Overview

URL balancingthecrazy.com/
IP162.241.216.224
ASNOIS1
Location United States
Report completed2022-09-12 10:46:32 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-12 2 balancingthecrazy.com/ Phishing
2022-09-12 2 balancingthecrazy.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 Phishing
2022-09-12 2 balancingthecrazy.com/wp-content/themes/savona/assets/css/fontello.css?ver=6.0.2 Phishing
2022-09-12 2 balancingthecrazy.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?v (...) Phishing
2022-09-12 2 balancingthecrazy.com/wp-content/themes/savona/assets/css/slick.css?ver=6.0.2 Phishing
2022-09-12 2 balancingthecrazy.com/wp-content/themes/savona/assets/css/perfect-scrollbar (...) Phishing
2022-09-12 2 balancingthecrazy.com/wp-content/themes/savona/assets/css/responsive.css?ve (...) Phishing
2022-09-12 2 balancingthecrazy.com/wp-content/themes/savona/assets/css/woocommerce.css?v (...) Phishing
2022-09-12 2 balancingthecrazy.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.3.1 Phishing
2022-09-12 2 balancingthecrazy.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 Phishing
2022-09-12 2 balancingthecrazy.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Phishing
2022-09-12 2 balancingthecrazy.com/wp-content/themes/savona/assets/fonts/fontawesome-web (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (16)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS fonts.googleapis.com (2) 8877 2014-07-21 13:19:55 UTC 2022-09-12 05:54:37 UTC 142.250.74.10
mnemonic passive DNS 2.gravatar.com (1) 8108 2013-06-12 08:26:20 UTC 2022-09-12 05:36:13 UTC 192.0.73.2
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-12 05:38:13 UTC 143.204.55.35
mnemonic passive DNS i0.wp.com (2) 3021 2013-09-17 06:14:42 UTC 2022-09-12 05:52:01 UTC 192.0.77.2
mnemonic passive DNS 0.gravatar.com (1) 6977 2012-05-21 07:08:47 UTC 2022-09-12 04:05:39 UTC 192.0.73.2
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-12 06:04:57 UTC 34.212.13.96
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-12 04:05:50 UTC 34.120.237.76
mnemonic passive DNS stats.wp.com (1) 2711 2017-01-30 05:06:59 UTC 2022-09-12 05:05:44 UTC 192.0.76.3
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-12 04:51:47 UTC 95.101.11.115
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-12 05:23:45 UTC 143.204.55.35
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-09-12 04:51:32 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS balancingthecrazy.com (19) 0 2019-05-28 13:29:48 UTC 2022-09-10 15:43:28 UTC 162.241.216.224 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-12 04:53:23 UTC 34.117.237.239
mnemonic passive DNS s.w.org (3) 748 2017-01-30 04:56:16 UTC 2022-09-12 04:50:10 UTC 192.0.77.48
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-12 05:49:40 UTC 93.184.220.29
mnemonic passive DNS pixel.wp.com (1) 2545 2017-01-30 05:31:40 UTC 2022-09-12 05:05:45 UTC 192.0.76.3


Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 162.241.216.224

Date UQ / IDS / BL URL IP
2022-11-18 10:15:30 +0000
0 - 0 - 17 balancingthecrazy.com/2022/07/19/the-great-to (...) 162.241.216.224
2022-09-12 10:46:32 +0000
0 - 0 - 12 balancingthecrazy.com/ 162.241.216.224

Last 5 reports on ASN: OIS1

Date UQ / IDS / BL URL IP
2022-12-01 11:45:24 +0000
0 - 0 - 2 georgestoychest.com/wp-includes/js/tinymce/pl (...) 162.241.216.164
2022-11-30 01:45:33 +0000
0 - 0 - 1 dheerajkumar.net/wp-admin/js/refresheddoccssi (...) 162.241.216.233
2022-11-29 23:55:25 +0000
0 - 0 - 2 www.thedockage.com/lift-type/floating-drydock/ 162.241.216.50
2022-11-29 17:13:04 +0000
0 - 0 - 1 fobmasters.com/pics/veve.exe 162.241.217.45
2022-11-29 15:17:18 +0000
0 - 0 - 2 autodiscover.capasjm.com/ 108.179.193.139

Last 2 reports on domain: balancingthecrazy.com

Date UQ / IDS / BL URL IP
2022-11-18 10:15:30 +0000
0 - 0 - 17 balancingthecrazy.com/2022/07/19/the-great-to (...) 162.241.216.224
2022-09-12 10:46:32 +0000
0 - 0 - 12 balancingthecrazy.com/ 162.241.216.224

No other reports with similar screenshot



JavaScript

Executed Scripts (9)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (51)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14974
Expires: Mon, 12 Sep 2022 14:55:55 GMT
Date: Mon, 12 Sep 2022 10:46:21 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 10:08:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9SQ0bOIcll8gbvD2sr8FYJ7MGlFxdV7R5qlOnwuM0VGUoFOi_YM6xw==
Age: 2291


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    b593eb39329cfe060d55be5e4a5405e2
Sha1:   78e46c1028e9f94f8569303ad2d90d7df13a059a
Sha256: 08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vUrIxerepDIt2oBlh1hSdL6_K0lgQlAySApcU0Okl22_E9F1Fij7Ng==
age: 12550
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET / HTTP/1.1 
Host: balancingthecrazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         162.241.216.224
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 12 Sep 2022 10:46:21 GMT
Server: nginx/1.21.6
Link: <https://balancingthecrazy.com/wp-json/>; rel="https://api.w.org/", <https://wp.me/a77G8>; rel=shortlink
Cache-Control: max-age=300
Expires: Mon, 12 Sep 2022 10:51:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-Server-Cache: true
X-Proxy-Cache: HIT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (17893), with CRLF, LF line terminators
Size:   25189
Md5:    c2ad46e2f429c7f19c8e5b1d87b1108e
Sha1:   a33c5e580456dbd08c13b690641b884cfd73d33a
Sha256: 8decfd4f9f7217c2d3f3c9bafa070fb3427692b77d92317af271436b3d3e2ed1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 12 Sep 2022 10:46:22 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /css?family=Playfair+Display%3A400%2C700&ver=1.0.0 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         142.250.74.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 12 Sep 2022 10:46:22 GMT
Date: Mon, 12 Sep 2022 10:46:22 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   481
Md5:    6e16bd6b4feabbe7c23fcfb62e1b6a99
Sha1:   5bdebbaef7114f06802e4f71d80bf0feced3a73f
Sha256: ba17705de161a8f9baad24c76fb1d1e9b41a73b675f1ee9ba636dcaab09edab5
                                        
                                            GET /css?family=Open+Sans%3A400italic%2C400%2C600italic%2C600%2C700italic%2C700&ver=1.0.0 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         142.250.74.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 12 Sep 2022 10:46:22 GMT
Date: Mon, 12 Sep 2022 10:46:22 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   881
Md5:    0baf00f83a90a68c201629480f861bbc
Sha1:   204f8831498fd96db335a4f5cc81ebb9664c675c
Sha256: 53a6d7a119ed8a5335c83a8a69bf21187c65af0f95b22708e7237bdd0272cef3
                                        
                                            GET /balancingthecrazy.com/wp-content/uploads/2018/07/cropped-B048D178-8F72-428A-A338-8D8AFEF87902-e1532460628998.jpeg?fit=250%2C154&ssl=1 HTTP/1.1 
Host: i0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balancingthecrazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.0.77.2
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Mon, 12 Sep 2022 10:46:22 GMT
content-length: 4702
last-modified: Mon, 11 Jul 2022 06:50:48 GMT
expires: Wed, 10 Jul 2024 18:50:48 GMT
cache-control: public, max-age=63115200
link: <https://balancingthecrazy.com/wp-content/uploads/2018/07/cropped-B048D178-8F72-428A-A338-8D8AFEF87902-e1532460628998.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "1d0de916c0512a25"
vary: Accept
x-nc: HIT arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 250x154, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   4702
Md5:    f9a55b22bc879d48188c2be985b83f8f
Sha1:   31525caa4e0bb33975495cba9dd897a6ec9ee963
Sha256: 21d0d1ca42a4aaa7adc5cc4d14251850ec5b58b6b3fd33dba6da8226311b4452
                                        
                                            GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 HTTP/1.1 
Host: balancingthecrazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         162.241.216.224
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 12 Sep 2022 10:46:22 GMT
Server: Apache
Last-Modified: Wed, 09 Dec 2020 06:46:59 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 12 Oct 2022 10:46:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
Content-Length: 3239


--- Additional Info ---
Magic:  ASCII text, with very long lines (11256), with no line terminators
Size:   3239
Md5:    1054d0d53548e8bae51665b11acc6413
Sha1:   2eea6a05fe18db61fff58c431d34a86b3e0b7ade
Sha256: cb8b0f0f3f871d9776da32ee6d9e1af9277a211be61e97a831c7f8c98fbebfae
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1 
Host: balancingthecrazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         162.241.216.224
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 12 Sep 2022 10:46:22 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Wed, 13 Jul 2022 03:47:30 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 12 Oct 2022 10:46:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
Content-Length: 16594


--- Additional Info ---
Magic:  ASCII text, with very long lines (43771)
Size:   16594
Md5:    2a67a4888baa44de739f3fe56203ce07
Sha1:   da175eae57f26b655747d79f055477e3fee1abb9
Sha256: 3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/savona/assets/css/fontello.css?ver=6.0.2 HTTP/1.1 
Host: balancingthecrazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         162.241.216.224
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 12 Sep 2022 10:46:22 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Mon, 15 Aug 2022 03:47:31 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 12 Oct 2022 10:46:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
Content-Length: 801


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   801
Md5:    3fcce85c25147b034d9b34ef0bb102c7
Sha1:   537ac2b5708750fd6694a4ab63ba03efca2a112f
Sha256: b25b8dc638fa4582ffa4617a3e77fab6ea2a69452162514f5c973b827976659a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2 HTTP/1.1 
Host: balancingthecrazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         162.241.216.224
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 12 Sep 2022 10:46:22 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Wed, 13 Nov 2019 05:07:36 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 12 Oct 2022 10:46:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
Content-Length: 1298


--- Additional Info ---
Magic:  ASCII text, with very long lines (4186), with no line terminators
Size:   1298
Md5:    91bab39b98d7e5c1632717b9ebe349e4
Sha1:   e639a447d06fc7827be5b5b35d603ff16b5f7bb1
Sha256: 47ff151faeb23a5654f6ec58b404e51193f6714849a69de241c2ee79662f74c6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/savona/assets/css/slick.css?ver=6.0.2 HTTP/1.1 
Host: balancingthecrazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         162.241.216.224
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 12 Sep 2022 10:46:22 GMT
Server: Apache
Last-Modified: Mon, 15 Aug 2022 03:47:31 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 12 Oct 2022 10:46:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
Content-Length: 464


--- Additional Info ---
Magic:  ASCII text
Size:   464
Md5:    fec0675d238ab63f20af3798679ee257
Sha1:   fecccd03ed91c3755f6c4ce1564682ad6065958b
Sha256: 6a3384ea7d5c54d405f6f63fe7ff8ccc550f2644670dd31a077653dbd0a18750

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/savona/assets/css/font-awesome.css?ver=6.0.2 HTTP/1.1 
Host: balancingthecrazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         162.241.216.224
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 12 Sep 2022 10:46:22 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Mon, 15 Aug 2022 03:47:31 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 12 Oct 2022 10:46:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
Content-Length: 7524


--- Additional Info ---
Magic:  troff or preprocessor input, ASCII text, with very long lines (372)
Size:   7524
Md5:    40cb5611d434baba9e74af03cd5a36bf
Sha1:   a12a2f8dd664cd2e41ba0caf47215932c4c6be35
Sha256: 2bcb48fab4bccd6071099a9bded14540d169adf2f559d1b0fae496480c30998e
                                        
                                            GET /wp-content/themes/savona/assets/css/perfect-scrollbar.css?ver=6.0.2 HTTP/1.1 
Host: balancingthecrazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         162.241.216.224
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 12 Sep 2022 10:46:22 GMT
Server: Apache
Last-Modified: Mon, 15 Aug 2022 03:47:31 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 12 Oct 2022 10:46:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
Content-Length: 399


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   399
Md5:    626de1992de89bc6a753723ac232ec2f
Sha1:   d72ab26603b7bc512e424e4a6791098d0f1cf451
Sha256: fb52056de07749e6bcddb97b622780deabfe852a4058216724600b01190b6eff

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/savona/style.css?ver=6.0.2 HTTP/1.1 
Host: balancingthecrazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         162.241.216.224
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 12 Sep 2022 10:46:22 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Mon, 15 Aug 2022 03:47:31 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 12 Oct 2022 10:46:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
Content-Length: 14704


--- Additional Info ---
Magic:  ASCII text, with very long lines (456), with CRLF line terminators
Size:   14704
Md5:    d21ee898218131cd64bcad14a9798a86
Sha1:   5c772f72f433a43e2779d3ddff732eb5710ff556
Sha256: 3d0fee6383c09283b9132055a744a1bc9c16fecb205ac42ae5a53ab5a7e29327
                                        
                                            GET /wp-content/themes/savona/assets/css/responsive.css?ver=6.0.2 HTTP/1.1 
Host: balancingthecrazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         162.241.216.224
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 12 Sep 2022 10:46:22 GMT
Server: Apache
Last-Modified: Mon, 15 Aug 2022 03:47:31 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 12 Oct 2022 10:46:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
Content-Length: 2401


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   2401
Md5:    185a4fc3a77f807cec4b6f02d8bee19a
Sha1:   f8ec41c4b43571e80b277c789ba9aa8975ccb1ce
Sha256: d445f3f4bd2401d447dfc4f9e4767809dfadd9a1c5d186e2612c38b7790eff1a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/savona/assets/css/woocommerce.css?ver=6.0.2 HTTP/1.1 
Host: balancingthecrazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         162.241.216.224
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 12 Sep 2022 10:46:22 GMT
Server: Apache
Last-Modified: Mon, 15 Aug 2022 03:47:31 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 12 Oct 2022 10:46:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
Content-Length: 4357


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   4357
Md5:    d25407d9f4ead531e17eec1f9d810abf
Sha1:   767779827dcccbd050aefda67d36f31d9a1a7895
Sha256: 280cd12f17dc44ced8ccca1171d51ea97bde4610130d50586d1da4b906e9acf6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.3.1 HTTP/1.1 
Host: balancingthecrazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         162.241.216.224
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 12 Sep 2022 10:46:22 GMT
Server: Apache
Last-Modified: Fri, 09 Sep 2022 15:47:28 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 12 Oct 2022 10:46:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size:   23535
Md5:    e962be8e78625364b9e496c1ad936bcd
Sha1:   1772184401a4faffb97f1bd8f51f9f809ca25932
Sha256: e5b407ef97d631244fe033ba1b4640d414562e57b7b614f68dcdaf7f2b91ec9f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 12 Sep 2022 09:56:07 GMT
Cache-Control: max-age=3600
Expires: Mon, 12 Sep 2022 10:45:54 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: I3lkUnN6cdkarjE9Z9SniOoMDd870NZioEjh2KyjZ2I6DlPQg-niCQ==
Age: 3015


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: balancingthecrazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         162.241.216.224
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 12 Sep 2022 10:46:22 GMT
Server: Apache
Last-Modified: Wed, 09 Dec 2020 06:46:59 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 12 Sep 2022 16:46:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
Content-Length: 4618


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4618
Md5:    acdb97105af28a7066790c6748ae2e1e
Sha1:   65794d2c5a9d04f747faf370bc8bacd330e69e5a
Sha256: dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1 
Host: balancingthecrazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         162.241.216.224
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 12 Sep 2022 10:46:22 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 04:30:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 12 Sep 2022 16:46:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
Content-Length: 5321


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   5321
Md5:    710f8b142ea44c0682dc2c30f318f065
Sha1:   49144e9b3a76d3d383b1d4359cf7a25e947f4233
Sha256: 708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: balancingthecrazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         162.241.216.224
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 12 Sep 2022 10:46:22 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 04:31:03 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 12 Sep 2022 16:46:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   39066
Md5:    feb933ceca72e1d76b471ed9db278b0d
Sha1:   6179e8f9c9876a6c4df5e3138e9f8ee2ac25bcd1
Sha256: 9a525fa92f98fd5ac754d60ea6f3676bcaa3870dd9bf057c8c668399922c9bd0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001 HTTP/1.1 
Host: balancingthecrazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         162.241.216.224
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 12 Sep 2022 10:46:22 GMT
Server: Apache
Last-Modified: Fri, 09 Sep 2022 15:47:29 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 12 Sep 2022 16:46:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
Content-Length: 369


--- Additional Info ---
Magic:  ASCII text, with very long lines (685), with no line terminators
Size:   369
Md5:    accd80b294f42169b1e447e68bacfffe
Sha1:   40847092d82d78897a8219b270b22838fcc0bb95
Sha256: 35e8294d38f054cd6fbcdef72076443685888546d93b41a596e981a5e9a61552
                                        
                                            GET /wp-content/themes/savona/assets/js/custom-scripts.js?ver=6.0.2 HTTP/1.1 
Host: balancingthecrazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         162.241.216.224
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 12 Sep 2022 10:46:22 GMT
Server: Apache
Last-Modified: Mon, 15 Aug 2022 03:47:31 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 12 Sep 2022 16:46:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
Content-Length: 1666


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1666
Md5:    e1a12826fc6bdcdffd5121f5314f2377
Sha1:   bc76a536b38802d5bef18e1ce5a35e9ebbbb967a
Sha256: e5626f3264d76b1314db278be446c89c806a42962eff425d2bf9d51381e3b7c0
                                        
                                            GET /s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://balancingthecrazy.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 35764
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 06 Sep 2022 14:10:05 GMT
Expires: Wed, 06 Sep 2023 14:10:05 GMT
Cache-Control: public, max-age=31536000
Age: 506177
Last-Modified: Mon, 18 Jul 2022 19:06:36 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 35764, version 1.0\012- data
Size:   35764
Md5:    60f23230f1a8d5c3b7d25b73f5b5ce23
Sha1:   ed08ada85d017893b9bcb8224e99154c6708f5d2
Sha256: 22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://balancingthecrazy.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 05 Sep 2022 21:39:25 GMT
Expires: Tue, 05 Sep 2023 21:39:25 GMT
Cache-Control: public, max-age=31536000
Age: 565617
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5370
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 10:46:22 GMT
Last-Modified: Mon, 12 Sep 2022 09:16:52 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://balancingthecrazy.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 47952
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 06 Sep 2022 01:03:32 GMT
Expires: Wed, 06 Sep 2023 01:03:32 GMT
Cache-Control: public, max-age=31536000
Age: 553370
Last-Modified: Mon, 15 Aug 2022 18:22:41 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Size:   47952
Md5:    17b406b7b8caa297435fa358e194f5a1
Sha1:   e2132f0e97781af56fa966c0fabb49132f2af203
Sha256: 84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
                                        
                                            GET /balancingthecrazy.com/wp-content/uploads/2018/07/lemon-lip-lock.jpg?resize=300%2C238&ssl=1 HTTP/1.1 
Host: i0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balancingthecrazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.0.77.2
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Mon, 12 Sep 2022 10:46:22 GMT
content-length: 1360
last-modified: Tue, 06 Sep 2022 11:24:50 GMT
expires: Thu, 05 Sep 2024 23:24:50 GMT
cache-control: public, max-age=63115200
link: <https://balancingthecrazy.com/wp-content/uploads/2018/07/lemon-lip-lock.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "5383f8397048d0a8"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 300x238, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   1360
Md5:    3a6f6ad65e1ac2831570128be2ae5842
Sha1:   de6218a170b641252aa66feb10d868eed79b13b8
Sha256: 70a032fa88ab5c95e8dadc6faa027038b909c1a63f3d9b9addd0a4a074192f79
                                        
                                            GET /g.gif?v=ext&j=1%3A11.3.1&blog=149461176&post=0&tz=-4&srv=balancingthecrazy.com&host=balancingthecrazy.com&ref=&fcp=1154&rand=0.37939758922692124 HTTP/1.1 
Host: pixel.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         192.0.76.3
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 12 Sep 2022 10:46:22 GMT
Content-Length: 50
Connection: keep-alive
Cache-Control: no-cache
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  GIF image data, version 89a, 6 x 5\012- data
Size:   50
Md5:    e4d673a55c5656f19ef81563fb10884c
Sha1:   1f2d8ed221d39329251ad3a6ff1edb20b7219443
Sha256: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
                                        
                                            GET /avatar/8264efb61c1153f8489a969afa6c3632?s=30&d=mm&r=pg HTTP/1.1 
Host: 2.gravatar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         192.0.73.2
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 12 Sep 2022 10:46:23 GMT
Content-Length: 901
Connection: keep-alive
Last-Modified: Wed, 11 Jan 1984 08:00:00 GMT
Link: <https://www.gravatar.com/avatar/8264efb61c1153f8489a969afa6c3632?s=30&d=mm&r=pg>; rel="canonical"
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="8264efb61c1153f8489a969afa6c3632.png"
Expires: Mon, 12 Sep 2022 10:51:23 GMT
Cache-Control: max-age=300
X-nc: HIT arn 3
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 30x30, components 3\012- data
Size:   901
Md5:    de81104cbbda4c4dabe8f7ae293b344c
Sha1:   a75d71981e898d378cea86fb0e9e4c1298a48978
Sha256: 3a6685d05d6850ba09feb651bda0d7eb40da000349e1d89505e8f699f9ecc096
                                        
                                            GET /avatar/c3e8da1ca5432104287747249b67ef4f?s=30&d=mm&r=pg HTTP/1.1 
Host: 0.gravatar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         192.0.73.2
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 12 Sep 2022 10:46:23 GMT
Content-Length: 901
Connection: keep-alive
Last-Modified: Wed, 11 Jan 1984 08:00:00 GMT
Link: <https://www.gravatar.com/avatar/c3e8da1ca5432104287747249b67ef4f?s=30&d=mm&r=pg>; rel="canonical"
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="c3e8da1ca5432104287747249b67ef4f.png"
Expires: Mon, 12 Sep 2022 10:51:23 GMT
Cache-Control: max-age=300
X-nc: HIT arn 3
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 30x30, components 3\012- data
Size:   901
Md5:    de81104cbbda4c4dabe8f7ae293b344c
Sha1:   a75d71981e898d378cea86fb0e9e4c1298a48978
Sha256: 3a6685d05d6850ba09feb651bda0d7eb40da000349e1d89505e8f699f9ecc096
                                        
                                            GET /wp-content/themes/savona/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 
Host: balancingthecrazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://balancingthecrazy.com/wp-content/themes/savona/assets/css/font-awesome.css?ver=6.0.2

                                         
                                         162.241.216.224
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Mon, 12 Sep 2022 10:46:22 GMT
Server: Apache
Last-Modified: Mon, 15 Aug 2022 03:47:31 GMT
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=21600
Expires: Mon, 12 Sep 2022 16:46:22 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1mpzbn0X3oxtcBr7lbG0FA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.212.13.96
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mXI/Oc4nN1U0KUP2Fa+AF+gWRkI=

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: balancingthecrazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balancingthecrazy.com/

                                         
                                         162.241.216.224
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 12 Sep 2022 10:46:23 GMT
Server: nginx/1.21.6
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://balancingthecrazy.com/wp-json/>; rel="https://api.w.org/"
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-Server-Cache: true
X-Proxy-Cache: MISS

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12842
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 10:46:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12842
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 10:46:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12842
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 10:46:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12842
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 10:46:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12842
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 10:46:24 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6999
x-amzn-requestid: 61e3e817-fb62-47c7-b938-2dfc6a134622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO1mlG3XIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3629-37c2c8982c4ccf891875c59a;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S2TR552YpZeEbhTSAn4vdXexYpvR4Lrr-LaJmfNd7LnO0L4QM8w-Dg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:38:55 GMT
age: 25649
etag: "1904722d70348235d5472c54f888d2b4b991e2aa"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6999
Md5:    b7ccc33ae0c85a906f2c17db281ec790
Sha1:   1904722d70348235d5472c54f888d2b4b991e2aa
Sha256: f48edc03624f582b05b596694b76bd784f85eb9f2ca5dd025bbea9cc2ff1f096
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13568
x-amzn-requestid: ad06f499-3e04-414a-8a3f-6daa9e0124ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3yN1F2BIAMFoqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312fd8b-3a17f11440d2f37b23ac7f6a;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 07:08:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iNRnq8nMhoTo9oY379Ynb6uPW0vNyf3dNufU_HpXNfzxvhrAEKEzJQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 14:06:07 GMT
age: 74417
etag: "0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13568
Md5:    8625e0707046e7a3715a8dbb40b1cae2
Sha1:   0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78
Sha256: abc4c12561be08897341d9c8104c30a289357c0907e55c46895f7fb6afb2f75d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NKM6RRhJ5AuRF4NKSyBO6-KMkd1UGaw3DuZBkBao_8fzzpkMeDrn0w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:55:40 GMT
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
age: 46244
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9815
Md5:    239262b6ab17cb19414c35cd4f761092
Sha1:   48eddcf9838e980e67cc8f9cbb05b475df2f0331
Sha256: cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: u_jETr8miiFyuhq7R09yb0lAP-hUv_6eTRV81Xzd9gSqU31VXwC9CQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:15:48 GMT
age: 27036
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9466
Md5:    6174529fff57758e958da5432344962f
Sha1:   05ec2076b32398d60ee77fab8c14345bc7dfe647
Sha256: 65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 47073
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8799
Md5:    c14088c4ca0d576e087feed41b7f1565
Sha1:   172b23f2ef39b6c3fdebb5441b10a95712206d0a
Sha256: 2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bb54538-5f31-44e8-8743-582e31d384e4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5709
x-amzn-requestid: 747b7be7-356b-4a9e-9869-4b8f71e66f53
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YMl6sHaoIAMF2lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631b5044-0c6b0f57046b79cf56ecbf39;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 14:40:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WbzMgteMd5CxXXK6sARu-n39xAWcZiYHgkR2TCg2aNbzEXcaxS-TZQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 23:26:14 GMT
age: 40810
etag: "5a359aed379e554c5c9885cc8f7a3bff7447d246"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5709
Md5:    63d953ea7dce676e8b1c6fcab9f8eab7
Sha1:   5a359aed379e554c5c9885cc8f7a3bff7447d246
Sha256: 428029d6b65a52758df9fd8cb284df83ca4685031126b0ab5b60764a3e2d1a27
                                        
                                            GET /e-202237.js HTTP/1.1 
Host: stats.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balancingthecrazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.76.3
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 12 Sep 2022 10:46:22 GMT
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Sun, 03 Sep 2023 22:56:03 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/core/emoji/14.0.0/svg/2699.svg HTTP/1.1 
Host: s.w.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balancingthecrazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.48
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Mon, 12 Sep 2022 10:46:22 GMT
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/core/emoji/14.0.0/svg/1f680.svg HTTP/1.1 
Host: s.w.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balancingthecrazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.48
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Mon, 12 Sep 2022 10:46:22 GMT
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/core/emoji/14.0.0/svg/270c-1f3ff.svg HTTP/1.1 
Host: s.w.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balancingthecrazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.48
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Mon, 12 Sep 2022 10:46:22 GMT
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---