Timer: S1670944015.411387,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/js/jquery-1.8.3.min.js
200 OK 34 kB URL HTTP/2 cdn2.editmysite.com/js/jquery-1.8.3.min.js
IP
File type ASCII text, with very long lines (65483)
Hash 67a5a77f65f13559b3d723829f2e0108
5e861ec7c2993abffc3591d6132c47bc7cdc3e98
ac4ffabaed7382810a3829d812e1a45c77984a1dbfaf7d172c8bc19b3cf68ca6
GET /js/jquery-1.8.3.min.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 20:15:51 GMT
etag: "63866877-16dc4"
expires: Tue, 13 Dec 2022 23:08:14 GMT
cache-control: max-age=1209600
x-host: grn99.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Dec 2022 15:06:55 GMT
age: 1180721
x-served-by: cache-sjc10032-SJC, cache-bma1649-BMA
x-cache: HIT, HIT
x-cache-hits: 84, 7008
x-timer: S1670944015.422999,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33467
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main-membership-site.js?buildTime=1670599780
200 OK 27 kB URL HTTP/1.1 cdn2.editmysite.com/js/site/main-membership-site.js?buildTime=1670599780
IP
File type ASCII text, with very long lines (32007)
Hash bfef4e8e43513f50fec5f5089fecb596
d5d4682830e6b4e411808f3858d00327c4f3f289
5e25e899214cefcbab913246dcaef601475e142ac7d3ffc785f44b991f543fce
GET /js/site/main-membership-site.js?buildTime=1670599780 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 27201
Server: nginx
Content-Type: application/javascript
Last-Modified: Fri, 09 Dec 2022 14:38:55 GMT
ETag: "6393487f-19348"
Expires: Fri, 23 Dec 2022 15:37:27 GMT
Cache-Control: max-age=1209600
X-Host: grn50.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 13 Dec 2022 15:06:55 GMT
Age: 343767
X-Served-By: cache-sjc10077-SJC, cache-bma1676-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 46, 1
X-Timer: S1670944015.423905,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/js/old/slideshow-jq.js?buildTime=1670599780
200 OK 13 kB URL HTTP/1.1 cdn2.editmysite.com/js/old/slideshow-jq.js?buildTime=1670599780
IP
File type ASCII text, with very long lines (32013)
Hash da04d4da36c827437eb064334cf40561
b54b259c2dce4a00e265deddf2ee0941dda6ed40
0064ed54b2f6244cda5252037026ceb744b58067811265aa1a10c3f7cd937b3a
GET /js/old/slideshow-jq.js?buildTime=1670599780 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 13265
Server: nginx
Content-Type: application/javascript
Last-Modified: Fri, 09 Dec 2022 14:38:55 GMT
ETag: "6393487f-9e0b"
Expires: Fri, 23 Dec 2022 15:37:30 GMT
Cache-Control: max-age=1209600
X-Host: blu77.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 13 Dec 2022 15:06:55 GMT
Age: 343764
X-Served-By: cache-sjc10027-SJC, cache-bma1669-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 31, 3
X-Timer: S1670944015.452976,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/fonts/Arvo/font.css?2
200 OK 325 B URL HTTP/1.1 cdn2.editmysite.com/fonts/Arvo/font.css?2
IP
Hash 83a7cdb9d22861ab84e2f0a53aff32df
0eba35566f37962a5b4b6d114bda54c7e5eaf3ce
5312367edd8e82bac34fe3b0a39edc98a638c4ec0c6f5d12933728a50a6ecfc3
GET /fonts/Arvo/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 325
Server: nginx
Content-Type: text/css
Last-Modified: Thu, 01 Dec 2022 15:08:25 GMT
ETag: "6388c369-6aa"
Expires: Fri, 16 Dec 2022 20:30:08 GMT
Cache-Control: max-age=1209600
X-Host: grn68.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 13 Dec 2022 15:06:55 GMT
Age: 931007
X-Served-By: cache-sjc10037-SJC, cache-bma1681-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 30, 1
X-Timer: S1670944015.381837,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/js/site/main.js?buildTime=1670599780
200 OK 0 B URL HTTP/1.1 cdn2.editmysite.com/js/site/main.js?buildTime=1670599780
IP
GET /js/site/main.js?buildTime=1670599780 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 146400
Server: nginx
Content-Type: application/javascript
Last-Modified: Fri, 09 Dec 2022 14:38:55 GMT
ETag: "6393487f-74804"
Expires: Fri, 23 Dec 2022 15:37:26 GMT
Cache-Control: max-age=1209600
X-Host: grn42.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 13 Dec 2022 15:06:55 GMT
Age: 343769
X-Served-By: cache-sjc10066-SJC, cache-bma1640-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 22, 1
X-Timer: S1670944015.421131,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ocsp.digicert.com/
200 OK 471 B IP
Hash de9e80c3bbe25e8623562110be8b8c9c
013f87db47c4ce3daf3380bc5e0ac3b1b496fe6f
792d587777c03d661a39a0593b71b3ec7611cb6e9d7a834bc79f28e6ace19692
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 255
Cache-Control: max-age=151452
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:06:55 GMT
Etag: "639840ac-1d7"
Expires: Thu, 15 Dec 2022 09:11:07 GMT
Last-Modified: Tue, 13 Dec 2022 09:06:52 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP
Hash 7d940440f923c838887a6fa8641ec34d
791af7b7d555cb6a0730f336771917821247f841
40d0997cfe13ae92532ab525479121036ad40981a5665ac8ed98c5777127b5cc
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 15:06:55 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "71CCE403BCFF26C7AE03E8066AF01C2DD7035C48"
Expires: Wed, 14 Dec 2022 02:00:00 GMT
Last-Modified: Tue, 13 Dec 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 946
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 778f9b40e92d1c16-OSL
www.stjohnsatlanta.org/files/main_style.css?1670611068
200 OK 2.5 kB URL HTTP/1.1 www.stjohnsatlanta.org/files/main_style.css?1670611068
IP
File type ASCII text, with very long lines (347)
Hash 9d0aec153ce7392db8b6611043939147
fd0c3990c4bf522bb5479bb84b1d98dc38477ea1
8c7d4bfb9e440bae87f2460f14836399be22d0a522ad5e95496a72d564bdbdf8
GET /files/main_style.css?1670611068 HTTP/1.1
Host: www.stjohnsatlanta.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 15:06:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu61.sf2p.intern.weebly.net
Content-Encoding: gzip
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1670599780
200 OK 159 kB URL HTTP/1.1 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1670599780
IP
File type ASCII text, with very long lines (32007)
Size 159 kB (158973 bytes)
Hash 89fb93f3b911a60f91bc7f4063777a8f
fed88e48664b4e6b90df231038a205abc11d30b1
966b66e4bf0e1aaac8947bc61bd432e5c194936ddebed90fabefb88286db8a12
GET /js/site/main-customer-accounts-site.js?buildTime=1670599780 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 158973
Server: nginx
Content-Type: application/javascript
Last-Modified: Fri, 09 Dec 2022 14:38:55 GMT
ETag: "6393487f-82588"
Expires: Fri, 23 Dec 2022 15:37:26 GMT
Cache-Control: max-age=1209600
X-Host: grn135.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 13 Dec 2022 15:06:55 GMT
Age: 343769
X-Served-By: cache-sjc10069-SJC, cache-bma1676-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 19, 1
X-Timer: S1670944015.464246,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
www.stjohnsatlanta.org/files/templateArtifacts.js?1670611068
200 OK 3.2 kB URL HTTP/1.1 www.stjohnsatlanta.org/files/templateArtifacts.js?1670611068
IP
File type HTML document, ASCII text, with very long lines (2943)
Hash 42d7de4855289978ab87af4c84606fab
ea27ac7eee05428080b9fad15ebe0db1024b9b58
a2a58642519c93a10f937d8a84549395361d8db1239be8bbd67532c57fe28aa9
GET /files/templateArtifacts.js?1670611068 HTTP/1.1
Host: www.stjohnsatlanta.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 15:06:55 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu68.sf2p.intern.weebly.net
Content-Encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: v2OjYyTYzwapN5B5EFatSg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IswAjYywOpJeV1pRBH/SKzjJRoE=
cdn.popcash.net/show.js
200 OK 36 kB IP
File type ASCII text, with very long lines (65387)
Hash 7b2b067b5fc3400a59c7cb6db214b1f1
ea3773766eb740dfa0214d0794982ed5d7781c35
6f11855d690e159cc8b68eff6a579eb47a3568cc4df0e5460100ae2eea25238a
GET /show.js HTTP/1.1
Host: cdn.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 15:06:55 GMT
Content-Encoding: gzip
Content-Type: application/javascript
Last-Modified: Wed, 02 Nov 2022 15:55:59 GMT
Accept-Ranges: bytes
ETag: W/"6362930f-1b189"
Cache-Control: max-age=2592000, public
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABtvA0jKD%2B2z3ym8TdVeeGXEG5W0bRseM23eDbneCFZg5LNpaLJfiOxMl9TLVZztLfweKAwyZIbewmhu%2FCecoZs8M9dUs8oghx1hlkp8fb9hW90%2B7TdDMvNpKCkK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7723563a9ef7b837-AMS
Vary: Accept-Encoding
X-HW: 1670944015.cds256.sk1.h2,1670944015.cds024.sk1.c
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 35574
cdn2.editmysite.com/fonts/Arvo/regular.woff2
200 OK 17 kB URL HTTP/1.1 cdn2.editmysite.com/fonts/Arvo/regular.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 17300, version 1.0\012- data
Hash 2bb7eeed159db804f2e7a9ca64871661
d4aa569d336599b0c8a61ddbc2f5151627d0dbe1
6a444f75e21c8b900953619df3cbc2ecf9e2227416e07d774709adf722bcb415
GET /fonts/Arvo/regular.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.stjohnsatlanta.org
Connection: keep-alive
Referer: http://cdn2.editmysite.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17300
Server: nginx
Content-Type: font/woff2
Last-Modified: Thu, 01 Dec 2022 15:08:25 GMT
ETag: "6388c369-4394"
Expires: Tue, 20 Dec 2022 08:19:22 GMT
Cache-Control: max-age=1209600
X-Host: blu34.sf2p.intern.weebly.net
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 13 Dec 2022 15:06:55 GMT
Age: 629254
X-Served-By: cache-sjc10053-SJC, cache-bma1673-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 58, 1
X-Timer: S1670944016.857678,VS0,VE1
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
www.stjohnsatlanta.org/uploads/2/1/8/1/21816954/published/elca-4c-full.png?1669575854
200 OK 8.6 kB URL HTTP/1.1 www.stjohnsatlanta.org/uploads/2/1/8/1/21816954/published/elca-4c-full.png?1669575854
IP
File type PNG image data, 156 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash f7300bb56d04e9d5f87958baba29e6ab
3c53eb977a2dfc83292b12e67e4c89d89e1c900d
cbca11e43edb818e3379e0b061e3de07dfec6c771bd8be2ac39bcc488b7012cd
GET /uploads/2/1/8/1/21816954/published/elca-4c-full.png?1669575854 HTTP/1.1
Host: www.stjohnsatlanta.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 15:06:55 GMT
Content-Type: image/png
Content-Length: 8569
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 19:04:14 GMT
x-rgw-object-type: Normal
ETag: "f7300bb56d04e9d5f87958baba29e6ab"
x-amz-request-id: tx00000000000003b840e65-006383ba60-c699baa-sfo1
X-Storage-Bucket: zcbca
X-Storage-Object: cbca11e43edb818e3379e0b061e3de07dfec6c771bd8be2ac39bcc488b7012cd
X-Host: blu149.sf2p.intern.weebly.net
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8bc1b4db769ee14aba872f3f93af10b1
f24c742805ff56d77d50924d60dabd2b6750c46e
35e6181045327df4b97bddff70ea1f9510e03d6896213b5f8473d8da771b15f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:06:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
circuitingratitude.com/666eb07de8c220b90617a5a0bd58392c/invoke.js?1670486484
200 OK 9.3 kB URL HTTP/1.1 circuitingratitude.com/666eb07de8c220b90617a5a0bd58392c/invoke.js?1670486484
IP
File type Unicode text, UTF-8 text, with very long lines (25158), with no line terminators
Hash c39c49ca67416e4e0a490954c614fbd7
f40887c9beec60c0542ae0e677e0fb07f7a95124
6dbdbf1396d285e2f7ceda401909baada34aaf5e2335d966e8142cbcce4664b2
Analyzer Verdict Alert quad9 Sinkholed
GET /666eb07de8c220b90617a5a0bd58392c/invoke.js?1670486484 HTTP/1.1
Host: circuitingratitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 13 Dec 2022 15:06:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fcc978b90a7e69056d6a5db504ec198c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
maps.google.com/maps?ie=UTF8&q=St.+John%27s+Lutheran+Church&fb=1&gl=us&hq=st+john%27s+lutheran+church&hnear=0x88f5045d6993098d:0x66fede2f990b630b,Atlanta,+GA&cid=0,0,12926365246070293213&t=m&ll=33.779005,-84.341011&spn=0.014268,0.025749&z=15&iwloc=A&output=embed
301 Moved Permanently 402 B URL HTTP/2 maps.google.com/maps?ie=UTF8&q=St.+John%27s+Lutheran+Church&fb=1&gl=us&hq=st+john%27s+lutheran+church&hnear=0x88f5045d6993098d:0x66fede2f990b630b,Atlanta,+GA&cid=0,0,12926365246070293213&t=m&ll=33.779005,-84.341011&spn=0.014268,0.025749&z=15&iwloc=A&output=embed
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 3fdde4d35c8dc95e6cbc8cb8a3e2dd08
4543573c51cc414ebc3c36174e32724c4a21bdb7
90dd140feae8ac23deaf077a8f106f9d525448332b9383b0454fe188b8ddc905
GET /maps?ie=UTF8&q=St.+John%27s+Lutheran+Church&fb=1&gl=us&hq=st+john%27s+lutheran+church&hnear=0x88f5045d6993098d:0x66fede2f990b630b,Atlanta,+GA&cid=0,0,12926365246070293213&t=m&ll=33.779005,-84.341011&spn=0.014268,0.025749&z=15&iwloc=A&output=embed HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 13 Dec 2022 15:06:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m15!1m8!1m3!1d13265.16016685833!2d-84.341011!3d33.779005!3m2!1i1024!2i768!4f13.1!3m3!1m2!2sSt.+John%27s+Lutheran+Church!4s12926365246070293213!5e0!6i15
content-type: text/html; charset=UTF-8
server: mafe
content-length: 402
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8bc1b4db769ee14aba872f3f93af10b1
f24c742805ff56d77d50924d60dabd2b6750c46e
35e6181045327df4b97bddff70ea1f9510e03d6896213b5f8473d8da771b15f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:06:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b9649509b14db5a889641078ccb05066
92c2224c6a970bf397d23a2fd37de759f74dd46c
6e7d750905e29196f6246744bb30b0ab0c5baa4a3909db5fabad7809b58aa825
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:06:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
circuitingratitude.com/73/6f/42/736f429aa1eba40eba1a6ff216f02d37.js?1670486484
200 OK 13 kB URL HTTP/1.1 circuitingratitude.com/73/6f/42/736f429aa1eba40eba1a6ff216f02d37.js?1670486484
IP
File type ASCII text, with very long lines (37134), with no line terminators
Hash daab05304c47cc717a4eb5e4416895cd
7cde9d6565acc9f518ef4722be515bcd81313401
ebe3f0393b9ea730526913d88833c88012e0b39cfab529d3e7dfad5f647c708d
Analyzer Verdict Alert quad9 Sinkholed
GET /73/6f/42/736f429aa1eba40eba1a6ff216f02d37.js?1670486484 HTTP/1.1
Host: circuitingratitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 13 Dec 2022 15:06:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ea22d719ec24ffb38a317c4501d24dc7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
player.vimeo.com/video/431483438
200 OK 6.0 kB URL HTTP/1.1 player.vimeo.com/video/431483438
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (19010), with no line terminators
Hash 9829776833e3fa3f69394426fa9b643a
7e2d26fb2e6eb0861d6568f52b4831605e6011db
613a6bc1fc932dee2143c0ba009713972d3f36859e914e9ed50c8bdd00ff1d1d
GET /video/431483438 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 15:06:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Tue, 13 Dec 2022 15:15:36 GMT
x-host: player-66dc468f68-tssxl
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 1
x-vserver: playproxy-rollout-prod-varnish-3
x-backend-proxy: playproxy4
x-bapp-server: player-66dc468f68-tssxl
Age: 0
X-Served-By: cache-cph2320059-CPH
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1670944016.859498,VS0,VE135
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=WA7LWD9pXSoXXktSEZ36dP3vkZ496s_KdLkSbnpf1M4-1670944016-0-Ae4aJFkmGtt7yuSabrCS2kVyDkb2bFkg/yIH20SwMJz7pGnNaYxJi55nUKay806DqnsXjmrf4MjgzAuObxYb4iI=; path=/; expires=Tue, 13-Dec-22 15:36:56 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 778f9b430f90b523-OSL
Content-Encoding: gzip
www.stjohnsatlanta.org/files/theme/social-dark.png?1670611068
200 OK 6.5 kB URL HTTP/1.1 www.stjohnsatlanta.org/files/theme/social-dark.png?1670611068
IP
File type PNG image data, 253 x 69, 8-bit/color RGBA, non-interlaced\012- data
Hash 2db5898ddd56668bdfe84e1ac265fa76
c32e62df8ee92986c5449abbdb6fdb85b9278e74
72ebc2c9de0b4d9bf6086215e8a328ac6fd8e832fd4f572f01d733ddbff52de4
GET /files/theme/social-dark.png?1670611068 HTTP/1.1
Host: www.stjohnsatlanta.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/files/main_style.css?1670611068
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 15:06:55 GMT
Content-Type: image/png; charset=binary
Content-Length: 6499
Connection: keep-alive
Last-Modified: Thu, 07 May 2020 12:33:55 GMT
x-rgw-object-type: Normal
ETag: "2db5898ddd56668bdfe84e1ac265fa76"
x-amz-request-id: tx000000000000001202863-0061a7651a-a9f6a62-sfo1
X-Storage-Bucket: z72eb
X-Storage-Object: 72ebc2c9de0b4d9bf6086215e8a328ac6fd8e832fd4f572f01d733ddbff52de4
X-Host: blu68.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.stjohnsatlanta.org/uploads/2/1/8/1/21816954/1380217307.png
200 OK 20 kB URL HTTP/1.1 www.stjohnsatlanta.org/uploads/2/1/8/1/21816954/1380217307.png
IP
File type PNG image data, 756 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c5eb5b8329f0f92315f5bc3b168cae9
7b289639bd24628a5de3ee8bfe216f46e13a065d
8eca32741e81793e795f5a04c4545df414e0592cf1a5314620c89a83eff8c04c
GET /uploads/2/1/8/1/21816954/1380217307.png HTTP/1.1
Host: www.stjohnsatlanta.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 15:06:55 GMT
Content-Type: image/png
Content-Length: 20303
Connection: keep-alive
Last-Modified: Tue, 05 Nov 2019 20:06:49 GMT
x-rgw-object-type: Normal
ETag: "6c5eb5b8329f0f92315f5bc3b168cae9"
x-amz-request-id: tx0000000000000458b1860-00639646ac-c67eadd-sfo1
X-Storage-Bucket: z8eca
X-Storage-Object: 8eca32741e81793e795f5a04c4545df414e0592cf1a5314620c89a83eff8c04c
X-Host: blu146.sf2p.intern.weebly.net
Accept-Ranges: bytes
cdn2.editmysite.com/js/wsnbn/snowday262.js
200 OK 26 kB URL HTTP/1.1 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP
File type ASCII text, with very long lines (2512)
Hash 234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 25752
Server: nginx
Content-Type: application/javascript
Last-Modified: Wed, 07 Dec 2022 20:12:37 GMT
ETag: "6390f3b5-124fe"
Expires: Thu, 22 Dec 2022 08:38:41 GMT
Cache-Control: max-age=1209600
X-Host: grn97.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 13 Dec 2022 15:06:56 GMT
Age: 455294
X-Served-By: cache-sjc10061-SJC, cache-bma1676-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 9, 4368
X-Timer: S1670944016.093073,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
www.google.com/recaptcha/api.js?_=1670944013972
200 OK 550 B URL HTTP/2 www.google.com/recaptcha/api.js?_=1670944013972
IP
File type ASCII text, with very long lines (850), with no line terminators
Hash 11c9486263c94b42961f4637ea6f5aa7
794311a15a4ee93e5aae80238e9e78669779c14b
60fc2ef436314dafe3ac532c1b2421764adfea6f5357ad329b816ffb5bb23a37
GET /recaptcha/api.js?_=1670944013972 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Tue, 13 Dec 2022 15:06:56 GMT
date: Tue, 13 Dec 2022 15:06:56 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 550
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn2.editmysite.com/images/old/slideshow/header_slideshow_sprites.png
200 OK 5.0 kB URL HTTP/1.1 cdn2.editmysite.com/images/old/slideshow/header_slideshow_sprites.png
IP
File type PNG image data, 160 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash aa6d5cfa876435350abf2d0e2ec00af8
4bac5772e8a47c2792cd3bf1eb74ac52eb4f1ad4
5c01cc377ba01abc9af884e5c4f4d5946eaf38a69b25dce4181a7cd0ad31d70d
GET /images/old/slideshow/header_slideshow_sprites.png HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn2.editmysite.com/css/old/slideshow/slideshow.css?1670599780
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 5023
X-GUploader-UploadID: ADPycdsyD30GPOfS1lqPVQvbnGLPWuuZ_lobCQXvZllzLazEtZMyEwl8RL49h2ONWMDAk4Wu2VDCDTEdxEbN01WEUyoUmA
Cache-Control: public, max-age=86400, s-maxage=259200
Expires: Fri, 14 Oct 2022 01:39:30 GMT
Last-Modified: Thu, 25 May 2017 18:53:08 GMT
ETag: "aa6d5cfa876435350abf2d0e2ec00af8"
x-goog-generation: 1495738388331322
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5023
Content-Type: image/png
x-goog-hash: crc32c=A5O6jw==, md5=qm1c+odkNTUKvy0OLsAK+A==
x-goog-storage-class: STANDARD
Server: UploadServer
Accept-Ranges: bytes
Date: Tue, 13 Dec 2022 15:06:56 GMT
Via: 1.1 varnish
Age: 32797
X-Served-By: cache-bma1676-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1670944016.143821,VS0,VE1
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/images/old/loading.gif
200 OK 3.0 kB URL HTTP/1.1 cdn2.editmysite.com/images/old/loading.gif
IP
File type GIF image data, version 89a, 30 x 30\012- data
Hash 0b0212ec4e07451700c88a335ebba854
e62e40bbd31145dc64c0a555991a5dc5696d1943
37f5bf015ade9651005d72bcfdbb48838014c1c357f848585df731bc7eaff120
GET /images/old/loading.gif HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn2.editmysite.com/css/old/slideshow/slideshow.css?1670599780
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2964
X-GUploader-UploadID: ADPycducMdWWPXXJMiNEYpt6yoeOvosCD6SmTTxRFSW9bghqzZJxsoV6UapBMYHrhV8AVkS_PAytcl1uIushc6lvZ8Xmbg
Cache-Control: public, max-age=86400, s-maxage=259200
Expires: Fri, 11 Nov 2022 01:42:41 GMT
Last-Modified: Thu, 25 May 2017 18:45:50 GMT
ETag: "0b0212ec4e07451700c88a335ebba854"
x-goog-generation: 1495737950396999
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2964
Content-Type: image/gif
x-goog-hash: crc32c=F+8alw==, md5=CwIS7E4HRRcAyIozXruoVA==
x-goog-storage-class: STANDARD
Server: UploadServer
Accept-Ranges: bytes
Date: Tue, 13 Dec 2022 15:06:56 GMT
Via: 1.1 varnish
Age: 220095
X-Served-By: cache-bma1640-BMA
X-Cache: HIT
X-Cache-Hits: 318
X-Timer: S1670944016.156595,VS0,VE0
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
www.stjohnsatlanta.org/files/theme/searchForm-bg.png?1670611068
200 OK 1.1 kB URL HTTP/1.1 www.stjohnsatlanta.org/files/theme/searchForm-bg.png?1670611068
IP
File type PNG image data, 206 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash a0533b4b543261d1f744bb7269b6dddb
313323c287f82f33951dea2becd6b739271d0a87
3a6052141785a3d0b6be6ea38240a2d416c41dee887b6e8dcfeea7022840bf9b
GET /files/theme/searchForm-bg.png?1670611068 HTTP/1.1
Host: www.stjohnsatlanta.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/files/main_style.css?1670611068
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 15:06:56 GMT
Content-Type: image/png
Content-Length: 1077
Connection: keep-alive
Last-Modified: Fri, 09 Aug 2019 15:17:31 GMT
x-rgw-object-type: Normal
ETag: "a0533b4b543261d1f744bb7269b6dddb"
x-amz-request-id: tx0000000000000213344d7-0062f59e7f-c03521c-sfo1
X-Storage-Bucket: z3a60
X-Storage-Object: 3a6052141785a3d0b6be6ea38240a2d416c41dee887b6e8dcfeea7022840bf9b
X-Host: grn62.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.stjohnsatlanta.org/files/theme/field.png?1670611068
200 OK 149 B URL HTTP/1.1 www.stjohnsatlanta.org/files/theme/field.png?1670611068
IP
File type PNG image data, 5 x 20, 8-bit/color RGB, non-interlaced\012- data
Hash 75ca98a284650ab482c9256e5609e371
6325c898af731351d7aaf12124a720ac34349514
1f98bbb606dcf5955bccbeea4efc4ca681d573c1945a8d580f984b0c3c678808
GET /files/theme/field.png?1670611068 HTTP/1.1
Host: www.stjohnsatlanta.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/files/main_style.css?1670611068
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 15:06:56 GMT
Content-Type: image/png; charset=binary
Content-Length: 149
Connection: keep-alive
Last-Modified: Thu, 16 Apr 2020 00:23:32 GMT
x-rgw-object-type: Normal
ETag: "75ca98a284650ab482c9256e5609e371"
x-amz-request-id: tx000000000000001b05a35-0062847d57-b9fbc77-sfo1
X-Storage-Bucket: z1f98
X-Storage-Object: 1f98bbb606dcf5955bccbeea4efc4ca681d573c1945a8d580f984b0c3c678808
X-Host: blu81.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.stjohnsatlanta.org/files/theme/button.png?1670611068
200 OK 2.3 kB URL HTTP/1.1 www.stjohnsatlanta.org/files/theme/button.png?1670611068
IP
File type PNG image data, 400 x 209, 8-bit/color RGBA, non-interlaced\012- data
Hash 436be5534ee8f4f076e8ae5d07bc241a
d1ad66fdcad3a6891a955eb0f776ed980ae4d2d5
6a238a35c6caa95e6f9301f2416795653ab055eb816c9345b4f099bae32f76a5
GET /files/theme/button.png?1670611068 HTTP/1.1
Host: www.stjohnsatlanta.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/files/main_style.css?1670611068
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 15:06:56 GMT
Content-Type: image/png
Content-Length: 2304
Connection: keep-alive
Last-Modified: Fri, 09 Aug 2019 15:17:34 GMT
x-rgw-object-type: Normal
ETag: "436be5534ee8f4f076e8ae5d07bc241a"
x-amz-request-id: tx00000000000001cd151f2-00634fd354-c699baa-sfo1
X-Storage-Bucket: z6a23
X-Storage-Object: 6a238a35c6caa95e6f9301f2416795653ab055eb816c9345b4f099bae32f76a5
X-Host: blu84.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.google.com/maps/embed?origin=mfe&pb=!1m15!1m8!1m3!1d13265.16016685833!2d-84.341011!3d33.779005!3m2!1i1024!2i768!4f13.1!3m3!1m2!2sSt.+John%27s+Lutheran+Church!4s12926365246070293213!5e0!6i15
200 OK 1.5 kB URL HTTP/2 www.google.com/maps/embed?origin=mfe&pb=!1m15!1m8!1m3!1d13265.16016685833!2d-84.341011!3d33.779005!3m2!1i1024!2i768!4f13.1!3m3!1m2!2sSt.+John%27s+Lutheran+Church!4s12926365246070293213!5e0!6i15
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2730)
Hash 974e0d4e79e94bb823cbb4d4c7ef6366
15d6223b5f6ecb97be060857cc9122fed2e57d5e
3ba3299e1edcbc70c94c4ccb7028b9d51ea62f603b20d82b94d95baac6d67b43
GET /maps/embed?origin=mfe&pb=!1m15!1m8!1m3!1d13265.16016685833!2d-84.341011!3d33.779005!3m2!1i1024!2i768!4f13.1!3m3!1m2!2sSt.+John%27s+Lutheran+Church!4s12926365246070293213!5e0!6i15 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.stjohnsatlanta.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Tue, 13 Dec 2022 15:06:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-BBvyGQrAY52HjqjhJljt3A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1481
x-xss-protection: 0
server-timing: gfet4t7; dur=187
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
player.vimeo.com/video/439797353?title=0&byline=0&portrait=0
200 OK 6.3 kB URL HTTP/1.1 player.vimeo.com/video/439797353?title=0&byline=0&portrait=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (20102), with no line terminators
Hash ea70c8ef485a0ca4c7b21dddf9c2ab04
81e40f7dd4ca0dce431b8b1ef4cbd6fed3f024ad
a0056259f66c54b9b0f7890e54c33e7d6de421def25c8e96d52f4f671993846b
GET /video/439797353?title=0&byline=0&portrait=0 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 15:06:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Tue, 13 Dec 2022 15:16:56 GMT
x-host: player-66dc468f68-lcgzn
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-test-varnish-0
x-backend-proxy: playproxy31
x-bapp-server: player-66dc468f68-lcgzn
Age: 0
X-Served-By: cache-cph2320024-CPH
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1670944016.856351,VS0,VE336
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=Z3PfcexhhqO_y_u4vF_T7B17gKR20IM3th.mCeJXAK8-1670944016-0-AYwfEvnOnbsSeRnYv/AvuW1lwStYrp1nZFAKtFbTnORnbVlaBaX6Q6nx0KgSBeqxajkx6oXIagURqbWQL70iZAQ=; path=/; expires=Tue, 13-Dec-22 15:36:56 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 778f9b4309eab4f9-OSL
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 801b52658938119bb773ea1d481b7169
27ed326f27fb206bc72eab314b30d5d7278287b4
18d23851bc0a71f081554f04b8efd395cad0dbc5c1cd19a11add68b9a6991777
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171857
Date: Tue, 13 Dec 2022 15:06:56 GMT
Etag: "63987e9d-1d7"
Expires: Thu, 15 Dec 2022 14:51:13 GMT
Last-Modified: Tue, 13 Dec 2022 13:31:09 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jOVzRXKv83hfQCL1gucgZhUC0dcVuS-vl1A26URPZloYtP29ANKLEw==
Age: 4804
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 2957a2fa452106e9c7ff4ae4c1e2b516
30a76778a89385ebe83e5b5790b1c29d8575fa89
75d02530f9a0d80e4102d01201aebdb5d250d9296fa90790486e6bb8394ba5f2
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.stjohnsatlanta.org
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:06:56 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.stjohnsatlanta.org
access-control-allow-credentials: true
set-cookie: uid_id2=88ee0864-92ac-458c-895c-7d345be20aed:3:1; expires=Fri, 10 Dec 2032 15:06:56 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.15.4/css/player.css
200 OK 21 kB URL HTTP/2 f.vimeocdn.com/p/4.15.4/css/player.css
IP
File type ASCII text, with very long lines (65495)
Hash b5e8483e86ed2be8517cc067ddf6cbfa
c2f3fa0771a464193bcb343e36eace61c4dae5f6
2293baa4547b8c3ea2d2bc74ebad4097c6bbf6be19278b5f70b2ddd6a51c99c8
GET /p/4.15.4/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Dec 2022 15:06:56 GMT
age: 64570
x-served-by: cache-iad-kcgs7200143-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 4, 15492
x-timer: S1670944016.254801,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 21263
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:06:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash cb1c7fb67b2b16622526b64e96dc5ba7
4fdf088de7b591e7dcf46b86a44defb3432cd786
94660fd13ead462adf2d39b830ae41fc429f407dbb2ac0d68311d77abd9261ed
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.stjohnsatlanta.org
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:06:56 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.stjohnsatlanta.org
access-control-allow-credentials: true
set-cookie: uid_id2=7f451870-86de-4222-8b43-8e3bf4543426:3:1; expires=Fri, 10 Dec 2032 15:06:56 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad
200 OK 57 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad
IP
File type ASCII text, with very long lines (2469)
Hash 633fb21790678f0d0852eb13d05cc128
dcbcd08dd9cc3c3a92d9748518ae1711a4f674d7
2abc553034f8ecc48ccb6a73c0f44db96f6a67cea2f5327e8e6498b06eeadae7
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56721
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=15
date: Tue, 13 Dec 2022 15:05:47 GMT
expires: Tue, 13 Dec 2022 15:35:47 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 69
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.15.4/js/player.module.js
200 OK 117 kB URL HTTP/2 f.vimeocdn.com/p/4.15.4/js/player.module.js
IP
File type Unicode text, UTF-8 text, with very long lines (65445)
Size 117 kB (116722 bytes)
Hash 2260b023e9f3c2d4f6c3f61fb64c54b8
8f524a6293a6a91dafd7fddfa1e52a3271d43fa0
e60c8ca8ec1431acf0995bb70c36fbf79518ac79d73780591558ef53f1781365
GET /p/4.15.4/js/player.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Dec 2022 15:06:56 GMT
age: 64570
x-served-by: cache-iad-kcgs7200109-IAD, cache-bma1652-BMA
x-cache: HIT, HIT
x-cache-hits: 5, 11544
x-timer: S1670944016.285153,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 116722
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:06:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash 86672b105a690b48933c711e3ea7cb58
2810b44cdebd6b548bf03faa31acd077797c5ae8
b48abbd4b82f7ac863464f899c6c3f161ba55427b6d1a91f43956b0748e641c5
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Sat, 17 Dec 2022 13:58:22 GMT
ETag: "2810b44cdebd6b548bf03faa31acd077797c5ae8"
Last-Modified: Tue, 13 Dec 2022 13:58:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 13 Dec 2022 15:06:56 GMT
Age: 335
X-Served-By: cache-qpg1266-QPG, cache-bma1621-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1670944016.175710,VS0,VE185
friendshipmale.com/sfp.js
200 OK 28 kB URL HTTP/1.1 friendshipmale.com/sfp.js
IP
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 15:06:56 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: b015b250a2ebe861cd011f87e9ffc83d
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Tue, 13 Dec 2022 15:06:56 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2qZq4RlVam8cIGD0c9EXfnEEcpDBRtcJGpE4a4%2B11I1pUDGI1MqGxfu9q3HKIUW7w2v4LOOSEoItsKxAkD7xYHMHOU08Bk21PeAZK1INoIZJh2Vr%2Fnj48C2rAM%2BAxnKNKvkvSw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 778f9b4458de76d8-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
i.vimeocdn.com/video/912765004-58db1da0980fdb65d0e0dee5a548ce17dcecbdb72c7182d0bf1d00ceeaa6c796-d.jpg?mw=80&q=85
200 OK 1.9 kB URL HTTP/2 i.vimeocdn.com/video/912765004-58db1da0980fdb65d0e0dee5a548ce17dcecbdb72c7182d0bf1d00ceeaa6c796-d.jpg?mw=80&q=85
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x45, components 3\012- data
Hash bf6ca2bccc2b080da62b8e8d26b411a4
be1ed911e4b538540ea393d716c9e57bc0ce5348
bb99fd9f06fc7d64964d411d37dd5a8c955ef7888f967eae065b3b212f6dacf0
GET /video/912765004-58db1da0980fdb65d0e0dee5a548ce17dcecbdb72c7182d0bf1d00ceeaa6c796-d.jpg?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
etag: bf6ca2bccc2b080da62b8e8d26b411a4
x-viewmaster-lossless-format: lossy
viewmaster-server: viewmaster-us-central1-m2v9
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Tue, 13 Dec 2022 15:06:56 GMT
age: 334382
x-served-by: cache-dfw-kdfw8210025-DFW, cache-bma1622-BMA
x-cache: miss, HIT, MISS
x-cache-hits: 21, 0
x-timer: S1670944016.269130,VS0,VE135
content-length: 1878
X-Firefox-Spdy: h2
i.vimeocdn.com/video/926828490-0e76fc3256976def6e4cc401f6d703797eef76af1043bf4ab6a20699a6856742-d.jpg?mw=80&q=85
200 OK 1.3 kB URL HTTP/2 i.vimeocdn.com/video/926828490-0e76fc3256976def6e4cc401f6d703797eef76af1043bf4ab6a20699a6856742-d.jpg?mw=80&q=85
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x45, components 3\012- data
Hash 4f0031a475d43cb5b60cd594559e5ef7
31cbef1f523fbcaf35b45d9cef137f87e25645ce
63403618d0b35de8ece24a884c5b4ea6da92e9a62bef13c7fa3abdb1f6e778c5
GET /video/926828490-0e76fc3256976def6e4cc401f6d703797eef76af1043bf4ab6a20699a6856742-d.jpg?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
etag: 4f0031a475d43cb5b60cd594559e5ef7
x-viewmaster-lossless-format: lossy
viewmaster-server: viewmaster-us-central1-gz5x
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Tue, 13 Dec 2022 15:06:56 GMT
age: 254626
x-served-by: cache-dfw-kdfw8210121-DFW, cache-bma1622-BMA
x-cache: miss, HIT, MISS
x-cache-hits: 19, 0
x-timer: S1670944016.300152,VS0,VE120
content-length: 1284
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6668df18d0e067cb9d2cdb88facba6a9
8dca458501ed32e2b530d729817e0a12910145ec
8fa090fc36252b04f278f812a6b4f286dc672bbfb6db1402ac814f4f9723f5fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:06:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
f.vimeocdn.com/p/4.15.4/js/vendor.module.js
200 OK 113 kB URL HTTP/2 f.vimeocdn.com/p/4.15.4/js/vendor.module.js
IP
File type ASCII text, with very long lines (65457)
Size 113 kB (112763 bytes)
Hash a47137fa94d4be65397921c6e8367081
aaf1ccc08cb0d682212dc5e871844ec2bd90887e
2cab313ce46b39090994156443d7d6aab58bdec340455fbca1d2fa1bbdd5c5b4
GET /p/4.15.4/js/vendor.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Dec 2022 15:06:56 GMT
age: 64570
x-served-by: cache-iad-kcgs7200102-IAD, cache-bma1652-BMA
x-cache: HIT, HIT
x-cache-hits: 4, 14468
x-timer: S1670944016.450211,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 112763
X-Firefox-Spdy: h2
dcba.popcash.net/znWaa3gu
204 No Content 0 B URL HTTP/2 dcba.popcash.net/znWaa3gu
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /znWaa3gu HTTP/1.1
Host: dcba.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.stjohnsatlanta.org
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 13 Dec 2022 15:06:56 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
X-Firefox-Spdy: h2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
200 OK 0 B URL HTTP/1.1 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www.stjohnsatlanta.org/
Origin: http://www.stjohnsatlanta.org
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 15:06:56 GMT
Content-Length: 0
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: http://www.stjohnsatlanta.org
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, SP-Anonymous
Access-Control-Max-Age: 600
f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
200 OK 997 B URL HTTP/2 f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
IP
File type ASCII text, with very long lines (1839)
Hash b81408535edef4b73951fa7683a0ecb4
2be1041a686c8d5130ce96600bc7ec68538b4cd9
7b68a0f94a2376708329d7fabc0000c92eb45755267bde5dc8983184b77f3ec7
GET /js_opt/modules/utils/vuid.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Dec 2022 15:06:56 GMT
age: 2152178
x-served-by: cache-iad-kiad7000106-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 30, 168938
x-timer: S1670944017.605493,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 997
X-Firefox-Spdy: h2
www.stjohnsatlanta.org/uploads/2/1/8/1/21816954/published/blm-banner-2.jpg
200 OK 114 kB URL HTTP/1.1 www.stjohnsatlanta.org/uploads/2/1/8/1/21816954/published/blm-banner-2.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1156x312, components 3\012- data
Size 114 kB (113948 bytes)
Hash 88d658ba0d172bd92d726685cf6f3744
31b4835f90073002d029c333ba5b646976dfe9c4
371531f57a27f60e93864f735df76ec7dd21b428187440c6a04e382638e12ffa
GET /uploads/2/1/8/1/21816954/published/blm-banner-2.jpg HTTP/1.1
Host: www.stjohnsatlanta.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 15:06:56 GMT
Content-Type: image/jpeg
Content-Length: 113948
Connection: keep-alive
Last-Modified: Sun, 21 Jun 2020 18:00:35 GMT
x-rgw-object-type: Normal
ETag: "88d658ba0d172bd92d726685cf6f3744"
x-amz-request-id: tx0000000000000421b507f-00638ea633-c699baa-sfo1
X-Storage-Bucket: z3715
X-Storage-Object: 371531f57a27f60e93864f735df76ec7dd21b428187440c6a04e382638e12ffa
X-Host: blu61.sf2p.intern.weebly.net
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 927e0e3b39c043c146e3c4670721053c
4b3ba1fcb792019555ce2863449b12e06ca84fc2
7695e2133e8daf2bbadfd3acc4c48be19a79573db7254ff1acdcd027eaa0843f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7695E2133E8DAF2BBADFD3ACC4C48BE19A79573DB7254FF1ACDCD027EAA0843F"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12086
Expires: Tue, 13 Dec 2022 18:28:22 GMT
Date: Tue, 13 Dec 2022 15:06:56 GMT
Connection: keep-alive
i.vimeocdn.com/video/926828490-0e76fc3256976def6e4cc401f6d703797eef76af1043bf4ab6a20699a6856742-d?mw=400&mh=222
200 OK 5.6 kB URL HTTP/2 i.vimeocdn.com/video/926828490-0e76fc3256976def6e4cc401f6d703797eef76af1043bf4ab6a20699a6856742-d?mw=400&mh=222
IP
File type ISO Media, AVIF Image\012- data
Hash 1ac413978bee607c79c708f337da93aa
e99ccf3791ba34d43b0eb567114f44a10c024478
136a5e09468bf35ce0bbcbccd894093f07611aad5a3307d52290baa8716a32ae
GET /video/926828490-0e76fc3256976def6e4cc401f6d703797eef76af1043bf4ab6a20699a6856742-d?mw=400&mh=222 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 1ac413978bee607c79c708f337da93aa
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-8kvq
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Tue, 13 Dec 2022 15:06:56 GMT
age: 2415502
x-served-by: cache-dfw-kdfw8210027-DFW, cache-bma1622-BMA
x-cache: miss, HIT, MISS
x-cache-hits: 37, 0
x-timer: S1670944017.614312,VS0,VE121
vary: Accept
content-length: 5629
X-Firefox-Spdy: h2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
200 OK 2 B URL HTTP/1.1 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
Content-Length: 1775
Origin: http://www.stjohnsatlanta.org
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 15:06:56 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 2
Connection: keep-alive
Server: nginx
Set-Cookie: sp=eb2a4f77-a572-4ae7-abce-2ecb590c47af; Expires=Wed, 13 Dec 2023 15:06:56 GMT; Domain=; Path=/; Secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: http://www.stjohnsatlanta.org
Access-Control-Allow-Credentials: true
www.stjohnsatlanta.org/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
200 OK 348 B URL HTTP/1.1 www.stjohnsatlanta.org/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: www.stjohnsatlanta.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: http://www.stjohnsatlanta.org
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Cookie: is_mobile=0; language=en; _snow_ses.24aa=*; _snow_id.24aa=cc9bfc67-8e9d-43ed-9c30-890dcdbe7d2e.1670944014.1.1670944014.1670944014.26fdb53f-fba5-4893-b37f-4cb8766a77dd
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 15:06:56 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu96.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=72
Connection: Keep-Alive
Content-Type: application/json
www.stjohnsatlanta.org/ajax/api/JsonRPC/Membership/?Membership[Member::get_session_details]
200 OK 296 B URL HTTP/1.1 www.stjohnsatlanta.org/ajax/api/JsonRPC/Membership/?Membership[Member::get_session_details]
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 5bbf46c53c5923cc40980b585e03beb3
d684d3bc64c7840b79f7a01753cd122df0e7a311
6ec5e89489c67b1e38203b1ae5f68fc20d1225a6a180f27a31f8f70da439c45f
POST /ajax/api/JsonRPC/Membership/?Membership[Member::get_session_details] HTTP/1.1
Host: www.stjohnsatlanta.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 75
Origin: http://www.stjohnsatlanta.org
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Cookie: is_mobile=0; language=en; _snow_ses.24aa=*; _snow_id.24aa=cc9bfc67-8e9d-43ed-9c30-890dcdbe7d2e.1670944014.1.1670944014.1670944014.26fdb53f-fba5-4893-b37f-4cb8766a77dd
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 15:06:56 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
Set-Cookie: site_session=63989510cb1e82.02230432; path=/
language=en; expires=Tue, 27-Dec-2022 15:06:56 GMT; Max-Age=1209600; path=/
X-Host: blu139.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 296
Keep-Alive: timeout=10, max=68
Connection: Keep-Alive
Content-Type: application/json
simultaneouslyagreeingcontradiction.com/ntv.json?key=666eb07de8c220b90617a5a0bd58392c&vstc=4
200 OK 17 kB URL HTTP/1.1 simultaneouslyagreeingcontradiction.com/ntv.json?key=666eb07de8c220b90617a5a0bd58392c&vstc=4
IP
File type JSON data\012- , ASCII text, with very long lines (17228), with no line terminators
Hash fc0fad5de308ac2c324e4b3736b6f511
5ec81b8e7ebaa8460d2091b0377e5bf2c8a9575a
84e32ef02d233e0b05eb5ef72235402364dfe30da18ee084135b154acd3a85b4
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=666eb07de8c220b90617a5a0bd58392c&vstc=4 HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.stjohnsatlanta.org
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 13 Dec 2022 15:06:56 GMT
Content-Type: application/json
Content-Length: 17228
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.stjohnsatlanta.org
Access-Control-Allow-Origin: http://www.stjohnsatlanta.org
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17950336; expires=Wed, 14 Dec 2022 15:06:56 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 14 Dec 2022 15:06:56 GMT; secure; SameSite=None
uncs=1; expires=Wed, 14 Dec 2022 15:06:56 GMT; secure; SameSite=None
pdhtkv49=true; expires=Wed, 14 Dec 2022 15:06:56 GMT; secure; SameSite=None
uncs49=1; expires=Wed, 14 Dec 2022 15:06:56 GMT; secure; SameSite=None
nlec666eb07de8c220b90617a5a0bd58392c=[2019380,2229329,2229337,2229333]; expires=Tue, 13 Dec 2022 15:07:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 60ecaa956737cd9e70bc13461c84c521
Strict-Transport-Security: max-age=0; includeSubdomains
i.vimeocdn.com/video/912765004-58db1da0980fdb65d0e0dee5a548ce17dcecbdb72c7182d0bf1d00ceeaa6c796-d?mw=400&mh=222
200 OK 14 kB URL HTTP/2 i.vimeocdn.com/video/912765004-58db1da0980fdb65d0e0dee5a548ce17dcecbdb72c7182d0bf1d00ceeaa6c796-d?mw=400&mh=222
IP
File type ISO Media, AVIF Image\012- data
Hash 67bc51311907563ebc5d337da41253e0
7cf78f6f51ab95af64255e0fd793c9e6854234d7
fef0ddf00b852e40d796b7ea47518642665e3083d6c4ec52146c5823937b9750
GET /video/912765004-58db1da0980fdb65d0e0dee5a548ce17dcecbdb72c7182d0bf1d00ceeaa6c796-d?mw=400&mh=222 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 67bc51311907563ebc5d337da41253e0
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-pskl
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Tue, 13 Dec 2022 15:06:56 GMT
age: 1366825
x-served-by: cache-dfw-kdfw8210130-DFW, cache-bma1622-BMA
x-cache: miss, HIT, MISS
x-cache-hits: 21, 0
x-timer: S1670944017.730838,VS0,VE242
vary: Accept
content-length: 14340
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5694
Expires: Tue, 13 Dec 2022 16:41:51 GMT
Date: Tue, 13 Dec 2022 15:06:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5694
Expires: Tue, 13 Dec 2022 16:41:51 GMT
Date: Tue, 13 Dec 2022 15:06:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5694
Expires: Tue, 13 Dec 2022 16:41:51 GMT
Date: Tue, 13 Dec 2022 15:06:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5694
Expires: Tue, 13 Dec 2022 16:41:51 GMT
Date: Tue, 13 Dec 2022 15:06:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5694
Expires: Tue, 13 Dec 2022 16:41:51 GMT
Date: Tue, 13 Dec 2022 15:06:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e88e06c-7fb5-447c-ab5f-a3075c4318c1.jpeg
200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e88e06c-7fb5-447c-ab5f-a3075c4318c1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a155e8441280437a2293c7838ee085c1
f70e9e62d07733784b37e050b163ee7fdc17ce99
8cfa8d89af71d36df36c480a5228d3822cc5b5a0c2d373997d30144b4a979618
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e88e06c-7fb5-447c-ab5f-a3075c4318c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4453
x-amzn-requestid: fe6af59f-8c78-40e6-bf15-2aeab0c1da0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c6jXkEjZoAMFctw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639418fd-345602320306063952b95a35;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 05:28:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z07j2G00tK9aq33axqsJWvZ8EkyPtkvpZPmVhFfjYc2P6fKMKP05Rw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 11:47:55 GMT
age: 11942
etag: "f70e9e62d07733784b37e050b163ee7fdc17ce99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffebdc4d5-a724-47ca-a30a-bce3e96bbbe3.jpeg
200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffebdc4d5-a724-47ca-a30a-bce3e96bbbe3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f6f26cc088c96e477fab6eb3bfac37b
7c2728ee396b9aa4d8c32300fb3695e04fcb9d6c
29f7be917aa2ada98958c1e5cc12073417573a46376b35334535587e09c37948
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffebdc4d5-a724-47ca-a30a-bce3e96bbbe3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3666
x-amzn-requestid: 9eb88928-c5fe-4a71-bc9b-a3aa9ffc2d06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dDWgPE_CoAMFv7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63979e01-6ed9af730d773de1607af63c;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 21:32:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JzqwfGNChytZ0rnnQTInbqSC4ffPe2Z6xmCFHszQfrWN_kF_De1qbw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 22:00:35 GMT
age: 61582
etag: "7c2728ee396b9aa4d8c32300fb3695e04fcb9d6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba22bdf-55a7-4e1e-9034-79415392197a.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba22bdf-55a7-4e1e-9034-79415392197a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6788236cae1083aaf5a1cf95f1a6c9b
3825506ecfd360bf5352979023f445748373be3b
544d94a4896d3db29f3b6e518503f82776a3feaa55a5e9114b5572da1e667691
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba22bdf-55a7-4e1e-9034-79415392197a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9676
x-amzn-requestid: 6d84c903-9bdb-4255-8324-d87d99cd1979
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dDWgGHZZoAMFtwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63979e00-7964e1ca60e88ca45822b963;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 21:32:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r4L6lushe7nGkttIzAH9dCCjcQ6oVWYMUpMyAubdHl-Rjbh4byzlaA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:53:49 GMT
age: 61988
etag: "3825506ecfd360bf5352979023f445748373be3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a14c22-5022-4263-af44-d51914a825ed.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a14c22-5022-4263-af44-d51914a825ed.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82729f01d4f9937407d14605a2b611f4
63ef739dbbcd1238da788c05909df21826d9f37b
4420ac61a207ef4d7899632123af2dd2c7421e6d16a494aea33383d37d603038
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a14c22-5022-4263-af44-d51914a825ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5871
x-amzn-requestid: 0c5fa60d-81f3-4796-966d-cf91b6a28939
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dDWefGstIAMF-zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63979df6-7234498f4094f61107741d1c;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 21:32:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f6d2A_b3AN_-g7QFNmtlMhjEitZ4fw9GX5w-xx1PxH-z_FdqjvabTQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:57:41 GMT
age: 61756
etag: "63ef739dbbcd1238da788c05909df21826d9f37b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86bce3d677c0dd541440ebf38920020d
f11e21b6ad97e07b1d7103ad40a2e158e06fda73
9e23bc16cd1402d9124ebb9e625a5580f677ca9e008d3e04dc95080072fd1df4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7104
x-amzn-requestid: b1117224-be51-4e21-8b3b-01e5485f0af0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD2yH4loAMFuWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964cf8-1382e1a6710239ec629eedb8;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eCJ1Y9f8WMsfMlaqxVR4kTx0Eacgeqn2TN-df-DPt9nQI9AIrqHkEg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 22:16:33 GMT
age: 60624
etag: "f11e21b6ad97e07b1d7103ad40a2e158e06fda73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 690133687ca909986a7ac4e919193bbb
9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4
d4913048b7f2b341c77a345420a855e6385e00c64ef30f6cf136ad16f6bda771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6711
x-amzn-requestid: ac93518c-b2e1-4995-9152-11c30c05cc9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c9h4oHmiIAMFXQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639549d0-5180e10e467c4c4c5e7fd1f4;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 03:09:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YHHaFWjmRFuBvcFQ6orltY_4JuQEcHhfyjxHO3-XZduh_hEGfPcPoA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 03:58:00 GMT
age: 40137
etag: "9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/E4colUoO91Q
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/E4colUoO91Q
IP
Hash 90dc7006a4d789ab0aeb6134faf547fd
6b2e29b820e09fbb8341b71eb3bc9954bf6bf52e
7a96bcc9af2b41214cbc810b41107d25447896a86b2a85dba438e0d57e9a7bd7
POST /s/gts1d4/E4colUoO91Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:06:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/E4colUoO91Q
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/E4colUoO91Q
IP
Hash 90dc7006a4d789ab0aeb6134faf547fd
6b2e29b820e09fbb8341b71eb3bc9954bf6bf52e
7a96bcc9af2b41214cbc810b41107d25447896a86b2a85dba438e0d57e9a7bd7
POST /s/gts1d4/E4colUoO91Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:06:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.stjohnsatlanta.org/uploads/2/1/8/1/21816954/published/257144852.png
200 OK 645 kB URL HTTP/1.1 www.stjohnsatlanta.org/uploads/2/1/8/1/21816954/published/257144852.png
IP
File type PNG image data, 930 x 239, 8-bit/color RGBA, non-interlaced\012- data
Size 645 kB (644656 bytes)
Hash 0955278f48e32483fd9578f3966bd105
25801f6c80036c8f57b27c6dce7fab071d9ff669
b71d857f394cf5f60a906309706030f6c9f056151eaf33bc747edf3f8ba801f5
GET /uploads/2/1/8/1/21816954/published/257144852.png HTTP/1.1
Host: www.stjohnsatlanta.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 15:06:56 GMT
Content-Type: image/png
Content-Length: 644656
Connection: keep-alive
Last-Modified: Tue, 05 Feb 2019 21:12:33 GMT
x-rgw-object-type: Normal
ETag: "0955278f48e32483fd9578f3966bd105"
x-amz-request-id: tx00000000000003bc8fafa-0063842ca1-c669cc6-sfo1
X-Storage-Bucket: zb71d
X-Storage-Object: b71d857f394cf5f60a906309706030f6c9f056151eaf33bc747edf3f8ba801f5
X-Host: blu84.sf2p.intern.weebly.net
Accept-Ranges: bytes
i.vimeocdn.com/portrait/134021_60x60
200 OK 1.6 kB URL HTTP/2 i.vimeocdn.com/portrait/134021_60x60
IP
File type ISO Media, AVIF Image\012- data
Hash f097e40ea1ae4aeeaa4cfe9b3e2facfe
0f32775d07d6ea1abe2409cf04470d3466c9a15f
a0bad4a1debf6c43c6e2b76e9fd5f430c2ec5d504e8403ddd7aaaf688c96f02f
GET /portrait/134021_60x60 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: f097e40ea1ae4aeeaa4cfe9b3e2facfe
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-wrs8
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Tue, 13 Dec 2022 15:06:57 GMT
age: 2145384
x-served-by: cache-dfw-kdfw8210095-DFW, cache-bma1622-BMA
x-cache: miss, HIT, MISS
x-cache-hits: 32, 0
x-timer: S1670944017.268523,VS0,VE135
vary: Accept
content-length: 1586
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 116
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Tue, 13 Dec 2022 15:06:57 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=53a716f830bcdbece7d6f64ba8f8fb6b029e25bf1670944016
200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=53a716f830bcdbece7d6f64ba8f8fb6b029e25bf1670944016
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=53a716f830bcdbece7d6f64ba8f8fb6b029e25bf1670944016 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1429
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Tue, 13 Dec 2022 15:06:57 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/E4colUoO91Q
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/E4colUoO91Q
IP
Hash 90dc7006a4d789ab0aeb6134faf547fd
6b2e29b820e09fbb8341b71eb3bc9954bf6bf52e
7a96bcc9af2b41214cbc810b41107d25447896a86b2a85dba438e0d57e9a7bd7
POST /s/gts1d4/E4colUoO91Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:06:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/ga.js
200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Tue, 13 Dec 2022 13:33:34 GMT
Expires: Tue, 13 Dec 2022 15:33:34 GMT
Cache-Control: public, max-age=7200
Age: 5603
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 116
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Tue, 13 Dec 2022 15:06:57 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=c31c042131b599aedb5d581fb27572ea502c63621670944015
200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=c31c042131b599aedb5d581fb27572ea502c63621670944015
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=c31c042131b599aedb5d581fb27572ea502c63621670944015 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1429
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Tue, 13 Dec 2022 15:06:57 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:06:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js
200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js
IP
File type ASCII text, with very long lines (649)
Size 163 kB (163396 bytes)
Hash aa75370bb1ce2d5b05b0d02f6feecba4
f110915b53288da7b267c51210cfc239dc0b5591
cfb8dadaba93a5e0a08739ce589b55cc61fb93d0c616da564394ce925bef6197
GET /recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.stjohnsatlanta.org
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163396
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Dec 2022 14:04:44 GMT
expires: Tue, 12 Dec 2023 14:04:44 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
content-type: text/javascript
age: 90133
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 15:06:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.stjohnsatlanta.org/favicon.ico
200 OK 894 B URL HTTP/1.1 www.stjohnsatlanta.org/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel\012- data
Hash 5e0f6074df120994afba41466682fbc5
8f9fb2cf70e17072e820f1bbd60124e41cfbd443
ea8d7d69cc222ade5eae77601c3a3552c5d6039e26f61b3de5040c178c527d2e
GET /favicon.ico HTTP/1.1
Host: www.stjohnsatlanta.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Cookie: is_mobile=0; language=en; _snow_ses.24aa=*; _snow_id.24aa=cc9bfc67-8e9d-43ed-9c30-890dcdbe7d2e.1670944014.1.1670944014.1670944014.26fdb53f-fba5-4893-b37f-4cb8766a77dd; site_session=63989510cb1e82.02230432
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 15:06:57 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 894
Connection: keep-alive
Last-Modified: Tue, 05 Nov 2019 20:04:31 GMT
x-rgw-object-type: Normal
ETag: "5e0f6074df120994afba41466682fbc5"
x-amz-request-id: tx00000000000003c6afd81-006386798f-c67eadd-sfo1
X-Storage-Bucket: zea8d
X-Storage-Object: ea8d7d69cc222ade5eae77601c3a3552c5d6039e26f61b3de5040c178c527d2e
X-Host: grn72.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=341274018&utmhn=www.stjohnsatlanta.org&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=St.%20John%27s%20Lutheran%20Church%20-%20Home&utmhid=1365131697&utmr=-&utmp=%2F&utmht=1670944015374&utmac=UA-11900795-2&utmcc=__utma%3D179321702.1303975060.1670944015.1670944015.1670944015.1%3B%2B__utmz%3D179321702.1670944015.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1109955285&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=341274018&utmhn=www.stjohnsatlanta.org&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=St.%20John%27s%20Lutheran%20Church%20-%20Home&utmhid=1365131697&utmr=-&utmp=%2F&utmht=1670944015374&utmac=UA-11900795-2&utmcc=__utma%3D179321702.1303975060.1670944015.1670944015.1670944015.1%3B%2B__utmz%3D179321702.1670944015.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1109955285&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=341274018&utmhn=www.stjohnsatlanta.org&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=St.%20John%27s%20Lutheran%20Church%20-%20Home&utmhid=1365131697&utmr=-&utmp=%2F&utmht=1670944015374&utmac=UA-11900795-2&utmcc=__utma%3D179321702.1303975060.1670944015.1670944015.1670944015.1%3B%2B__utmz%3D179321702.1670944015.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1109955285&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 15:06:57 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash cb1c7fb67b2b16622526b64e96dc5ba7
4fdf088de7b591e7dcf46b86a44defb3432cd786
94660fd13ead462adf2d39b830ae41fc429f407dbb2ac0d68311d77abd9261ed
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.stjohnsatlanta.org
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Cookie: uid_id2=7f451870-86de-4222-8b43-8e3bf4543426:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:06:57 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.stjohnsatlanta.org
access-control-allow-credentials: true
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d465f7023cf19470e83be28ff7fd5cad
626750d58d064b8c50fb0064f49ff6c4b8b201b3
74822ecb6625bd40505d7a22292254743f13fb9302dae6b38ed4fee80a864582
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "74822ECB6625BD40505D7A22292254743F13FB9302DAE6B38ED4FEE80A864582"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8456
Expires: Tue, 13 Dec 2022 17:27:53 GMT
Date: Tue, 13 Dec 2022 15:06:57 GMT
Connection: keep-alive
simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuTuZ3%2BEUQE7140UEQVGS2e77HIMEYVxbX%2FcgHq8fqqurZytZUNVXd07N7WgxIjiMoJJ56n9nNogYx3gWZFSQsiDuXsAf36D8gBI%2FSk4HRF%2Fp936ef9%2FA871uf76VnxEdKT9c%2BNjtSKbrQqPjlNzak5iZz5ZWb5cCv%2BJfLG1I365fLgyLZ%2FjuB36j4b5Y%2FFGzLLFT9wPcDPygvSisiM1iYspDxw05Q6fiVerUSNOoY2P9il3pw1APvn5FLkHzyv83HjyDZGLr3wzXhthITv%2F1BL1U0MRZ9fnhLb2mTafTmbWQ9RPpwNg3jJoTcOwejD2cOYPr7hQOEckK8JwFCfTiTibB%2F8ExpqCA0Qv4csv4YQo0h6RjM3IHkJwRgHCur0L0HK8ZmdPsZSwt2QkpP%2F4LMJqT0x0vQve%2BvKjko3zAqTaTRDoMohxyMIbtjxOkRkh0PMjsCSz6D5L%2BRhafL0L39VacMJM%2Bn7qUcQ0ZjKDEEdR7S4pMe0shDGnvo8dMybXQi329FYVSrteuMsVqNsUa7yRu8Vm9HPlJWyBsiiYdgaghmdxHbXWzJL04al2DTn%2BE2czjuwSUT4q3vos9zZIIgcwQZJcgkQZYQZP38gCtXdfkDrlwaBrNandVaPjJJd48emKQrNNmLz8jFYjXexT93sSVOy81mU4R%2Bi4s2q1b9sOM3gxZtUD%2FkjXatU2VwMod056Zud%2BSEvHr%2FE8RyQv6%2F7hDSIzh1BCbPg6YBaDZqVX3QzVG97WNH%2F%2BiS22ZTO5ooqhNaMbYLbnLESQnJtrenzsjL00O98nsdgh1f%2BfXCu%2FHoyQUwmyO2OW7LXwi66u7ousnI%2FnWTOfJoNU5kT%2B7Q4og3EpqI899%2BJLYzY%2FnSNTf85j1WEEX78KZwyTLVXOquI99dlZwLu2gsE%2BSnJbchwrXUbV5NrU7j5bX3F5d6sRXOSaPHoPJk9W8wOSGl11%2BcPs%2FnT96CtGPYNEcvPSazgDRHYPEuXDxX7wyBVfOZMPaQpfnIVsP5TyUJlJhjGuZw%2F8LhvN9zd9G1JdDkDnQvR9%2Fm6KscVA3h0gujJLbHVx7fL%2BJrhKo0CpUt7YfKqi%2Bnq52Q10rrRfq0SLfg5GlZNCI%2FEn5VhFEnjFrU552o3glpJxCtsEEDJG7C7n31wj8AAAD%2F%2FwEAAP%2F%2FakwWZYUEAAA%3D
200 OK 7 B URL HTTP/1.1 simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuTuZ3%2BEUQE7140UEQVGS2e77HIMEYVxbX%2FcgHq8fqqurZytZUNVXd07N7WgxIjiMoJJ56n9nNogYx3gWZFSQsiDuXsAf36D8gBI%2FSk4HRF%2Fp936ef9%2FA871uf76VnxEdKT9c%2BNjtSKbrQqPjlNzak5iZz5ZWb5cCv%2BJfLG1I365fLgyLZ%2FjuB36j4b5Y%2FFGzLLFT9wPcDPygvSisiM1iYspDxw05Q6fiVerUSNOoY2P9il3pw1APvn5FLkHzyv83HjyDZGLr3wzXhthITv%2F1BL1U0MRZ9fnhLb2mTafTmbWQ9RPpwNg3jJoTcOwejD2cOYPr7hQOEckK8JwFCfTiTibB%2F8ExpqCA0Qv4csv4YQo0h6RjM3IHkJwRgHCur0L0HK8ZmdPsZSwt2QkpP%2F4LMJqT0x0vQve%2BvKjko3zAqTaTRDoMohxyMIbtjxOkRkh0PMjsCSz6D5L%2BRhafL0L39VacMJM%2Bn7qUcQ0ZjKDEEdR7S4pMe0shDGnvo8dMybXQi329FYVSrteuMsVqNsUa7yRu8Vm9HPlJWyBsiiYdgaghmdxHbXWzJL04al2DTn%2BE2czjuwSUT4q3vos9zZIIgcwQZJcgkQZYQZP38gCtXdfkDrlwaBrNandVaPjJJd48emKQrNNmLz8jFYjXexT93sSVOy81mU4R%2Bi4s2q1b9sOM3gxZtUD%2FkjXatU2VwMod056Zud%2BSEvHr%2FE8RyQv6%2F7hDSIzh1BCbPg6YBaDZqVX3QzVG97WNH%2F%2BiS22ZTO5ooqhNaMbYLbnLESQnJtrenzsjL00O98nsdgh1f%2BfXCu%2FHoyQUwmyO2OW7LXwi66u7ousnI%2FnWTOfJoNU5kT%2B7Q4og3EpqI899%2BJLYzY%2FnSNTf85j1WEEX78KZwyTLVXOquI99dlZwLu2gsE%2BSnJbchwrXUbV5NrU7j5bX3F5d6sRXOSaPHoPJk9W8wOSGl11%2BcPs%2FnT96CtGPYNEcvPSazgDRHYPEuXDxX7wyBVfOZMPaQpfnIVsP5TyUJlJhjGuZw%2F8LhvN9zd9G1JdDkDnQvR9%2Fm6KscVA3h0gujJLbHVx7fL%2BJrhKo0CpUt7YfKqi%2Bnq52Q10rrRfq0SLfg5GlZNCI%2FEn5VhFEnjFrU552o3glpJxCtsEEDJG7C7n31wj8AAAD%2F%2FwEAAP%2F%2FakwWZYUEAAA%3D
IP
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuTuZ3%2BEUQE7140UEQVGS2e77HIMEYVxbX%2FcgHq8fqqurZytZUNVXd07N7WgxIjiMoJJ56n9nNogYx3gWZFSQsiDuXsAf36D8gBI%2FSk4HRF%2Fp936ef9%2FA871uf76VnxEdKT9c%2BNjtSKbrQqPjlNzak5iZz5ZWb5cCv%2BJfLG1I365fLgyLZ%2FjuB36j4b5Y%2FFGzLLFT9wPcDPygvSisiM1iYspDxw05Q6fiVerUSNOoY2P9il3pw1APvn5FLkHzyv83HjyDZGLr3wzXhthITv%2F1BL1U0MRZ9fnhLb2mTafTmbWQ9RPpwNg3jJoTcOwejD2cOYPr7hQOEckK8JwFCfTiTibB%2F8ExpqCA0Qv4csv4YQo0h6RjM3IHkJwRgHCur0L0HK8ZmdPsZSwt2QkpP%2F4LMJqT0x0vQve%2BvKjko3zAqTaTRDoMohxyMIbtjxOkRkh0PMjsCSz6D5L%2BRhafL0L39VacMJM%2Bn7qUcQ0ZjKDEEdR7S4pMe0shDGnvo8dMybXQi329FYVSrteuMsVqNsUa7yRu8Vm9HPlJWyBsiiYdgaghmdxHbXWzJL04al2DTn%2BE2czjuwSUT4q3vos9zZIIgcwQZJcgkQZYQZP38gCtXdfkDrlwaBrNandVaPjJJd48emKQrNNmLz8jFYjXexT93sSVOy81mU4R%2Bi4s2q1b9sOM3gxZtUD%2FkjXatU2VwMod056Zud%2BSEvHr%2FE8RyQv6%2F7hDSIzh1BCbPg6YBaDZqVX3QzVG97WNH%2F%2BiS22ZTO5ooqhNaMbYLbnLESQnJtrenzsjL00O98nsdgh1f%2BfXCu%2FHoyQUwmyO2OW7LXwi66u7ousnI%2FnWTOfJoNU5kT%2B7Q4og3EpqI899%2BJLYzY%2FnSNTf85j1WEEX78KZwyTLVXOquI99dlZwLu2gsE%2BSnJbchwrXUbV5NrU7j5bX3F5d6sRXOSaPHoPJk9W8wOSGl11%2BcPs%2FnT96CtGPYNEcvPSazgDRHYPEuXDxX7wyBVfOZMPaQpfnIVsP5TyUJlJhjGuZw%2F8LhvN9zd9G1JdDkDnQvR9%2Fm6KscVA3h0gujJLbHVx7fL%2BJrhKo0CpUt7YfKqi%2Bnq52Q10rrRfq0SLfg5GlZNCI%2FEn5VhFEnjFrU552o3glpJxCtsEEDJG7C7n31wj8AAAD%2F%2FwEAAP%2F%2FakwWZYUEAAA%3D HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Cookie: u_pl=17950336; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec666eb07de8c220b90617a5a0bd58392c=[2019380,2229329,2229337,2229333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 13 Dec 2022 15:06:57 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 499cbc7b38771b04aeeca6b2ccc5eecc
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
200 OK 24 kB URL HTTP/1.1 cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash d71c872fb9f50bd9383abc0721d1d51e
1f69b40ef2f95798b4e0fd738d630ad4319cd739
6b4a622b9de1ffab8fe905fc8c4633994c732476664b5190ceedd62a3795ab08
GET /cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 15:06:57 GMT
Content-Type: image/jpeg
Content-Length: 24518
Connection: keep-alive
Server: nginx/1.17.6
Last-Modified: Thu, 30 Apr 2020 07:58:34 GMT
ETag: "5eaa852a-5fc6"
Expires: Thu, 15 Dec 2022 15:06:57 GMT
Cache-Control: max-age=172800
X-Proxy-Cache: HIT
Accept-Ranges: bytes
cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
200 OK 28 kB URL HTTP/1.1 cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 1dcde64d47d24d151a1433ecf4403dd7
443d6704b5a294e000084d7a8ac823e526093928
d11bcd65a82589c2c31d6fd87cb16ec673dd5640462ad3d20ff53e014a435376
GET /cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 15:06:57 GMT
Content-Type: image/jpeg
Content-Length: 27832
Connection: keep-alive
Server: nginx/1.17.6
Last-Modified: Thu, 30 Apr 2020 07:58:58 GMT
ETag: "5eaa8542-6cb8"
Expires: Thu, 15 Dec 2022 15:06:57 GMT
Cache-Control: max-age=172800
X-Proxy-Cache: HIT
Accept-Ranges: bytes
cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
200 OK 23 kB URL HTTP/1.1 cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 9a2dc4fe2ebb70df2dfb1566d22970b8
b85a5f4ef7bd68b834d03d8b9a552e2e546e8701
1983c705f5f4315c8cd002183eb9ed3c846abed8fc2a6f0a073185c249552efd
GET /cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 15:06:57 GMT
Content-Type: image/jpeg
Content-Length: 22757
Connection: keep-alive
Server: nginx/1.17.6
Last-Modified: Thu, 30 Apr 2020 07:56:41 GMT
ETag: "5eaa84b9-58e5"
Expires: Thu, 15 Dec 2022 15:06:57 GMT
Cache-Control: max-age=172800
X-Proxy-Cache: HIT
Accept-Ranges: bytes
cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
200 OK 32 kB URL HTTP/1.1 cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Hash 3528385dd0c31dbd2e5bfc4af7a6bec5
832c580ffd7711115d6c036ab4232f5bd88480a4
bfbfeebfcb679ca578055235614cc679b0757bad272996ef89b7fd5615a2db75
GET /cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 15:06:57 GMT
Content-Type: image/jpeg
Content-Length: 32471
Connection: keep-alive
Server: nginx/1.17.6
Last-Modified: Thu, 30 Apr 2020 07:58:05 GMT
ETag: "5eaa850d-7ed7"
Expires: Thu, 15 Dec 2022 15:06:57 GMT
Cache-Control: max-age=172800
X-Proxy-Cache: HIT
Accept-Ranges: bytes
simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSuTsaD8ZJEL150EAQFme2e%2FzFIMMbI4ro%2F%2BWH1WF1VPVvZmqqmqnt6dk%2BLAclxBIXEU%2B83u1nUIMa7ILOChEVx5xL24B69eRKCR%2BnJwOiDfu99%2Fb3D971Xn%2B2mp8RHSk9WPzLbUim60Kj45TfWpeYmc%2BXlm%2BXAr%2FiXyutSN%2BuXyoMi2f7bgd%2Bo%2BG%2BWPxBs0yxU%2FcD3Az8oX5NWRGawMGUh44edoNLxK%2FVqJWjUMbD%2Fxy714KgH3j8lFyH55LmNx48g2Ri69%2F1V4TYTE7%2F1fi9VNDEWfX5wS29qk2n05m1kPUT6YDYN4yaE3DsDow9mDmD6e4UDhHJCvCcBQn0wk4mwv%2F9MaaggNEL%2BArL%2BGEKNIekYzNyB5McEYBzLK9C9B8vGZnTrGUsLdkJKT%2F%2BGzCak9MdL0L3vrig5KN8wKk2k0Q6DKIccjCG7Y8TpIZJtDzI7BEs%2BheS%2FkYWnS9C9vRWnDCTPp%2B6lHENGYygxBHUe0uKTHtLIQxp76PGTMm10It9vRWFUq7XrjLFajbFGu8kbvFZvRz5SVsgbIomHYGoIZncQ2x1sys%2BPGxdh05%2FgNnI47sElE%2BKt7aDPc2SCIHMEGSXIJEGWEGT9fJ8rV3X5A65cGgazWp3VWj4ySXeX7pukKzTZjU%2FJhWI13oU%2Fd7ApTsrNZlOEfouLNqtW%2FbDjN4MWbVA%2F5I12rVNlcDKHdGembrflhLx6%2F2PEckKeX3MI6SGcOgSTZ0HTADQbtao%2B6Mao3vaxrX9wyW2zoR1NFNUJrRjbBTc54qSEZMvbVafk5emhXiutQbCjy7%2BceycePTkHZnPENsdt%2BTNBV90dXTcZ2btuMkcercSJ7MltWhzxRkITcfabD8VWZixfvOqGX7%2FLCqJoH94ULlmimkvddeTbK5JzYa8ZywT5cdGti3A1dRtXUqvTeGn1vWuLvdgK56TRY1B5vPIPmJyQ0usvTp%2Fn%2BV%2F%2FgrRj2DRHLz0is4A0h2DxDlw8V%2B8MgVXzmTA%2BgyzNR7Yazn8qSaDEHNMwh%2FsPDuf9rruLri2BJnegezn6Nkdf5aBqCJeeGyWxPbr8%2BH4RXyFUpVGobGkvVFZ9MSGv%2FF6f7rdInxTpFpw8KYtG5EfCr4ow6oRRi%2Fq8E9U7Ie0EohU2aIDETdi9L8%2F%2FCwAA%2F%2F8BAAD%2F%2F3YTvsCFBAAA
200 OK 7 B URL HTTP/1.1 simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSuTsaD8ZJEL150EAQFme2e%2FzFIMMbI4ro%2F%2BWH1WF1VPVvZmqqmqnt6dk%2BLAclxBIXEU%2B83u1nUIMa7ILOChEVx5xL24B69eRKCR%2BnJwOiDfu99%2Fb3D971Xn%2B2mp8RHSk9WPzLbUim60Kj45TfWpeYmc%2BXlm%2BXAr%2FiXyutSN%2BuXyoMi2f7bgd%2Bo%2BG%2BWPxBs0yxU%2FcD3Az8oX5NWRGawMGUh44edoNLxK%2FVqJWjUMbD%2Fxy714KgH3j8lFyH55LmNx48g2Ri69%2F1V4TYTE7%2F1fi9VNDEWfX5wS29qk2n05m1kPUT6YDYN4yaE3DsDow9mDmD6e4UDhHJCvCcBQn0wk4mwv%2F9MaaggNEL%2BArL%2BGEKNIekYzNyB5McEYBzLK9C9B8vGZnTrGUsLdkJKT%2F%2BGzCak9MdL0L3vrig5KN8wKk2k0Q6DKIccjCG7Y8TpIZJtDzI7BEs%2BheS%2FkYWnS9C9vRWnDCTPp%2B6lHENGYygxBHUe0uKTHtLIQxp76PGTMm10It9vRWFUq7XrjLFajbFGu8kbvFZvRz5SVsgbIomHYGoIZncQ2x1sys%2BPGxdh05%2FgNnI47sElE%2BKt7aDPc2SCIHMEGSXIJEGWEGT9fJ8rV3X5A65cGgazWp3VWj4ySXeX7pukKzTZjU%2FJhWI13oU%2Fd7ApTsrNZlOEfouLNqtW%2FbDjN4MWbVA%2F5I12rVNlcDKHdGembrflhLx6%2F2PEckKeX3MI6SGcOgSTZ0HTADQbtao%2B6Mao3vaxrX9wyW2zoR1NFNUJrRjbBTc54qSEZMvbVafk5emhXiutQbCjy7%2BceycePTkHZnPENsdt%2BTNBV90dXTcZ2btuMkcercSJ7MltWhzxRkITcfabD8VWZixfvOqGX7%2FLCqJoH94ULlmimkvddeTbK5JzYa8ZywT5cdGti3A1dRtXUqvTeGn1vWuLvdgK56TRY1B5vPIPmJyQ0usvTp%2Fn%2BV%2F%2FgrRj2DRHLz0is4A0h2DxDlw8V%2B8MgVXzmTA%2BgyzNR7Yazn8qSaDEHNMwh%2FsPDuf9rruLri2BJnegezn6Nkdf5aBqCJeeGyWxPbr8%2BH4RXyFUpVGobGkvVFZ9MSGv%2FF6f7rdInxTpFpw8KYtG5EfCr4ow6oRRi%2Fq8E9U7Ie0EohU2aIDETdi9L8%2F%2FCwAA%2F%2F8BAAD%2F%2F3YTvsCFBAAA
IP
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSuTsaD8ZJEL150EAQFme2e%2FzFIMMbI4ro%2F%2BWH1WF1VPVvZmqqmqnt6dk%2BLAclxBIXEU%2B83u1nUIMa7ILOChEVx5xL24B69eRKCR%2BnJwOiDfu99%2Fb3D971Xn%2B2mp8RHSk9WPzLbUim60Kj45TfWpeYmc%2BXlm%2BXAr%2FiXyutSN%2BuXyoMi2f7bgd%2Bo%2BG%2BWPxBs0yxU%2FcD3Az8oX5NWRGawMGUh44edoNLxK%2FVqJWjUMbD%2Fxy714KgH3j8lFyH55LmNx48g2Ri69%2F1V4TYTE7%2F1fi9VNDEWfX5wS29qk2n05m1kPUT6YDYN4yaE3DsDow9mDmD6e4UDhHJCvCcBQn0wk4mwv%2F9MaaggNEL%2BArL%2BGEKNIekYzNyB5McEYBzLK9C9B8vGZnTrGUsLdkJKT%2F%2BGzCak9MdL0L3vrig5KN8wKk2k0Q6DKIccjCG7Y8TpIZJtDzI7BEs%2BheS%2FkYWnS9C9vRWnDCTPp%2B6lHENGYygxBHUe0uKTHtLIQxp76PGTMm10It9vRWFUq7XrjLFajbFGu8kbvFZvRz5SVsgbIomHYGoIZncQ2x1sys%2BPGxdh05%2FgNnI47sElE%2BKt7aDPc2SCIHMEGSXIJEGWEGT9fJ8rV3X5A65cGgazWp3VWj4ySXeX7pukKzTZjU%2FJhWI13oU%2Fd7ApTsrNZlOEfouLNqtW%2FbDjN4MWbVA%2F5I12rVNlcDKHdGembrflhLx6%2F2PEckKeX3MI6SGcOgSTZ0HTADQbtao%2B6Mao3vaxrX9wyW2zoR1NFNUJrRjbBTc54qSEZMvbVafk5emhXiutQbCjy7%2BceycePTkHZnPENsdt%2BTNBV90dXTcZ2btuMkcercSJ7MltWhzxRkITcfabD8VWZixfvOqGX7%2FLCqJoH94ULlmimkvddeTbK5JzYa8ZywT5cdGti3A1dRtXUqvTeGn1vWuLvdgK56TRY1B5vPIPmJyQ0usvTp%2Fn%2BV%2F%2FgrRj2DRHLz0is4A0h2DxDlw8V%2B8MgVXzmTA%2BgyzNR7Yazn8qSaDEHNMwh%2FsPDuf9rruLri2BJnegezn6Nkdf5aBqCJeeGyWxPbr8%2BH4RXyFUpVGobGkvVFZ9MSGv%2FF6f7rdInxTpFpw8KYtG5EfCr4ow6oRRi%2Fq8E9U7Ie0EohU2aIDETdi9L8%2F%2FCwAA%2F%2F8BAAD%2F%2F3YTvsCFBAAA HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Cookie: u_pl=17950336; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec666eb07de8c220b90617a5a0bd58392c=[2019380,2229329,2229337,2229333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 13 Dec 2022 15:06:57 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ac89938f704d2f20bb0c9f205d186ccc
Strict-Transport-Security: max-age=0; includeSubdomains
temperrunnersdale.com/sbar.json?key=736f429aa1eba40eba1a6ff216f02d37
200 OK 4.2 kB URL HTTP/1.1 temperrunnersdale.com/sbar.json?key=736f429aa1eba40eba1a6ff216f02d37
IP
File type JSON data\012- , ASCII text, with very long lines (5976), with no line terminators
Hash 3b879d6050af2d2a7884147c9bcf99d7
7963c2435f6ee64907d017cafb1137288feb4b38
555e10ef7f15d91acfef4c96217bd4769e0dcef542a0c4a5327e86dc1ab9d357
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=736f429aa1eba40eba1a6ff216f02d37 HTTP/1.1
Host: temperrunnersdale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.stjohnsatlanta.org
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 13 Dec 2022 15:06:57 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.stjohnsatlanta.org
Access-Control-Allow-Origin: http://www.stjohnsatlanta.org
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17949921; expires=Wed, 14 Dec 2022 15:06:57 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 14 Dec 2022 15:06:57 GMT; secure; SameSite=None
uncs=1; expires=Wed, 14 Dec 2022 15:06:57 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 14 Dec 2022 15:06:57 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 14 Dec 2022 15:06:57 GMT; secure; SameSite=None
slec736f429aa1eba40eba1a6ff216f02d37=[3078189]; expires=Tue, 13 Dec 2022 15:07:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 557b3465776a16ebe211eb74639cd741
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRuuTuaDz3hJohdBdBAUBZntnv8xSDDGSHDdn%2Fyweqyuqp6tbE1VU9U9PbunxYDkOIJC4qn3md0sxkWMd0FmBQmL4s4l7ME9Cp48CMGj9GRg9YV%2Bf%2Fp5D8%2FzvPXpVnpMfKT0aOlDsyGVonONil9%2BfUVqbjJXXrhRDvyKf6G8InWzfqE8KJLtvxX4jYr%2FRvl9wdbMXNUPfD%2Fwg%2FIVaUVkBnNTFDLe6wSVjl%2BpVytBo46B%2Fe%2FsUg%2BOeuD9Y3Iekk%2F%2Bt%2FroISQbQ%2Fe%2BvSzcWmLiN9%2FrpYomxqLPd2%2FqNW0yjd5JG1kPkd6dbcO4CSF3T8Ho3ZkCmP52oQChnBDvcYBQ785oIuzvPGUaKgiNkD%2BLrD%2BGUGNIOgYztyH5IQEYx8IidO%2F%2BgrEZXX%2BK0gKdkNKTvyCzCSn99jx075tLSg7K141KE2m0wyDKIQdjyO4YcbqPZMODzPbBkk8g%2BS9k7sk8dG970SkDyfOpeinHkNEYSgxBnYe0%2BKSHNPKQxh56%2FKhMG53I91tRGNVq7TpjrFZjrNFu8gav1duRj5QV9IZI4iGYGoLZTcR2E2vys8PGedj0B7jVHI57cMmEeMub6PMcmSDIHEFGCTJJkCUEWT%2Ff4cpVXX6fK5eGwaxWZ7WWj0zS3aI7JukKTbbiY3KusMY79%2Fsm1sRRudlsitBvcdFm1aofdvxm0KIN6oe80a51qgxO5pDu1FTthpyQl%2B99hFhOyDPLDiHdh1P7YPI0aBqAZqNW1QddHdXbPjb0dy65ZVa1o4miOqEVY7vgJkeclJCse1vqmLwwPdQrpY8h2MHFn868HY8enwGzOWKb45b8kaCr7oyumYxsXzOZIw8X40T25AYtjng9oYk4%2FeADsZ4Zy69edsOv3mEFULR7N4RL5qnmUncd%2BfqS5FzYK8YyQb6%2F6lZEuJS61Uup1Wk8v%2FTulau92ArnpNFjUHm4%2BDeYnJDSq89Nn%2BfZn%2F%2BEtGPYNEcvPSCzgDT7YPEmXHxw8cGLe%2F8PXvsDzhBYdbITxqeRpfnIVsOTn0oSKHEy0zCH%2B9ccnvRb7g66tgSa3Ibu5ejbHH2Vg6ohXHpmlMT24OKje0V8iVCVRqGype1QWfX5hLz0a73wd3lqcpFuwsmjsmhEfiT8qgijThi1qM87Ub0T0k4gWmGDBkjchN394uw%2FAAAA%2F%2F8BAAD%2F%2FxDqpzaFBAAA
200 OK 7 B URL HTTP/1.1 simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRuuTuaDz3hJohdBdBAUBZntnv8xSDDGSHDdn%2Fyweqyuqp6tbE1VU9U9PbunxYDkOIJC4qn3md0sxkWMd0FmBQmL4s4l7ME9Cp48CMGj9GRg9YV%2Bf%2Fp5D8%2FzvPXpVnpMfKT0aOlDsyGVonONil9%2BfUVqbjJXXrhRDvyKf6G8InWzfqE8KJLtvxX4jYr%2FRvl9wdbMXNUPfD%2Fwg%2FIVaUVkBnNTFDLe6wSVjl%2BpVytBo46B%2Fe%2FsUg%2BOeuD9Y3Iekk%2F%2Bt%2FroISQbQ%2Fe%2BvSzcWmLiN9%2FrpYomxqLPd2%2FqNW0yjd5JG1kPkd6dbcO4CSF3T8Ho3ZkCmP52oQChnBDvcYBQ785oIuzvPGUaKgiNkD%2BLrD%2BGUGNIOgYztyH5IQEYx8IidO%2F%2BgrEZXX%2BK0gKdkNKTvyCzCSn99jx075tLSg7K141KE2m0wyDKIQdjyO4YcbqPZMODzPbBkk8g%2BS9k7sk8dG970SkDyfOpeinHkNEYSgxBnYe0%2BKSHNPKQxh56%2FKhMG53I91tRGNVq7TpjrFZjrNFu8gav1duRj5QV9IZI4iGYGoLZTcR2E2vys8PGedj0B7jVHI57cMmEeMub6PMcmSDIHEFGCTJJkCUEWT%2Ff4cpVXX6fK5eGwaxWZ7WWj0zS3aI7JukKTbbiY3KusMY79%2Fsm1sRRudlsitBvcdFm1aofdvxm0KIN6oe80a51qgxO5pDu1FTthpyQl%2B99hFhOyDPLDiHdh1P7YPI0aBqAZqNW1QddHdXbPjb0dy65ZVa1o4miOqEVY7vgJkeclJCse1vqmLwwPdQrpY8h2MHFn868HY8enwGzOWKb45b8kaCr7oyumYxsXzOZIw8X40T25AYtjng9oYk4%2FeADsZ4Zy69edsOv3mEFULR7N4RL5qnmUncd%2BfqS5FzYK8YyQb6%2F6lZEuJS61Uup1Wk8v%2FTulau92ArnpNFjUHm4%2BDeYnJDSq89Nn%2BfZn%2F%2BEtGPYNEcvPSCzgDT7YPEmXHxw8cGLe%2F8PXvsDzhBYdbITxqeRpfnIVsOTn0oSKHEy0zCH%2B9ccnvRb7g66tgSa3Ibu5ejbHH2Vg6ohXHpmlMT24OKje0V8iVCVRqGype1QWfX5hLz0a73wd3lqcpFuwsmjsmhEfiT8qgijThi1qM87Ub0T0k4gWmGDBkjchN394uw%2FAAAA%2F%2F8BAAD%2F%2FxDqpzaFBAAA
IP
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRuuTuaDz3hJohdBdBAUBZntnv8xSDDGSHDdn%2Fyweqyuqp6tbE1VU9U9PbunxYDkOIJC4qn3md0sxkWMd0FmBQmL4s4l7ME9Cp48CMGj9GRg9YV%2Bf%2Fp5D8%2FzvPXpVnpMfKT0aOlDsyGVonONil9%2BfUVqbjJXXrhRDvyKf6G8InWzfqE8KJLtvxX4jYr%2FRvl9wdbMXNUPfD%2Fwg%2FIVaUVkBnNTFDLe6wSVjl%2BpVytBo46B%2Fe%2FsUg%2BOeuD9Y3Iekk%2F%2Bt%2FroISQbQ%2Fe%2BvSzcWmLiN9%2FrpYomxqLPd2%2FqNW0yjd5JG1kPkd6dbcO4CSF3T8Ho3ZkCmP52oQChnBDvcYBQ785oIuzvPGUaKgiNkD%2BLrD%2BGUGNIOgYztyH5IQEYx8IidO%2F%2BgrEZXX%2BK0gKdkNKTvyCzCSn99jx075tLSg7K141KE2m0wyDKIQdjyO4YcbqPZMODzPbBkk8g%2BS9k7sk8dG970SkDyfOpeinHkNEYSgxBnYe0%2BKSHNPKQxh56%2FKhMG53I91tRGNVq7TpjrFZjrNFu8gav1duRj5QV9IZI4iGYGoLZTcR2E2vys8PGedj0B7jVHI57cMmEeMub6PMcmSDIHEFGCTJJkCUEWT%2Ff4cpVXX6fK5eGwaxWZ7WWj0zS3aI7JukKTbbiY3KusMY79%2Fsm1sRRudlsitBvcdFm1aofdvxm0KIN6oe80a51qgxO5pDu1FTthpyQl%2B99hFhOyDPLDiHdh1P7YPI0aBqAZqNW1QddHdXbPjb0dy65ZVa1o4miOqEVY7vgJkeclJCse1vqmLwwPdQrpY8h2MHFn868HY8enwGzOWKb45b8kaCr7oyumYxsXzOZIw8X40T25AYtjng9oYk4%2FeADsZ4Zy69edsOv3mEFULR7N4RL5qnmUncd%2BfqS5FzYK8YyQb6%2F6lZEuJS61Uup1Wk8v%2FTulau92ArnpNFjUHm4%2BDeYnJDSq89Nn%2BfZn%2F%2BEtGPYNEcvPSCzgDT7YPEmXHxw8cGLe%2F8PXvsDzhBYdbITxqeRpfnIVsOTn0oSKHEy0zCH%2B9ccnvRb7g66tgSa3Ibu5ejbHH2Vg6ohXHpmlMT24OKje0V8iVCVRqGype1QWfX5hLz0a73wd3lqcpFuwsmjsmhEfiT8qgijThi1qM87Ub0T0k4gWmGDBkjchN394uw%2FAAAA%2F%2F8BAAD%2F%2FxDqpzaFBAAA HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Cookie: u_pl=17950336; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec666eb07de8c220b90617a5a0bd58392c=[2019380,2229329,2229337,2229333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 13 Dec 2022 15:06:57 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d666cb23083f765f57988061f4c10acb
Strict-Transport-Security: max-age=0; includeSubdomains
simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitTsaD8ZJEL150EAQFme2e%2FzFIMMaVxXV%2F8sPqsbqqerayNVVNVff07J4WA5LjCAqJp943u1nUIMa7ILOChEVx5xL24B49ehGCR%2BndgdEP%2Bvvp9x3ee199tpOeEB8pPV75yGxJpehco%2BKX31iTmpvMlZdulQO%2F4l8pr0ndrF8pD4pk%2B28HfqPiv1n%2BQLANM1f1A98P%2FKA8L62IzGDuFIWMH3WCSsev1KuVoFHHwP5%2FdqkHRz3w%2Fgm5DMknz60%2FeQzJxtC9768Lt5GY%2BK33e6miibHo8%2F3bekObTKM3ayPrIdL7020YNyHk%2FjkYvT9VANPfLRQglBPiPQ0Q6v0pTYT9vTOmoYLQCPkLyPpjCDWGpGMwcxeSHxGAcSwtQ%2FceLhmb0c0zlBbohJSe%2FQ2ZTUjpj5ege99dU3JQvmlUmkijHQZRDjkYQ3bHiNMDJFseZHYAlnwKyX8jc88WoXu7y04ZSJ6fqpdyDBmNocQQ1HlIi096SCMPaeyhx4%2FLtNGJfL8VhVGt1q4zxmo1xhrtJm%2FwWr0d%2BUhZQW%2BIJB6CqSGY3UZst7EhPz9qXIZNf4Jbz%2BG4B5dMiLe6jT7PkQmCzBFklCCTBFlCkPXzPa5c1eUPuXJpGExrdVpr%2Bcgk3R26Z5Ku0GQnPiGXCmu8S39uY0Mcl5vNpgj9FhdtVq36YcdvBi3aoH7IG%2B1ap8rgZA7pzp2q3ZIT8uqDjxHLCXl%2B1SGkB3DqAEyeB00D0GzUqvqg66N628eW%2FsEld8y6djRRVCe0YmwX3OSIkxKSTW9HnZCXTw%2F1Wuk2BDu8%2BsuFd%2BLR0wtgNkdsc9yRPxN01b3RDZOR3Rsmc%2BTxcpzIntyixRFvJjQR57%2F5UGxmxvKF62749busAIr20S3hkkWqudRdR769JjkXdt5YJsiPC25NhCupW7%2BWWp3GiyvvzS%2F0Yiuck0aPQeXR8j9gckJKr794%2Bjwv%2FvoXpB3Dpjl66SGZBqQ5AIu34eIZe2cIrJrthHEJWZqPbDWc%2FVSSQInZTMMc7j9zOOt33D10bQk0uQvdy9G3OfoqB1VDuPTCKInt4dUnD4r4CqEqjUJlS7uhsuqLCXnl93rh72qRPjlz2snjsmhEfiT8qgijThi1qM87Ub0T0k4gWmGDBkjchN3%2F8uK%2FAAAA%2F%2F8BAAD%2F%2F8re6rKFBAAA
200 OK 7 B URL HTTP/1.1 simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitTsaD8ZJEL150EAQFme2e%2FzFIMMaVxXV%2F8sPqsbqqerayNVVNVff07J4WA5LjCAqJp943u1nUIMa7ILOChEVx5xL24B49ehGCR%2BndgdEP%2Bvvp9x3ee199tpOeEB8pPV75yGxJpehco%2BKX31iTmpvMlZdulQO%2F4l8pr0ndrF8pD4pk%2B28HfqPiv1n%2BQLANM1f1A98P%2FKA8L62IzGDuFIWMH3WCSsev1KuVoFHHwP5%2FdqkHRz3w%2Fgm5DMknz60%2FeQzJxtC9768Lt5GY%2BK33e6miibHo8%2F3bekObTKM3ayPrIdL7020YNyHk%2FjkYvT9VANPfLRQglBPiPQ0Q6v0pTYT9vTOmoYLQCPkLyPpjCDWGpGMwcxeSHxGAcSwtQ%2FceLhmb0c0zlBbohJSe%2FQ2ZTUjpj5ege99dU3JQvmlUmkijHQZRDjkYQ3bHiNMDJFseZHYAlnwKyX8jc88WoXu7y04ZSJ6fqpdyDBmNocQQ1HlIi096SCMPaeyhx4%2FLtNGJfL8VhVGt1q4zxmo1xhrtJm%2FwWr0d%2BUhZQW%2BIJB6CqSGY3UZst7EhPz9qXIZNf4Jbz%2BG4B5dMiLe6jT7PkQmCzBFklCCTBFlCkPXzPa5c1eUPuXJpGExrdVpr%2Bcgk3R26Z5Ku0GQnPiGXCmu8S39uY0Mcl5vNpgj9FhdtVq36YcdvBi3aoH7IG%2B1ap8rgZA7pzp2q3ZIT8uqDjxHLCXl%2B1SGkB3DqAEyeB00D0GzUqvqg66N628eW%2FsEld8y6djRRVCe0YmwX3OSIkxKSTW9HnZCXTw%2F1Wuk2BDu8%2BsuFd%2BLR0wtgNkdsc9yRPxN01b3RDZOR3Rsmc%2BTxcpzIntyixRFvJjQR57%2F5UGxmxvKF62749busAIr20S3hkkWqudRdR769JjkXdt5YJsiPC25NhCupW7%2BWWp3GiyvvzS%2F0Yiuck0aPQeXR8j9gckJKr794%2Bjwv%2FvoXpB3Dpjl66SGZBqQ5AIu34eIZe2cIrJrthHEJWZqPbDWc%2FVSSQInZTMMc7j9zOOt33D10bQk0uQvdy9G3OfoqB1VDuPTCKInt4dUnD4r4CqEqjUJlS7uhsuqLCXnl93rh72qRPjlz2snjsmhEfiT8qgijThi1qM87Ub0T0k4gWmGDBkjchN3%2F8uK%2FAAAA%2F%2F8BAAD%2F%2F8re6rKFBAAA
IP
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitTsaD8ZJEL150EAQFme2e%2FzFIMMaVxXV%2F8sPqsbqqerayNVVNVff07J4WA5LjCAqJp943u1nUIMa7ILOChEVx5xL24B49ehGCR%2BndgdEP%2Bvvp9x3ee199tpOeEB8pPV75yGxJpehco%2BKX31iTmpvMlZdulQO%2F4l8pr0ndrF8pD4pk%2B28HfqPiv1n%2BQLANM1f1A98P%2FKA8L62IzGDuFIWMH3WCSsev1KuVoFHHwP5%2FdqkHRz3w%2Fgm5DMknz60%2FeQzJxtC9768Lt5GY%2BK33e6miibHo8%2F3bekObTKM3ayPrIdL7020YNyHk%2FjkYvT9VANPfLRQglBPiPQ0Q6v0pTYT9vTOmoYLQCPkLyPpjCDWGpGMwcxeSHxGAcSwtQ%2FceLhmb0c0zlBbohJSe%2FQ2ZTUjpj5ege99dU3JQvmlUmkijHQZRDjkYQ3bHiNMDJFseZHYAlnwKyX8jc88WoXu7y04ZSJ6fqpdyDBmNocQQ1HlIi096SCMPaeyhx4%2FLtNGJfL8VhVGt1q4zxmo1xhrtJm%2FwWr0d%2BUhZQW%2BIJB6CqSGY3UZst7EhPz9qXIZNf4Jbz%2BG4B5dMiLe6jT7PkQmCzBFklCCTBFlCkPXzPa5c1eUPuXJpGExrdVpr%2Bcgk3R26Z5Ku0GQnPiGXCmu8S39uY0Mcl5vNpgj9FhdtVq36YcdvBi3aoH7IG%2B1ap8rgZA7pzp2q3ZIT8uqDjxHLCXl%2B1SGkB3DqAEyeB00D0GzUqvqg66N628eW%2FsEld8y6djRRVCe0YmwX3OSIkxKSTW9HnZCXTw%2F1Wuk2BDu8%2BsuFd%2BLR0wtgNkdsc9yRPxN01b3RDZOR3Rsmc%2BTxcpzIntyixRFvJjQR57%2F5UGxmxvKF62749busAIr20S3hkkWqudRdR769JjkXdt5YJsiPC25NhCupW7%2BWWp3GiyvvzS%2F0Yiuck0aPQeXR8j9gckJKr794%2Bjwv%2FvoXpB3Dpjl66SGZBqQ5AIu34eIZe2cIrJrthHEJWZqPbDWc%2FVSSQInZTMMc7j9zOOt33D10bQk0uQvdy9G3OfoqB1VDuPTCKInt4dUnD4r4CqEqjUJlS7uhsuqLCXnl93rh72qRPjlz2snjsmhEfiT8qgijThi1qM87Ub0T0k4gWmGDBkjchN3%2F8uK%2FAAAA%2F%2F8BAAD%2F%2F8re6rKFBAAA HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Cookie: u_pl=17950336; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec666eb07de8c220b90617a5a0bd58392c=[2019380,2229329,2229337,2229333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 13 Dec 2022 15:06:58 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8fe51d4daebd2aca8ec697a6fdcd3899
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 24f17490ee5696a9002967e9e53200f4
6aa0b8742785a4eeed32c76362ae1aafb716e3b0
073ca337d67af4b7523e89d73e7126c18ad35496b7a2a1104314060711c3e6b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "073CA337D67AF4B7523E89D73E7126C18AD35496B7A2A1104314060711C3E6B1"
Last-Modified: Mon, 12 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7949
Expires: Tue, 13 Dec 2022 17:19:27 GMT
Date: Tue, 13 Dec 2022 15:06:58 GMT
Connection: keep-alive
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 502384
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:56 GMT
expires: Thu, 07 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 502382
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
temperrunnersdale.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3o2ICAtZBFEQ%2B6igk%2B75kcm4BzGukWBMsj8kXqu7qie1qa5qqqqnJzkFF2SPswdhvXW%2BSTaoi7jeRZl4WQJCxoPk4IDgHyCIi0eZyciwD7rf%2B95XBd%2F3Xn1%2BkI9IgJyeb36s94SUdKFRCfw3toRiurD%2B%2Bm0%2FDCrBNX9LqMX6Nb87%2FpnOO2HQqARv%2Bh%2FyeEcvVIMwCMIg9FeE4YnuLkxYiOxRK6y0gkq9WgkbdXTNs9jmHiz1wDojchWCDZ%2FbfvIYIh5Apd9d53bH6eytD9JcUqcNOuz4E7WjdKGQzsrEeEjU8fQ0tB0S8uAStDqeOoDuHI4dIBJD4v0WIlLHU5mIOkcXSiMJrhCxF1F0BuByAEEHiPVdCHZGgJhhfQMqfbiuTUF3L1g6Zodk7unfEMWQzP3%2BElT67bIUXf%2BWlrkTWll0kxKiO4BoD5DlJ3B7HkRxgth9BsF%2BIQtP16DSww0rNQQrJ%2B6FGEAkA0jeA7Ue8vEnPOSJhzzzkLJznzZaSRA0kyip1ZbqcRzXanHcWFpkDVarLyUB8ngsrweX9RDLHmKzj8zsY0fcP2tchcl%2Fgt0uYZkH64bEu7GPDitRcILCEhSUoBAEhSMoOuURk7Zqy4dM2jwKp7k6zbWyr137gB5p1%2BaKHGQjMj8ejTf%2F5x%2FY4ed%2Bs7aY1KstSkMe0XrAIxrSxSSphotJUGW1JqwoIeylids9MSSvf%2FkpMjEkL9ywiOgJrDxBLC6D5q%2BBFv1mNQDd7teXAuyp7627o7eVpU5S5WhFmzaYLpG5Obhd70COyCuTRVX%2BfRs8PiXTQGxKZKbEHfEzQVve69%2FUBTm8qQtLHm9kTqRij46XeMtRx72vP%2BK7hTZs9brtffVePCbG5aPb3Lo1qphQbUu%2BWRaMcbOiTczJD6t2i0ebud1ezo3Ks7XN91dW08xwa4VWA1BxduUKYjEkzz%2F5Z%2FI8Xx69CmEGMHmJNJ8pFfoEcbYPm816VhMYOcNR5qHIy76pRrOmFASSzzCNSlh%2B%2BuNf%2F1%2Ba1Qf2HtrGA3V3odISHVOiI0tQ2YPNL%2FddZk7f%2FbU2CUTS60fSeIeRNPL%2BxWitOPd5IwkSHlR5lLSipEkD1krqrYi2Qt6MGjSEs8P4wRfz%2FwEAAP%2F%2FAQAA%2F%2F8KfGMMdgQAAA%3D%3D
200 OK 7 B URL HTTP/1.1 temperrunnersdale.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3o2ICAtZBFEQ%2B6igk%2B75kcm4BzGukWBMsj8kXqu7qie1qa5qqqqnJzkFF2SPswdhvXW%2BSTaoi7jeRZl4WQJCxoPk4IDgHyCIi0eZyciwD7rf%2B95XBd%2F3Xn1%2BkI9IgJyeb36s94SUdKFRCfw3toRiurD%2B%2Bm0%2FDCrBNX9LqMX6Nb87%2FpnOO2HQqARv%2Bh%2FyeEcvVIMwCMIg9FeE4YnuLkxYiOxRK6y0gkq9WgkbdXTNs9jmHiz1wDojchWCDZ%2FbfvIYIh5Apd9d53bH6eytD9JcUqcNOuz4E7WjdKGQzsrEeEjU8fQ0tB0S8uAStDqeOoDuHI4dIBJD4v0WIlLHU5mIOkcXSiMJrhCxF1F0BuByAEEHiPVdCHZGgJhhfQMqfbiuTUF3L1g6Zodk7unfEMWQzP3%2BElT67bIUXf%2BWlrkTWll0kxKiO4BoD5DlJ3B7HkRxgth9BsF%2BIQtP16DSww0rNQQrJ%2B6FGEAkA0jeA7Ue8vEnPOSJhzzzkLJznzZaSRA0kyip1ZbqcRzXanHcWFpkDVarLyUB8ngsrweX9RDLHmKzj8zsY0fcP2tchcl%2Fgt0uYZkH64bEu7GPDitRcILCEhSUoBAEhSMoOuURk7Zqy4dM2jwKp7k6zbWyr137gB5p1%2BaKHGQjMj8ejTf%2F5x%2FY4ed%2Bs7aY1KstSkMe0XrAIxrSxSSphotJUGW1JqwoIeylids9MSSvf%2FkpMjEkL9ywiOgJrDxBLC6D5q%2BBFv1mNQDd7teXAuyp7627o7eVpU5S5WhFmzaYLpG5Obhd70COyCuTRVX%2BfRs8PiXTQGxKZKbEHfEzQVve69%2FUBTm8qQtLHm9kTqRij46XeMtRx72vP%2BK7hTZs9brtffVePCbG5aPb3Lo1qphQbUu%2BWRaMcbOiTczJD6t2i0ebud1ezo3Ks7XN91dW08xwa4VWA1BxduUKYjEkzz%2F5Z%2FI8Xx69CmEGMHmJNJ8pFfoEcbYPm816VhMYOcNR5qHIy76pRrOmFASSzzCNSlh%2B%2BuNf%2F1%2Ba1Qf2HtrGA3V3odISHVOiI0tQ2YPNL%2FddZk7f%2FbU2CUTS60fSeIeRNPL%2BxWitOPd5IwkSHlR5lLSipEkD1krqrYi2Qt6MGjSEs8P4wRfz%2FwEAAP%2F%2FAQAA%2F%2F8KfGMMdgQAAA%3D%3D
IP
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3o2ICAtZBFEQ%2B6igk%2B75kcm4BzGukWBMsj8kXqu7qie1qa5qqqqnJzkFF2SPswdhvXW%2BSTaoi7jeRZl4WQJCxoPk4IDgHyCIi0eZyciwD7rf%2B95XBd%2F3Xn1%2BkI9IgJyeb36s94SUdKFRCfw3toRiurD%2B%2Bm0%2FDCrBNX9LqMX6Nb87%2FpnOO2HQqARv%2Bh%2FyeEcvVIMwCMIg9FeE4YnuLkxYiOxRK6y0gkq9WgkbdXTNs9jmHiz1wDojchWCDZ%2FbfvIYIh5Apd9d53bH6eytD9JcUqcNOuz4E7WjdKGQzsrEeEjU8fQ0tB0S8uAStDqeOoDuHI4dIBJD4v0WIlLHU5mIOkcXSiMJrhCxF1F0BuByAEEHiPVdCHZGgJhhfQMqfbiuTUF3L1g6Zodk7unfEMWQzP3%2BElT67bIUXf%2BWlrkTWll0kxKiO4BoD5DlJ3B7HkRxgth9BsF%2BIQtP16DSww0rNQQrJ%2B6FGEAkA0jeA7Ue8vEnPOSJhzzzkLJznzZaSRA0kyip1ZbqcRzXanHcWFpkDVarLyUB8ngsrweX9RDLHmKzj8zsY0fcP2tchcl%2Fgt0uYZkH64bEu7GPDitRcILCEhSUoBAEhSMoOuURk7Zqy4dM2jwKp7k6zbWyr137gB5p1%2BaKHGQjMj8ejTf%2F5x%2FY4ed%2Bs7aY1KstSkMe0XrAIxrSxSSphotJUGW1JqwoIeylids9MSSvf%2FkpMjEkL9ywiOgJrDxBLC6D5q%2BBFv1mNQDd7teXAuyp7627o7eVpU5S5WhFmzaYLpG5Obhd70COyCuTRVX%2BfRs8PiXTQGxKZKbEHfEzQVve69%2FUBTm8qQtLHm9kTqRij46XeMtRx72vP%2BK7hTZs9brtffVePCbG5aPb3Lo1qphQbUu%2BWRaMcbOiTczJD6t2i0ebud1ezo3Ks7XN91dW08xwa4VWA1BxduUKYjEkzz%2F5Z%2FI8Xx69CmEGMHmJNJ8pFfoEcbYPm816VhMYOcNR5qHIy76pRrOmFASSzzCNSlh%2B%2BuNf%2F1%2Ba1Qf2HtrGA3V3odISHVOiI0tQ2YPNL%2FddZk7f%2FbU2CUTS60fSeIeRNPL%2BxWitOPd5IwkSHlR5lLSipEkD1krqrYi2Qt6MGjSEs8P4wRfz%2FwEAAP%2F%2FAQAA%2F%2F8KfGMMdgQAAA%3D%3D HTTP/1.1
Host: temperrunnersdale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Cookie: u_pl=17949921; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec736f429aa1eba40eba1a6ff216f02d37=[3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 13 Dec 2022 15:06:58 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c42d86ffcf046d8f88388e5cff97238e
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=7f451870-86de-4222-8b43-8e3bf4543426&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=736f429aa1eba40eba1a6ff216f02d37&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=7f451870-86de-4222-8b43-8e3bf4543426&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=736f429aa1eba40eba1a6ff216f02d37&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=7f451870-86de-4222-8b43-8e3bf4543426&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=736f429aa1eba40eba1a6ff216f02d37&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 13 Dec 2022 15:06:58 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ecf77df7b2b3f3266c4d021577a847a5
Strict-Transport-Security: max-age=0; includeSubdomains
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
200 OK 660 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
Hash 55130bf120bd75a4bba7d678be617cdf
77b172c0cc1d15e60ab95edccf3ac1e640d16812
262b9e8c2eeba18bdc3dd53ac7bbacdbbec713a9443ff5dc34e359de56ea040d
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 13 Dec 2022 15:06:58 GMT
Date: Tue, 13 Dec 2022 15:06:58 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash aa84e06995042e1322075032a2fc727e
69cea844074957e83574ba3ae81a22c14bb0b15c
155e80cfb87e5cb8149276ab3a0fb53e217024f46878dcd3711f1def03d068c2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "155E80CFB87E5CB8149276AB3A0FB53E217024F46878DCD3711F1DEF03D068C2"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11563
Expires: Tue, 13 Dec 2022 18:19:41 GMT
Date: Tue, 13 Dec 2022 15:06:58 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash aa84e06995042e1322075032a2fc727e
69cea844074957e83574ba3ae81a22c14bb0b15c
155e80cfb87e5cb8149276ab3a0fb53e217024f46878dcd3711f1def03d068c2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "155E80CFB87E5CB8149276AB3A0FB53E217024F46878DCD3711F1DEF03D068C2"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11563
Expires: Tue, 13 Dec 2022 18:19:41 GMT
Date: Tue, 13 Dec 2022 15:06:58 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash aa84e06995042e1322075032a2fc727e
69cea844074957e83574ba3ae81a22c14bb0b15c
155e80cfb87e5cb8149276ab3a0fb53e217024f46878dcd3711f1def03d068c2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "155E80CFB87E5CB8149276AB3A0FB53E217024F46878DCD3711F1DEF03D068C2"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11563
Expires: Tue, 13 Dec 2022 18:19:41 GMT
Date: Tue, 13 Dec 2022 15:06:58 GMT
Connection: keep-alive
temperrunnersdale.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=109
200 OK 0 B URL HTTP/1.1 temperrunnersdale.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=109
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=109 HTTP/1.1
Host: temperrunnersdale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 13 Dec 2022 15:06:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg
200 OK 65 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=242, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=364], progressive, precision 8, 364x242, components 3\012- data
Hash 61f7b1fa1698507638df7882e2bdfcaf
89134af9a734f4c30d0db01ea36c86895e46b7e3
bc0a583f7e3c834e53d5263ecc90d279b27460ea2e9bce56b7ac6b129eb5849c
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:06:58 GMT
content-type: image/jpeg
content-length: 64642
last-modified: Thu, 12 Aug 2021 09:52:54 GMT
etag: "6114ef76-fc82"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2423754
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2F9haQfuBUBY00UHxffaAqfEdJKMDIMMfMHPvMHBEQ6F14WMbjeYiJ4%2BpoRN1Pufs0GS2q5loAGoYPAjfJlYYdgQxlzJD54jWiwtIvL2x4EUyElHaGsx2rm3tdKHPyZhR8uDpTqU48jg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 778f9b52ae80891e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash aa84e06995042e1322075032a2fc727e
69cea844074957e83574ba3ae81a22c14bb0b15c
155e80cfb87e5cb8149276ab3a0fb53e217024f46878dcd3711f1def03d068c2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "155E80CFB87E5CB8149276AB3A0FB53E217024F46878DCD3711F1DEF03D068C2"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11563
Expires: Tue, 13 Dec 2022 18:19:41 GMT
Date: Tue, 13 Dec 2022 15:06:58 GMT
Connection: keep-alive
temperrunnersdale.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fjs%2Fscript.js&l=386&fd=426
200 OK 0 B URL HTTP/1.1 temperrunnersdale.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fjs%2Fscript.js&l=386&fd=426
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fjs%2Fscript.js&l=386&fd=426 HTTP/1.1
Host: temperrunnersdale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 13 Dec 2022 15:06:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.stjohnsatlanta.org
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Dec 2022 21:13:27 GMT
Expires: Thu, 07 Dec 2023 21:13:27 GMT
Cache-Control: public, max-age=31536000
Age: 496411
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.stjohnsatlanta.org
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Dec 2022 21:12:42 GMT
Expires: Thu, 07 Dec 2023 21:12:42 GMT
Cache-Control: public, max-age=31536000
Age: 496456
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
temperrunnersdale.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3o2ICAtZBFEQ56igk%2B75kZlxD2JcI8GYZH9IvFZXVU9qU1PVVFVPT3IKLsgeZw%2FCeut8k2xQF3G9izLxsgSEjAfJwYDgHyCIi0eZyciwD7rf%2B95XBd%2F3Xn2%2Bn52TEBk92%2FjY7Eql6EK9HJbe2JSam9yV1m6XorAcXittSr1Yu1bqjX%2B2%2B04U1svhm6UPBds2C5UwCsMojErL0orE9BYmLGT6qBWVW2G5VilH9Rp69lnssgCOBuDdc3IVko%2Be23ryGJINoTvfXRdu25v0rQ86maLeWHT50Sd6W5tcozMrExsg0UfT0zBuRMiDSzD6aOoApnswdoBYjkjwW4RYH01lIu4eXiiNFYRGzF9E3h1CqCEkHYKZu5D8lACMY20duvNwzdic7lywdMyOyNzTvyHzEZn7%2FSXozrdLSvZKt4zKvDTaoZcUkL0hZHuINDuG3w0g82Mw%2Fxkk%2F4UsPF2F7hysO2UgeTFxL%2BUQMhlCiT6oC5CNPxkgSwJkaYAOPyvReisJw0YSJ9Vqs8YYq1YZqzcXeZ1Xa80kRMbG8vrwaR9M9cHsHlK7h215%2F7R%2BFTb7CW6rgOMBnB%2BR4MYeurxALghyR5BTglwS5J4g7xaHXLmKKx5y5bI4mubKNFeLgfHtfXpofFtosp%2Bek%2FnxaIL5P%2F%2FAtjgrNaqLSa3SojQSMa2FIqYRXUySSrSYhBVebcDJAtJdmrjdlSPy%2BpefIpUj8sINh5gew6ljMHkZNHsNNB80KiHo1qDWDLGrv3f%2BjtnSjnpFtadlY9vgpkDq5%2BB3gn11Tl6ZLKr879sQ7IRMA8wWSG2BO%2FJngra6N7hpcnJw0%2BSOPF5PvezIXTpe4i1PvQi%2B%2Fkjs5Mbyleuu%2F9V7bEyMy0e3hfOrVHOp2458syQ5F3bZWCbIDytuU8QbmdtayqzO0tWN95dXOqkVzkmjh6Dy9MoVMDkizz%2F5Z%2FI8Xz5%2FFdIOYbMCnWymVJpjsHQPLp31nCGwaobjNECeFQNbiWdNJQmUmGEaF3Di5Me%2F%2Fr80q%2FfdPbRtAOrvQncKdG2BripAVR8uuzzwqT1599fqJBCrYBArGxzEyqr7F6N18qxUj2qiGTcbjPNYMB41KtVmNQwrnNcaLRG14N2IPfhi%2Fj8AAAD%2F%2FwEAAP%2F%2FHnTt6nYEAAA%3D
200 OK 7 B URL HTTP/1.1 temperrunnersdale.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3o2ICAtZBFEQ56igk%2B75kZlxD2JcI8GYZH9IvFZXVU9qU1PVVFVPT3IKLsgeZw%2FCeut8k2xQF3G9izLxsgSEjAfJwYDgHyCIi0eZyciwD7rf%2B95XBd%2F3Xn2%2Bn52TEBk92%2FjY7Eql6EK9HJbe2JSam9yV1m6XorAcXittSr1Yu1bqjX%2B2%2B04U1svhm6UPBds2C5UwCsMojErL0orE9BYmLGT6qBWVW2G5VilH9Rp69lnssgCOBuDdc3IVko%2Be23ryGJINoTvfXRdu25v0rQ86maLeWHT50Sd6W5tcozMrExsg0UfT0zBuRMiDSzD6aOoApnswdoBYjkjwW4RYH01lIu4eXiiNFYRGzF9E3h1CqCEkHYKZu5D8lACMY20duvNwzdic7lywdMyOyNzTvyHzEZn7%2FSXozrdLSvZKt4zKvDTaoZcUkL0hZHuINDuG3w0g82Mw%2Fxkk%2F4UsPF2F7hysO2UgeTFxL%2BUQMhlCiT6oC5CNPxkgSwJkaYAOPyvReisJw0YSJ9Vqs8YYq1YZqzcXeZ1Xa80kRMbG8vrwaR9M9cHsHlK7h215%2F7R%2BFTb7CW6rgOMBnB%2BR4MYeurxALghyR5BTglwS5J4g7xaHXLmKKx5y5bI4mubKNFeLgfHtfXpofFtosp%2Bek%2FnxaIL5P%2F%2FAtjgrNaqLSa3SojQSMa2FIqYRXUySSrSYhBVebcDJAtJdmrjdlSPy%2BpefIpUj8sINh5gew6ljMHkZNHsNNB80KiHo1qDWDLGrv3f%2BjtnSjnpFtadlY9vgpkDq5%2BB3gn11Tl6ZLKr879sQ7IRMA8wWSG2BO%2FJngra6N7hpcnJw0%2BSOPF5PvezIXTpe4i1PvQi%2B%2Fkjs5Mbyleuu%2F9V7bEyMy0e3hfOrVHOp2458syQ5F3bZWCbIDytuU8QbmdtayqzO0tWN95dXOqkVzkmjh6Dy9MoVMDkizz%2F5Z%2FI8Xz5%2FFdIOYbMCnWymVJpjsHQPLp31nCGwaobjNECeFQNbiWdNJQmUmGEaF3Di5Me%2F%2Fr80q%2FfdPbRtAOrvQncKdG2BripAVR8uuzzwqT1599fqJBCrYBArGxzEyqr7F6N18qxUj2qiGTcbjPNYMB41KtVmNQwrnNcaLRG14N2IPfhi%2Fj8AAAD%2F%2FwEAAP%2F%2FHnTt6nYEAAA%3D
IP
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3o2ICAtZBFEQ56igk%2B75kZlxD2JcI8GYZH9IvFZXVU9qU1PVVFVPT3IKLsgeZw%2FCeut8k2xQF3G9izLxsgSEjAfJwYDgHyCIi0eZyciwD7rf%2B95XBd%2F3Xn2%2Bn52TEBk92%2FjY7Eql6EK9HJbe2JSam9yV1m6XorAcXittSr1Yu1bqjX%2B2%2B04U1svhm6UPBds2C5UwCsMojErL0orE9BYmLGT6qBWVW2G5VilH9Rp69lnssgCOBuDdc3IVko%2Be23ryGJINoTvfXRdu25v0rQ86maLeWHT50Sd6W5tcozMrExsg0UfT0zBuRMiDSzD6aOoApnswdoBYjkjwW4RYH01lIu4eXiiNFYRGzF9E3h1CqCEkHYKZu5D8lACMY20duvNwzdic7lywdMyOyNzTvyHzEZn7%2FSXozrdLSvZKt4zKvDTaoZcUkL0hZHuINDuG3w0g82Mw%2Fxkk%2F4UsPF2F7hysO2UgeTFxL%2BUQMhlCiT6oC5CNPxkgSwJkaYAOPyvReisJw0YSJ9Vqs8YYq1YZqzcXeZ1Xa80kRMbG8vrwaR9M9cHsHlK7h215%2F7R%2BFTb7CW6rgOMBnB%2BR4MYeurxALghyR5BTglwS5J4g7xaHXLmKKx5y5bI4mubKNFeLgfHtfXpofFtosp%2Bek%2FnxaIL5P%2F%2FAtjgrNaqLSa3SojQSMa2FIqYRXUySSrSYhBVebcDJAtJdmrjdlSPy%2BpefIpUj8sINh5gew6ljMHkZNHsNNB80KiHo1qDWDLGrv3f%2BjtnSjnpFtadlY9vgpkDq5%2BB3gn11Tl6ZLKr879sQ7IRMA8wWSG2BO%2FJngra6N7hpcnJw0%2BSOPF5PvezIXTpe4i1PvQi%2B%2Fkjs5Mbyleuu%2F9V7bEyMy0e3hfOrVHOp2458syQ5F3bZWCbIDytuU8QbmdtayqzO0tWN95dXOqkVzkmjh6Dy9MoVMDkizz%2F5Z%2FI8Xz5%2FFdIOYbMCnWymVJpjsHQPLp31nCGwaobjNECeFQNbiWdNJQmUmGEaF3Di5Me%2F%2Fr80q%2FfdPbRtAOrvQncKdG2BripAVR8uuzzwqT1599fqJBCrYBArGxzEyqr7F6N18qxUj2qiGTcbjPNYMB41KtVmNQwrnNcaLRG14N2IPfhi%2Fj8AAAD%2F%2FwEAAP%2F%2FHnTt6nYEAAA%3D HTTP/1.1
Host: temperrunnersdale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Cookie: u_pl=17949921; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec736f429aa1eba40eba1a6ff216f02d37=[3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 13 Dec 2022 15:06:58 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a6923e2ad76d14f71b8d996fbe78558a
Strict-Transport-Security: max-age=0; includeSubdomains
temperrunnersdale.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fanimate.css&l=79245&fd=441
200 OK 0 B URL HTTP/1.1 temperrunnersdale.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fanimate.css&l=79245&fd=441
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fanimate.css&l=79245&fd=441 HTTP/1.1
Host: temperrunnersdale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 13 Dec 2022 15:06:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
temperrunnersdale.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fstyle.css&l=3688&fd=462
200 OK 0 B URL HTTP/1.1 temperrunnersdale.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fstyle.css&l=3688&fd=462
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fstyle.css&l=3688&fd=462 HTTP/1.1
Host: temperrunnersdale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 13 Dec 2022 15:06:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
temperrunnersdale.com/pixel/sbs?c=1
200 OK 0 B URL HTTP/1.1 temperrunnersdale.com/pixel/sbs?c=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: temperrunnersdale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Cookie: u_pl=17949921; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec736f429aa1eba40eba1a6ff216f02d37=[3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 13 Dec 2022 15:06:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css
200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css
IP
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.stjohnsatlanta.org
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:06:58 GMT
content-type: text/css
last-modified: Thu, 12 Aug 2021 09:52:52 GMT
etag: W/"6114ef74-e68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x59dxgCKQ%2BQF7IQn5VNnCEKxOyi1SzPBhW8T3gEgU5QzzFGW1x2BmPz%2FJf2nVlNgDo%2F8ZRg%2BHYdeF7oilq04nzh2PfkjPSY2TSmvt%2FAMPwke%2B8ht7huoi860aEtmvaUBJvBIUJ9bC40A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 778f9b528c9172eb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html
200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html
IP
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.stjohnsatlanta.org
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:06:58 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Thu, 12 Aug 2021 09:54:31 GMT
etag: W/"6114efd7-609"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 13 Dec 2022 16:06:58 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js
200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js
IP
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.stjohnsatlanta.org
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:06:58 GMT
content-type: application/javascript
last-modified: Thu, 12 Aug 2021 09:52:54 GMT
etag: W/"6114ef76-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqk10RJymfgSjJViT4Pp%2BlQ2ZWpDAVh9qE%2B5YThs%2F4rExwKfOZfuZ3evqbXhWd5f5%2B5TnX3%2FTtourII2QzQDMFPdJgXhu8oZLYHdQhA4rtAI6EF%2F9BocBY%2BMJAzFgaA7aqGL22WgpzFX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 778f9b529c9f72eb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css
200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css
IP
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.stjohnsatlanta.org
Connection: keep-alive
Referer: http://www.stjohnsatlanta.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Dec 2022 15:06:58 GMT
content-type: text/css
last-modified: Thu, 12 Aug 2021 09:52:53 GMT
etag: W/"6114ef75-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Ii6581XlMizuuWPV0yHDrU78Ludd70JZluu3WaSrs5E2vJmstptud5V0u5b3KrJdOfBu9jtV4%2FbEqRocJi%2FHYeU9HaPEEh%2FlyUfNg47nmU3665Of9aHr2t6hA1pbDDuCxUTElyTN9pP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 778f9b529c9e72eb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maps.gstatic.com/maps-api-v3/embed/js/51/3/init_embed.js
200 OK 0 B URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/3/init_embed.js
IP
GET /maps-api-v3/embed/js/51/3/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69327
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 20:12:31 GMT
expires: Thu, 07 Dec 2023 20:12:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 18:55:12 GMT
content-type: text/javascript
age: 500065
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
199.34.228.59
104.18.21.226
3.71.139.39
151.101.86.109
93.184.220.29
95.101.11.115