r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16346
Expires: Sun, 13 Nov 2022 01:59:44 GMT
Date: Sat, 12 Nov 2022 21:27:18 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash de470c6bab46e7c4b7cc69f392900fe7
189e4dcc4c2b8bf1f050e06bd68bce8a99618918
86f57134ddebd23a25615dc4d59c4b1ca8919e3e0495e1f006cbe7c0f39aa27e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6447
Cache-Control: max-age=139884
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:18 GMT
Etag: "636f75f3-1d7"
Expires: Mon, 14 Nov 2022 12:18:42 GMT
Last-Modified: Sat, 12 Nov 2022 10:31:15 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5076aaa9f4ccd602540286ce0590cb9a
bbf7936a8413a564478971d9e19beb6338cbc869
00e3b967c579b0ccf709b78d497a43d95646b16eb50925fef1e2694c58f290b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00E3B967C579B0CCF709B78D497A43D95646B16EB50925FEF1E2694C58F290B2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3445
Expires: Sat, 12 Nov 2022 22:24:43 GMT
Date: Sat, 12 Nov 2022 21:27:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 20:44:15 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2583
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: v/qrMPkaEsNqX5baoY3Wq1Mo2n7ovXUoyEt1RXsIteXIMOxb1ApEv5fzZCQnG05icQtvpxGvzHM=
x-amz-request-id: 17PTNYMAF625R1Z0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 21:13:08 GMT
age: 850
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 21:27:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.filipinoprivatedutynurseonline.com/
301 Moved Permanently 434 B URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 29372b095236511e3bda043ea288688d
a3db1d7394b13c09230e14ff940a46aeca8595f0
c47a08860a4032fabbbe3edb67506286db776eb442882833671d3995b2d64e86
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 12 Nov 2022 21:27:18 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=www.filipinoprivatedutynurseonline.com
Vary: X-W-SSL,User-Agent
Location: https://www.filipinoprivatedutynurseonline.com/
X-Host: blu45.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 434
Keep-Alive: timeout=10, max=68
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 21:25:00 GMT
cache-control: public,max-age=3600
age: 139
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash ae51f1958554de4457c22a7d5a9ba8b6
173e90a8c6ee36b7ec569dbea47436a90d7e7c76
dc43a04e1e26243f63a8e628f2ebcb23a9527fd4bc40dc6d1d61879b0f95bb21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6084
Cache-Control: max-age=134457
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:19 GMT
Etag: "636f622c-1d7"
Expires: Mon, 14 Nov 2022 10:48:16 GMT
Last-Modified: Sat, 12 Nov 2022 09:06:52 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5969fa9a4584e78a08c5e64565786d27
1047a658d3489a7f1d8afa32861a02b9ef2f3745
3fa5aad096d9314987fe35e2f3ae43e38c6d0757d44d7d317c0ee0c8d0c4f103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FA5AAD096D9314987FE35E2F3AE43E38C6D0757D44D7D317C0EE0C8D0C4F103"
Last-Modified: Sat, 12 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 13 Nov 2022 03:27:19 GMT
Date: Sat, 12 Nov 2022 21:27:19 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oBzNYl8kNEcvLSazxnyFcA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gqvp4AGFFiJynmFzJUVEuzqW3h4=
www.filipinoprivatedutynurseonline.com/
200 OK 24 kB URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (42182)
Hash a9434d6f47801e936ffa0e2953816770
f0bf283e4830320a532013382005e1c9115218b9
77996c18482fd0a1a107b5ed321ba4d30aca960d26794366b7d5945f26a3e788
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 21:27:19 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.filipinoprivatedutynurseonline.com
language=en; expires=Sat, 26-Nov-2022 21:27:19 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"fc5bbab55bbb1e4f1ad1b32904ee716d-gzip"
Content-Encoding: gzip
X-Host: grn72.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 23510
Keep-Alive: timeout=10, max=72
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.editmysite.com/js/site/commerce-core.js?buildTime=1659042403
200 OK 17 kB URL HTTP/2 cdn2.editmysite.com/js/site/commerce-core.js?buildTime=1659042403
IP
File type ASCII text, with very long lines (32011)
Hash e32a0ae988b9f1c9de6f0f70bfa0ffbd
c2e9ad2d183fa12c63df33521a919ad9eb0b44cb
fb4389e623d2a4a9b1d7be60bb37b99e71294a39fbfee8f7d9db5f68f67d0ec8
GET /js/site/commerce-core.js?buildTime=1659042403 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 00:31:45 GMT
etag: "636af4f1-f57e"
expires: Thu, 24 Nov 2022 09:20:02 GMT
cache-control: max-age=1209600
x-host: blu11.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Nov 2022 21:27:19 GMT
age: 216438
x-served-by: cache-sjc10053-SJC, cache-bma1663-BMA
x-cache: HIT, HIT
x-cache-hits: 60, 1
x-timer: S1668288440.850711,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17388
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/old/slideshow/slideshow.css?1659042403
200 OK 1.5 kB URL HTTP/2 cdn2.editmysite.com/css/old/slideshow/slideshow.css?1659042403
IP
File type ASCII text, with very long lines (7352)
Hash ba9bbd4df86b5b255f5ef44658e52130
3970cecb6939475f95556c2d32d17de0d1645f32
244b7b062e6e558009c622e46008d5542604b9163315220199a2ac50868ff3e5
GET /css/old/slideshow/slideshow.css?1659042403 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 07 Nov 2022 17:13:01 GMT
etag: W/"63693c9d-1cb9"
expires: Tue, 22 Nov 2022 09:29:58 GMT
cache-control: max-age=1209600
x-host: grn107.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Nov 2022 21:27:19 GMT
age: 388641
x-served-by: cache-sjc10062-SJC, cache-bma1663-BMA
x-cache: HIT, HIT
x-cache-hits: 44, 1
x-timer: S1668288440.850623,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1488
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/old/slideshow-jq.js?buildTime=1659042403
200 OK 13 kB URL HTTP/2 cdn2.editmysite.com/js/old/slideshow-jq.js?buildTime=1659042403
IP
File type ASCII text, with very long lines (32013)
Hash da04d4da36c827437eb064334cf40561
b54b259c2dce4a00e265deddf2ee0941dda6ed40
0064ed54b2f6244cda5252037026ceb744b58067811265aa1a10c3f7cd937b3a
GET /js/old/slideshow-jq.js?buildTime=1659042403 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 28 Oct 2022 22:29:29 GMT
etag: "635c57c9-9e0b"
expires: Mon, 14 Nov 2022 12:09:05 GMT
cache-control: max-age=1209600
x-host: blu123.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Nov 2022 21:27:19 GMT
age: 1070294
x-served-by: cache-sjc10047-SJC, cache-bma1663-BMA
x-cache: HIT, HIT
x-cache-hits: 1043, 1
x-timer: S1668288440.850949,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13265
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
IP
File type ASCII text, with very long lines (65483)
Hash a54a444f20643b131117dc2112cca05f
074964746b12ff1d30f7656310d6154ae1cc98b5
aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 16:26:29 GMT
expires: Wed, 08 Nov 2023 16:26:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 363650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main-commerce-browse.js?buildTime=1659042403
200 OK 17 kB URL HTTP/2 cdn2.editmysite.com/js/site/main-commerce-browse.js?buildTime=1659042403
IP
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32049)
Hash 15eaf839ff82242f8d02b1f60c073760
ed5886bbb71827073b52523683a95f0a051f8c40
c484962adc762a7df4929e867d53141cebf339cc60e1c611b3b7bfa61e1aea7d
GET /js/site/main-commerce-browse.js?buildTime=1659042403 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 18:50:30 GMT
etag: "63640d76-f92d"
expires: Mon, 21 Nov 2022 13:54:51 GMT
cache-control: max-age=1209600
x-host: blu38.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Nov 2022 21:27:19 GMT
age: 459148
x-served-by: cache-sjc10065-SJC, cache-bma1663-BMA
x-cache: HIT, HIT
x-cache-hits: 97, 1
x-timer: S1668288440.850828,VS0,VE2
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16977
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/social-icons.css?buildtime=1659042403
200 OK 1.6 kB URL HTTP/2 cdn2.editmysite.com/css/social-icons.css?buildtime=1659042403
IP
File type ASCII text, with very long lines (13080)
Hash ac8255fd3aff763f633de26aa635b291
9717c2a03ffe5a9662f8f4e834501160dea56f14
1450f9388d143d7f975c263e9c9728d99cdd07782439dffc564089ee02a74b31
GET /css/social-icons.css?buildtime=1659042403 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 28 Oct 2022 22:29:06 GMT
etag: W/"635c57b2-3319"
expires: Tue, 15 Nov 2022 07:44:30 GMT
cache-control: max-age=1209600
x-host: grn83.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Nov 2022 21:27:19 GMT
age: 999769
x-served-by: cache-sjc10083-SJC, cache-bma1663-BMA
x-cache: HIT, HIT
x-cache-hits: 19, 4
x-timer: S1668288440.864485,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1640
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/old/fancybox.css?1659042403
200 OK 1.2 kB URL HTTP/2 cdn2.editmysite.com/css/old/fancybox.css?1659042403
IP
File type ASCII text, with very long lines (3910)
Hash b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
GET /css/old/fancybox.css?1659042403 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Thu, 03 Nov 2022 18:50:13 GMT
etag: "63640d65-f47"
expires: Mon, 21 Nov 2022 13:03:53 GMT
cache-control: max-age=1209600
x-host: blu56.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Nov 2022 21:27:19 GMT
age: 462207
x-served-by: cache-sjc10065-SJC, cache-bma1663-BMA
x-cache: HIT, HIT
x-cache-hits: 422, 5
x-timer: S1668288440.865902,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1218
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP
Hash 07ca73e0ae78da90685dfb8693e6919e
dd00d5cf5dd71f2d73815cacd171301879de5064
3ec0826e68da0933ec30d52c6ab79f097b4f64519f2473d6c18dfa644bcf997d
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 21:27:19 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "89152801F696ABC6655FF8A59FB580C7FCCC7F88"
Expires: Sun, 13 Nov 2022 08:00:00 GMT
Last-Modified: Sat, 12 Nov 2022 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2111
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769259dd89f3b503-OSL
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1659042403
200 OK 159 kB URL HTTP/2 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1659042403
IP
File type ASCII text, with very long lines (32007)
Size 159 kB (158975 bytes)
Hash c29a5e4fd4ee0d3b7cd0597f2b9b602b
bb134ed641467954f4a724167dc7ea56a03e7fa8
bf9850a7e6dd269898b78ecf07a34438bc300cad0bbb2d280e10ccadf81646b2
GET /js/site/main-customer-accounts-site.js?buildTime=1659042403 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 00:22:09 GMT
etag: "6361b831-8250f"
expires: Wed, 16 Nov 2022 10:48:29 GMT
cache-control: max-age=1209600
x-host: blu93.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Nov 2022 21:27:19 GMT
age: 902330
x-served-by: cache-sjc10051-SJC, cache-bma1663-BMA
x-cache: HIT, HIT
x-cache-hits: 3325, 1
x-timer: S1668288440.854603,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 158975
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.editmysite.com/css/sites.css?buildTime=1659042403
200 OK 30 kB URL HTTP/2 cdn2.editmysite.com/css/sites.css?buildTime=1659042403
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
GET /css/sites.css?buildTime=1659042403 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 07 Nov 2022 17:12:40 GMT
etag: W/"63693c88-347ac"
expires: Tue, 22 Nov 2022 10:22:32 GMT
cache-control: max-age=1209600
x-host: blu54.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Nov 2022 21:27:19 GMT
age: 385487
x-served-by: cache-sjc10082-SJC, cache-bma1663-BMA
x-cache: HIT, HIT
x-cache-hits: 49, 2
x-timer: S1668288440.861791,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29746
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1659042403&
200 OK 33 kB URL HTTP/2 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1659042403&
IP
File type ASCII text, with very long lines (65024)
Hash 47ecd46fdd9dc84622ce1294541d92ef
7aeda09a697e41f88f4cbad0843d94bb3fdb7a50
ec251328b1cb905ffb368b273ab84ca8cf4f451218ed3412024ab56b48d0fbd0
GET /js/lang/en/stl.js?buildTime=1659042403& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 17:11:35 GMT
etag: "63693c47-2c1b7"
expires: Tue, 22 Nov 2022 12:43:05 GMT
cache-control: max-age=1209600
x-host: blu73.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Nov 2022 21:27:19 GMT
age: 377054
x-served-by: cache-sjc10062-SJC, cache-bma1663-BMA
x-cache: HIT, HIT
x-cache-hits: 36, 3
x-timer: S1668288440.869617,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32708
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.filipinoprivatedutynurseonline.com/files/templateArtifacts.js?1659145042
200 OK 1.6 kB URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/files/templateArtifacts.js?1659145042
IP
File type exported SGML document, ASCII text, with very long lines (1630)
Hash e0836e8203c22b8e4086f27e91e86f5a
28235e77f5a895c8cd411aff4a6ef4e6f7d419c2
32dbc4a2eeca39a57d35670f00e2cf59e03c279521e47506c56c5c36d8b664b6
GET /files/templateArtifacts.js?1659145042 HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 21:27:19 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu68.sf2p.intern.weebly.net
Content-Encoding: gzip
cdn.ywxi.net/app/weebly/trustmark.js?weeblySiteId=602948890348889816
200 OK 511 B URL HTTP/2 cdn.ywxi.net/app/weebly/trustmark.js?weeblySiteId=602948890348889816
IP
File type ASCII text, with very long lines (548)
Hash f75df196b83d25f486c08f6a677a7cdf
9e78dd9b16d93309b2e3451f74ed2b7997792155
b3b58def863569acc5eed3c7bcbeba7429bf027a6c4489159c364254258de3d0
GET /app/weebly/trustmark.js?weeblySiteId=602948890348889816 HTTP/1.1
Host: cdn.ywxi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 511
date: Sat, 12 Nov 2022 21:27:19 GMT
server: Apache
expires: Sat, 12 Nov 2022 22:27:19 GMT
cache-control: public, max-age=86400
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MbZW0LcC61ClZBCqHtsBkpy7jN75OgPV1cPM_PRp1JPw1G7L365pig==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.filipinoprivatedutynurseonline.com/files/theme/jquery.pxuMenu.js?1533678936
200 OK 3.6 kB URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/files/theme/jquery.pxuMenu.js?1533678936
IP
File type HTML document, ASCII text
Hash bceaa86565283bd14792eb1b54ff0840
b53536958488cd35c3cab4fee0836ecee71f7198
64e06f69316880758d204e466f95fe4a0378d021ed3abdaf63ec6c0d4f2dedcc
GET /files/theme/jquery.pxuMenu.js?1533678936 HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 21:27:20 GMT
Content-Type: application/javascript
Content-Length: 3571
Connection: keep-alive
Last-Modified: Tue, 01 Jun 2021 07:52:39 GMT
ETag: "bceaa86565283bd14792eb1b54ff0840"
x-amz-request-id: tx000000000000000c42f2c-0061633255-1ff9432-las
X-Storage-Bucket: z64e0
X-Storage-Object: 64e06f69316880758d204e466f95fe4a0378d021ed3abdaf63ec6c0d4f2dedcc
X-Host: grn44.sf2p.intern.weebly.net
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5381
Expires: Sat, 12 Nov 2022 22:57:01 GMT
Date: Sat, 12 Nov 2022 21:27:20 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5381
Expires: Sat, 12 Nov 2022 22:57:01 GMT
Date: Sat, 12 Nov 2022 21:27:20 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5381
Expires: Sat, 12 Nov 2022 22:57:01 GMT
Date: Sat, 12 Nov 2022 21:27:20 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Titillium+Web:400,300,300italic,200,200italic,700,400italic,700italic&subset=latin,latin-ext
200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Titillium+Web:400,300,300italic,200,200italic,700,400italic,700italic&subset=latin,latin-ext
IP
Hash 63e8e1958cbfa115c1d5caeefa44841a
8f72015d795651dc9168ad5bf8144ea5f7f914e9
ba21f9dd1da5017fc2022f35e43a7288b9973210d98853c5c07d636ca6d8bb5f
GET /css?family=Titillium+Web:400,300,300italic,200,200italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Nov 2022 21:27:19 GMT
date: Sat, 12 Nov 2022 21:27:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516f1bfefb1c1a737ea2441f85343b32
0cc22d7bf9092fb30f31e2ca8f242c197b891669
733824d4f6f7c5b54ce4e02ecaf152cfc1e10f3f6a801d7e2c55a02460e40087
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9012
x-amzn-requestid: 83eac9e7-5387-4e11-9769-182fa3f7fffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNC6FxzoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec212-5ca277b90a5a9a4c437edc1e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7wqdiuomEgaQlE1P5gopDGXbAkmh3ohPXYDcBWczuYFEcj8nczk9_w==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:52:57 GMT
age: 84863
etag: "0cc22d7bf9092fb30f31e2ca8f242c197b891669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f09e254cd6f2e29b3bf198cc5d58a46f
fa34520e849bf746ff43aec3d28beb9e4be44f4d
2e29eace95fd8cb5b6d77df880d2044ecab4206cba47931c3a95e77c1b4e9d9a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8953
x-amzn-requestid: 2a2d20f4-3aa5-475e-8ec2-fc569766335e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhQGAhIAMFrjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-26dc0259793ec94814f3d41a;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BcjpdZlgZPqBX1rk3Th_XlwHrDYoeAT8pWaH7I21WnkfFzvzJE8ekw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:42:55 GMT
age: 85465
etag: "fa34520e849bf746ff43aec3d28beb9e4be44f4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facfcee70-832e-4f2d-8fc7-55d2bfff651e.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facfcee70-832e-4f2d-8fc7-55d2bfff651e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eac2ed4bece6282c8273a58a88371e2e
2d90ff66079e8ffbaaa367a6bfc08927e7cc424d
aea97fd7d90302edcb3e0c08507d682e02166e8ddd4d082fc4f5435af438594c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facfcee70-832e-4f2d-8fc7-55d2bfff651e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8633
x-amzn-requestid: 8bdfbfbb-5193-4c62-ba1b-c906f7548676
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhSEC1oAMF8tw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-39b4c2954dbc8e4c40a2c9d8;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lxrfhO5oOGvECIrlZYKsfXOTZZksAIIHAafyRM-FdRXAaBVZs5cEQA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:04:43 GMT
age: 84157
etag: "2d90ff66079e8ffbaaa367a6bfc08927e7cc424d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash faa8e3cf2ab3c1d53a1735def5bb7476
ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f
e81a8fa312ec478871427f1d04ba7fe563573c683809153f75dec8df979d6efe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6577
x-amzn-requestid: b4587cfb-6041-453c-9e74-fa35ecd31448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMjIGHRoAMF26g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec147-29e7ec741b0e6f6f674aef75;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2y97S3ITb7MLXuIIAQfCCKjgvOXisdCT5mod7OD588LOhPCy_OrUXQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:02:21 GMT
age: 84299
etag: "ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85c6f450b38f41a2fb924d6d9a9cbff8
691f59b65ca9fde4f59bbf96b37071e07351f190
c8f877488a2cf65f0d9829384fd4113847722a1b4df94b6b1d5788699689722c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5583
x-amzn-requestid: e844f42a-e87e-4e61-8c97-137c07c5ae28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNeQ9Ho7IAMF5_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687739-62c44d2f7d23632e74895bd8;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:10:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FWEdPT057SMVCBc7ZYbPnfW1z5mB7iubIXzrj3HlctKtwRx2PuncSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 08:39:57 GMT
age: 46043
etag: "691f59b65ca9fde4f59bbf96b37071e07351f190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg
200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38e32fc94c445ff47da5d2907e61e3a4
c76588ccaf97fdfd6e73833083200cb49a01a4af
e4e3947b2248206c9dacfd35ff5619ca3b3ae56a7bcd565d40ed048839ffa075
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5478
x-amzn-requestid: c06e47c6-da2a-4a70-af2a-c1268557b913
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM67FEEIAMF-pA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1df-0628d00244323ddf727e0b80;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3zeJU6wVmWDIbVDBlTYvTh8e78isxbmNC0GKWdKqdI5abbdERoyzpA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:23:30 GMT
age: 83030
etag: "c76588ccaf97fdfd6e73833083200cb49a01a4af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.filipinoprivatedutynurseonline.com/files/main_style.css?1659145042
200 OK 7.5 kB URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/files/main_style.css?1659145042
IP
File type ASCII text, with very long lines (638)
Hash d222daa59fda67889eff6c366f337934
2d9b1f7514b6387fbfcbe7fe8c729c2d06c83015
f7a1ea813b697a1ea044eaf2596edb716f4f6ab87a0e7c91ce415a4965b1141d
GET /files/main_style.css?1659145042 HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 21:27:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn61.sf2p.intern.weebly.net
Content-Encoding: gzip
www.filipinoprivatedutynurseonline.com/files/theme/mobile.js?1533678936
200 OK 3.0 kB URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/files/theme/mobile.js?1533678936
IP
Hash 6a5a1984aba2af35297c96b82a6d055c
4d57a5da9c1298c9a45baac87d2cce5c88c8bd5e
c74d91c11d21132e0e08d2750d13c65ddf89ba2e7d2eaf08f32b9697afc759df
Analyzer Verdict Alert fortinet Malware
GET /files/theme/mobile.js?1533678936 HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 21:27:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 30 Jan 2020 01:51:36 GMT
x-rgw-object-type: Normal
ETag: W/"eb37bcbeb178852f12029039f5cd641c"
x-amz-request-id: tx0000000000000035e2ce0-006285db58-b9fbc64-sfo1
X-Storage-Bucket: zf0dd
X-Storage-Object: f0dd6579500dc7618bbf27b1729f382349149b330be3b10952919f9e1e2d1fe8
X-Host: grn133.sf2p.intern.weebly.net
Content-Encoding: gzip
www.filipinoprivatedutynurseonline.com/files/theme/custom.js?1533678936
200 OK 1.7 kB URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/files/theme/custom.js?1533678936
IP
Hash e406b508e4be8ed669dd53c72a88b914
2e6d093196bac8483fd0c5d6c45d218f9d014e6b
bb3804d161b6a31adbd05b30a863c2f3964ffe9252facdd6fc5a6c169cb1a223
Analyzer Verdict Alert fortinet Malware
GET /files/theme/custom.js?1533678936 HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 21:27:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 01 Feb 2022 06:21:33 GMT
x-rgw-object-type: Normal
ETag: W/"efb64cd28e536b408e27d73e51190901"
x-amz-request-id: tx00000000000000a949627-006290bb4d-b9fbc20-sfo1
X-Storage-Bucket: za87f
X-Storage-Object: a87f6ef25a47661d97b6bfd50de48bac8c56dd95290c9e0f5abefc34f3c42a5a
X-Host: grn133.sf2p.intern.weebly.net
Content-Encoding: gzip
fonts.googleapis.com/css?family=Anton|Architects+Daughter|Cedarville+Cursive|Cherry+Cream+Soda|Chewy|Condiment|Crafty+Girls|Dancing+Script|Erica+One|Exo+2|Faster+One|Gloria+Hallelujah|IM+Fell+DW+Pica+SC|Indie+Flower|Josefin+Sans|Lato|Loved+by+the+King|Luckiest+Guy|Monofett|Montserrat|News+Cycle|Open+Sans|Oswald|Over+the+Rainbow|Oxygen|Patrick+Hand+SC|Paytone+One|Permanent+Marker|Playfair+Display|Questrial|Quicksand|Raleway|Reenie+Beanie|Roboto|Rock+Salt|Shadows+Into+Light|Syncopate:700|Titillium+Web|Yanone+Kaffeesatz|Zeyada
200 OK 3.5 kB URL HTTP/2 fonts.googleapis.com/css?family=Anton|Architects+Daughter|Cedarville+Cursive|Cherry+Cream+Soda|Chewy|Condiment|Crafty+Girls|Dancing+Script|Erica+One|Exo+2|Faster+One|Gloria+Hallelujah|IM+Fell+DW+Pica+SC|Indie+Flower|Josefin+Sans|Lato|Loved+by+the+King|Luckiest+Guy|Monofett|Montserrat|News+Cycle|Open+Sans|Oswald|Over+the+Rainbow|Oxygen|Patrick+Hand+SC|Paytone+One|Permanent+Marker|Playfair+Display|Questrial|Quicksand|Raleway|Reenie+Beanie|Roboto|Rock+Salt|Shadows+Into+Light|Syncopate:700|Titillium+Web|Yanone+Kaffeesatz|Zeyada
IP
Hash cf00c17de568f9b8220e9460ebcc5314
59df0a39a0ebe5fd7c69fd2dc5fccf22397ab3f4
c175028fa0d20ab19163904cba5c5497a56d913c448578477cba613106e15fb4
GET /css?family=Anton|Architects+Daughter|Cedarville+Cursive|Cherry+Cream+Soda|Chewy|Condiment|Crafty+Girls|Dancing+Script|Erica+One|Exo+2|Faster+One|Gloria+Hallelujah|IM+Fell+DW+Pica+SC|Indie+Flower|Josefin+Sans|Lato|Loved+by+the+King|Luckiest+Guy|Monofett|Montserrat|News+Cycle|Open+Sans|Oswald|Over+the+Rainbow|Oxygen|Patrick+Hand+SC|Paytone+One|Permanent+Marker|Playfair+Display|Questrial|Quicksand|Raleway|Reenie+Beanie|Roboto|Rock+Salt|Shadows+Into+Light|Syncopate:700|Titillium+Web|Yanone+Kaffeesatz|Zeyada HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Nov 2022 21:27:19 GMT
date: Sat, 12 Nov 2022 21:27:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.filipinoprivatedutynurseonline.com/files/theme/plugins.js?1533678936
200 OK 19 kB URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/files/theme/plugins.js?1533678936
IP
Hash 17c0b51cd6ba1b91479bfe0274feed18
785a5cfa1ee86fd40b1a9deab58477ac101cb20a
64fa489daea8001c79f266c076946a1dd2b3568d3c6810bc1db9fb27529dee28
Analyzer Verdict Alert fortinet Malware
GET /files/theme/plugins.js?1533678936 HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 21:27:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 21 May 2021 20:17:30 GMT
x-rgw-object-type: Normal
ETag: W/"7f6df4939d4102a752a5c1989d81afd4"
x-amz-request-id: tx000000000000001c534da-0062848d19-b9fbc7f-sfo1
X-Storage-Bucket: z6ee5
X-Storage-Object: 6ee5ff05679a26a9027cbb63cadee08104fa248a93d3582a333a5d134c25460b
X-Host: blu143.sf2p.intern.weebly.net
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.filipinoprivatedutynurseonline.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 21:14:39 GMT
expires: Tue, 07 Nov 2023 21:14:39 GMT
cache-control: public, max-age=31536000
age: 432761
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/titilliumweb/v15/NaPAcZTIAOhVxoMyOr9n_E7fdMbWD6xW.woff2
200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/titilliumweb/v15/NaPAcZTIAOhVxoMyOr9n_E7fdMbWD6xW.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13792, version 1.0\012- data
Hash b4e3f31e50637009b7720956200ba5c4
b7b55887ca000cd5efeee3946a7a8a3771246810
51c77586201df2f52721fa5ded6b091f201aa2227b663903c2a3522d90dd8476
GET /s/titilliumweb/v15/NaPAcZTIAOhVxoMyOr9n_E7fdMbWD6xW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.filipinoprivatedutynurseonline.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13792
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 20:04:03 GMT
expires: Tue, 07 Nov 2023 20:04:03 GMT
cache-control: public, max-age=31536000
age: 436997
last-modified: Wed, 27 Apr 2022 15:40:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12372, version 1.0\012- data
Hash 0ef99cf07a2a261ab43d5dc1937ffb27
bd39f9cd13ef2a6f912dcba8fa916fc67b4a19d9
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
GET /s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.filipinoprivatedutynurseonline.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Nov 2022 23:32:22 GMT
expires: Sat, 11 Nov 2023 23:32:22 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:19:22 GMT
content-type: font/woff2
age: 78898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzYw.woff2
200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzYw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12384, version 1.0\012- data
Hash 39009d392a58f87dd2b448612c2cbd5b
45ca26b72258f56af6fb786b8c4552acfdb5252e
d14d732f8caf915919ff661157edc3456a85f408b7a3c5ee1e21357e7df07e1a
GET /s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzYw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.filipinoprivatedutynurseonline.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12384
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Nov 2022 23:09:53 GMT
expires: Sat, 11 Nov 2023 23:09:53 GMT
cache-control: public, max-age=31536000
age: 80247
last-modified: Wed, 27 Apr 2022 16:10:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/anton/v23/1Ptgg87LROyAm3Kz-C8.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/anton/v23/1Ptgg87LROyAm3Kz-C8.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 17020, version 1.0\012- data
Hash aca09278214a7e267c0498cdd36ce416
ab7def30380e8f14e6064a9fd3c7dca6769ad85d
feb9617bd3fcda1a52cbf8539985fddac2aaab0e6df8dbdac21ec3e9a179a4be
GET /s/anton/v23/1Ptgg87LROyAm3Kz-C8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.filipinoprivatedutynurseonline.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17020
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 20:03:03 GMT
expires: Tue, 07 Nov 2023 20:03:03 GMT
cache-control: public, max-age=31536000
age: 437057
last-modified: Tue, 19 Apr 2022 18:51:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e569acd833d180f3c2fba0919fbeb704
60a3121c9bf8e08a8a7fe70001c24b6f8c9981f5
994bee0670c93479c3e835985d24d7ce41fbc0a3013e173d79ea1ea5f63ac85c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 21248, version 1.0\012- data
Hash 481105857aba99f91faa3cd9a360e8e1
a2d8dcb59555878d359c2bebbc8be6985d26d7d2
f8c2240958cb1fff47d921ca0f3097f9e7403ada01af2382477ef42c404c38d4
GET /s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.filipinoprivatedutynurseonline.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 17:07:08 GMT
expires: Fri, 10 Nov 2023 17:07:08 GMT
cache-control: public, max-age=31536000
age: 188412
last-modified: Mon, 11 Jul 2022 20:38:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 11796, version 1.0\012- data
Hash 8d4079c3aa4f01e6d9bbd4f1bbcdf114
52ab47c062d0bfdbd34dbd31784008bd0e4c4227
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
GET /s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.filipinoprivatedutynurseonline.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:28:38 GMT
expires: Thu, 09 Nov 2023 19:28:38 GMT
cache-control: public, max-age=31536000
age: 266322
last-modified: Wed, 27 Apr 2022 15:47:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/YkyQ15H_rjI
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/YkyQ15H_rjI
IP
Hash 540f812894a38c39e45dbb71cee39eda
13b00927c0a90c7be5cf6c6d89139268271b25ae
7019a659036d66047f66a5f6c68b970102370a0502156bd92f1579b65536a10d
POST /s/gts1p5/YkyQ15H_rjI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:20 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/YkyQ15H_rjI
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/YkyQ15H_rjI
IP
Hash 540f812894a38c39e45dbb71cee39eda
13b00927c0a90c7be5cf6c6d89139268271b25ae
7019a659036d66047f66a5f6c68b970102370a0502156bd92f1579b65536a10d
POST /s/gts1p5/YkyQ15H_rjI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:20 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e569acd833d180f3c2fba0919fbeb704
60a3121c9bf8e08a8a7fe70001c24b6f8c9981f5
994bee0670c93479c3e835985d24d7ce41fbc0a3013e173d79ea1ea5f63ac85c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?_=1668288439881
200 OK 555 B URL HTTP/2 www.google.com/recaptcha/api.js?_=1668288439881
IP
File type ASCII text, with very long lines (850), with no line terminators
Hash 943813f35a1dbbd894b0d7374f237a45
c0792c161486e285df11f930aab2cea60f0ba0bc
980e6e154794480b95f8c394ef9f38cde239e4bcee366e3b12fb693318f3dd1e
GET /recaptcha/api.js?_=1668288439881 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 12 Nov 2022 21:27:20 GMT
date: Sat, 12 Nov 2022 21:27:20 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/YkyQ15H_rjI
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/YkyQ15H_rjI
IP
Hash 540f812894a38c39e45dbb71cee39eda
13b00927c0a90c7be5cf6c6d89139268271b25ae
7019a659036d66047f66a5f6c68b970102370a0502156bd92f1579b65536a10d
POST /s/gts1p5/YkyQ15H_rjI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:20 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.filipinoprivatedutynurseonline.com/uploads/4/0/9/1/40919919/editor/screenshot-20220610-003726.jpg?1654793246
200 OK 51 kB URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/uploads/4/0/9/1/40919919/editor/screenshot-20220610-003726.jpg?1654793246
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 719x540, components 3\012- data
Hash a73507f387078a7fc91b48be5a278f10
8c4a14df94750e1b11ec30fd2c2e4a4a6b009862
814553b69188ebeb797f587e903da84ab1b886178f38862400a5e9e88871054d
GET /uploads/4/0/9/1/40919919/editor/screenshot-20220610-003726.jpg?1654793246 HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 21:27:20 GMT
Content-Type: image/jpeg
Content-Length: 50906
Connection: keep-alive
Last-Modified: Thu, 09 Jun 2022 16:47:26 GMT
x-rgw-object-type: Normal
ETag: "a73507f387078a7fc91b48be5a278f10"
x-amz-request-id: tx000000000000030b356a5-0063700fb8-c695612-sfo1
X-Storage-Bucket: z8145
X-Storage-Object: 814553b69188ebeb797f587e903da84ab1b886178f38862400a5e9e88871054d
X-Host: blu143.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ea19ceeb84d663514e5b0b5886f8c193
419f5ab1afc24ae471f5294cd538307890fed37c
240b3327703ff85d4ce9e3dbefc97f3712bd3638cb4d47f61fabccd5a7a2904f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=112809
Date: Sat, 12 Nov 2022 21:27:20 GMT
Etag: "636f202d-1d7"
Expires: Mon, 14 Nov 2022 04:47:29 GMT
Last-Modified: Sat, 12 Nov 2022 04:25:17 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GYpzKqAvv_rAkrnUo3Fynfe-YfIdezsXx8HiCCOWRvls9K0mnZccOw==
Age: 1332
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Nov 2022 12:31:58 GMT
expires: Sun, 12 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 32123
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 21:46:16 GMT
expires: Fri, 10 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 171665
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.halosecurity.com/js/1.js
200 OK 4.6 kB URL HTTP/2 cdn.halosecurity.com/js/1.js
IP
File type ASCII text, with very long lines (580)
Hash 0684a3c86e3c326e97dca2edd6503d7a
4995006b1ff9c66ed53a5a29e6871602eb1b3f1b
d8b6dfd93f2469d87d65d41a1a9e937d98f0d84675da7d2faafa64d68a22c824
GET /js/1.js HTTP/1.1
Host: cdn.halosecurity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 4567
date: Sat, 12 Nov 2022 20:46:34 GMT
server: Apache
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expires: Sat, 12 Nov 2022 21:46:33 GMT
access-control-allow-origin: *
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: F63JNW7Raspc9TnaN1OZCT54hmtlOdTDzImU9yBkY1Id3YSD4fMbpg==
age: 2447
X-Firefox-Spdy: h2
www.youtube.com/embed/aGEInVqKJys?wmode=opaque
200 OK 616 kB URL HTTP/2 www.youtube.com/embed/aGEInVqKJys?wmode=opaque
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58646)
Size 616 kB (616410 bytes)
Hash b7954a11e7a5f3b0ce14a455ea34b02b
d5e6aa36412f8282cc65227e26109dd66196a25f
db619350eab92454883dd4c0c0cb69f20502ed637d7034bd81f662c5dc5cf5ee
GET /embed/aGEInVqKJys?wmode=opaque HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 12 Nov 2022 21:27:20 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=29AJpPQi_gU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=Jrlbwulh9kQ; Domain=.youtube.com; Expires=Thu, 11-May-2023 21:27:20 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+209; expires=Mon, 11-Nov-2024 21:27:20 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.filipinoprivatedutynurseonline.com/uploads/4/0/9/1/40919919/background-images/temp/40919919.jpg?1823286099
200 OK 49 kB URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/uploads/4/0/9/1/40919919/background-images/temp/40919919.jpg?1823286099
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x467, components 3\012- data
Hash b9f91ad41e652725e981e082788c44b4
f665ad86a95725ddc2a72bbf5c4622bb12f5ae17
2891677a697b6771ec8b659584ffb756da4b08e0b2f5adf8e8f13b6d4f0f18f9
Analyzer Verdict Alert fortinet Malware
GET /uploads/4/0/9/1/40919919/background-images/temp/40919919.jpg?1823286099 HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 21:27:20 GMT
Content-Type: image/jpeg
Content-Length: 49156
Connection: keep-alive
Last-Modified: Thu, 09 Jun 2022 17:11:29 GMT
x-rgw-object-type: Normal
ETag: "b9f91ad41e652725e981e082788c44b4"
x-amz-request-id: tx00000000000002f85e1a6-00636ff71b-c67eadd-sfo1
X-Storage-Bucket: z2891
X-Storage-Object: 2891677a697b6771ec8b659584ffb756da4b08e0b2f5adf8e8f13b6d4f0f18f9
X-Host: grn64.sf2p.intern.weebly.net
Accept-Ranges: bytes
fonts.googleapis.com/css?family=Karla:400,700,400italic,700italic&subset=latin,latin-ext
200 OK 38 kB URL HTTP/2 fonts.googleapis.com/css?family=Karla:400,700,400italic,700italic&subset=latin,latin-ext
IP
Hash f957fca804ddfde0ade5cf0daf99f00e
6d713e24b2b04037fba012d9bb7aeaee9700e76e
bf04bd142f444d64136205e2450c52055e5e77ab99df6b6687c713c2152a35da
GET /css?family=Karla:400,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Nov 2022 21:27:19 GMT
date: Sat, 12 Nov 2022 21:27:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.filipinoprivatedutynurseonline.com/uploads/4/0/9/1/40919919/img-20220222-091416_orig.jpg
200 OK 59 kB URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/uploads/4/0/9/1/40919919/img-20220222-091416_orig.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x525, components 3\012- data
Hash 02156ad6348c676fc859dd243fcbac10
6e87ad3ba9adb322f075c31eaad593f0a1dca6ab
5c25b6bda6e5d56c9efa57a70bbb33b9e0be5a10aebfee6c7e3f4b2d916da360
GET /uploads/4/0/9/1/40919919/img-20220222-091416_orig.jpg HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 21:27:20 GMT
Content-Type: image/jpeg
Content-Length: 59181
Connection: keep-alive
Last-Modified: Sat, 05 Mar 2022 15:37:52 GMT
x-rgw-object-type: Normal
ETag: "02156ad6348c676fc859dd243fcbac10"
x-amz-request-id: tx00000000000002f9595d4-0063700fb8-c67eadd-sfo1
X-Storage-Bucket: z5c25
X-Storage-Object: 5c25b6bda6e5d56c9efa57a70bbb33b9e0be5a10aebfee6c7e3f4b2d916da360
X-Host: blu149.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 28c55dfd17f5da2f5fc88a68bef0ea4f
e6293078bfa9062c51423f1b221399fab94953c9
5753a816efa4abbbb41bba586601fd2db87ec83bf5ea28c60a56b66a4d4ac798
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162913
Date: Sat, 12 Nov 2022 21:27:21 GMT
Etag: "636fdb22-1d7"
Expires: Mon, 14 Nov 2022 18:42:34 GMT
Last-Modified: Sat, 12 Nov 2022 17:42:58 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qqjB0niTb-FgJ9WC6PE-xSVd_DHuxFd18vA8YupBCgLNvn5hAvoDJg==
Age: 3576
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 28c55dfd17f5da2f5fc88a68bef0ea4f
e6293078bfa9062c51423f1b221399fab94953c9
5753a816efa4abbbb41bba586601fd2db87ec83bf5ea28c60a56b66a4d4ac798
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162384
Date: Sat, 12 Nov 2022 21:27:21 GMT
Etag: "636fdb22-1d7"
Expires: Mon, 14 Nov 2022 18:33:45 GMT
Last-Modified: Sat, 12 Nov 2022 17:42:58 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vzhq0TvVJJULPL6PtUk6r8DafISXdk-ob7uavc8rOWgAvBFSNot5Xg==
Age: 3047
www.filipinoprivatedutynurseonline.com/uploads/4/0/9/1/40919919/img-20220305-232614_orig.jpg
200 OK 65 kB URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/uploads/4/0/9/1/40919919/img-20220305-232614_orig.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x544, components 3\012- data
Hash 846ec6690dc890b55bfae60eada33e91
f9948945ad3ba52f52c160be9bd72e73f0a0c295
43c17678a529d7e10d1a2fda11799c5e80b20284c4868b7489d5ed1e693eaa15
GET /uploads/4/0/9/1/40919919/img-20220305-232614_orig.jpg HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 21:27:20 GMT
Content-Type: image/jpeg
Content-Length: 64852
Connection: keep-alive
Last-Modified: Sat, 05 Mar 2022 15:37:54 GMT
x-rgw-object-type: Normal
ETag: "846ec6690dc890b55bfae60eada33e91"
x-amz-request-id: tx000000000000030605ee1-0063700fb8-c696eea-sfo1
X-Storage-Bucket: z43c1
X-Storage-Object: 43c17678a529d7e10d1a2fda11799c5e80b20284c4868b7489d5ed1e693eaa15
X-Host: grn64.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 825b44d24d8bc851404dded7ee683a42
2887c729f065c930e405c4d2a39132e4716701c0
09076a8b67da7f3a4fc47d793de28b62433a97dd68d9b1ffb27355c27fad9b14
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sdk.beeketing.com/js/beeketing.js?2045
200 OK 113 kB URL HTTP/2 sdk.beeketing.com/js/beeketing.js?2045
IP
File type ASCII text, with very long lines (54185)
Size 113 kB (113121 bytes)
Hash 0fabbee4d5fc19dba7ad7cea646b2b06
b873462fcc76dfdb61baa647c304d515a5e619bd
64e6bce50adb5d3c9a35e00aa4ee78216d76f27087373b81658a6aa99daaa9e5
GET /js/beeketing.js?2045 HTTP/1.1
Host: sdk.beeketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 21:27:20 GMT
content-type: application/javascript
cache-control: max-age=300, public, s-maxage=300
cf-bgj: minify
cf-polished: origSize=343800
etag: W/"60814dc5-53ef8"
expires: Sat, 12 Nov 2022 21:30:29 GMT
last-modified: Thu, 22 Apr 2021 10:19:49 GMT
pragma: public
cf-cache-status: HIT
age: 111
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AL3JypnyxdoRO7xyoZfZ4d12AmXjGPkFIJ3Rb8vItwivmXavVzydCD6YE8xOUWPCPFsd9G28aM3j4nVxK8JaRIPOvGk4Ieh82F789xskPZcH1Qe3%2BYUeCCDh%2FdsXUmDf8QBSDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769259e2aa860b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 9cca525b1496af446b07aaf8a2106ca1
bc00a06ab4efc7d612f5416cf2f1d12582b757fb
be2e9793da01f40ed238dec1d929691bdea9a317be4f0c82e4e50cddd3cc528d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2831
Cache-Control: max-age=143093
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:21 GMT
Etag: "636f909f-1d7"
Expires: Mon, 14 Nov 2022 13:12:14 GMT
Last-Modified: Sat, 12 Nov 2022 12:25:03 GMT
Server: ECS (amb/6BA1)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 1.1 kB IP
Hash 98fa0b26667388a3f09e24c8c3324609
7a013896c7fa1eb87d2c221148495e36b1130f1b
378058a0357c2d8dac99d73631b72e95521676fc3bec6bc8252ba86674f482a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Nov 2022 21:14:05 GMT
expires: Sat, 12 Nov 2022 21:29:05 GMT
cache-control: public, max-age=900
age: 796
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 2819d3a376cfbc0cf91010763d46e071
3f76316cb6a70cf3c6c84d56473805863a74654c
fbdfcde905cf36ce539691fa394852c9bfb9fead20fa9761d75d17df81fc8de6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=168166
Date: Sat, 12 Nov 2022 21:27:21 GMT
Etag: "636fea89-1d7"
Expires: Mon, 14 Nov 2022 20:10:07 GMT
Last-Modified: Sat, 12 Nov 2022 18:48:41 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: icpiJSLzZMKxInWIhCGi4fwOPFkIjRN9UFuPs3mlxoG9IMcMuBHL3g==
Age: 4886
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 2819d3a376cfbc0cf91010763d46e071
3f76316cb6a70cf3c6c84d56473805863a74654c
fbdfcde905cf36ce539691fa394852c9bfb9fead20fa9761d75d17df81fc8de6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165808
Date: Sat, 12 Nov 2022 21:27:21 GMT
Etag: "636fea89-1d7"
Expires: Mon, 14 Nov 2022 19:30:49 GMT
Last-Modified: Sat, 12 Nov 2022 18:48:41 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1tz0c2nt_7V6hZNt6rcXlRyxxT_7QDY64ywrgUhc9sYVa8WhkaukMg==
Age: 2528
googleads.g.doubleclick.net/pagead/id
302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 12 Nov 2022 21:27:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.filipinoprivatedutynurseonline.com/uploads/4/0/9/1/40919919/img-20220305-233245_orig.jpg
200 OK 57 kB URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/uploads/4/0/9/1/40919919/img-20220305-233245_orig.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 498x1080, components 3\012- data
Hash e497252b950e85db682c379bd8dc286a
c1092948eb04ac1d3a8ff8710cbb3c2eb1fdc507
625982f254a246ef4b9c5bc09ff5cbaf43c8fabf390ec30ebfd8e32e1a359c37
GET /uploads/4/0/9/1/40919919/img-20220305-233245_orig.jpg HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 21:27:21 GMT
Content-Type: image/jpeg
Content-Length: 57367
Connection: keep-alive
Last-Modified: Sat, 05 Mar 2022 15:37:59 GMT
x-rgw-object-type: Normal
ETag: "e497252b950e85db682c379bd8dc286a"
x-amz-request-id: tx00000000000003074364a-0063700fb9-c699baa-sfo1
X-Storage-Bucket: z6259
X-Storage-Object: 625982f254a246ef4b9c5bc09ff5cbaf43c8fabf390ec30ebfd8e32e1a359c37
X-Host: grn79.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 12 Nov 2022 21:27:21 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 825b44d24d8bc851404dded7ee683a42
2887c729f065c930e405c4d2a39132e4716701c0
09076a8b67da7f3a4fc47d793de28b62433a97dd68d9b1ffb27355c27fad9b14
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.analytics.google.com/g/collect?v=2&tid=G-B5CHRBSZLL>m=2oeb90&_p=595731686&_gaz=1&cid=1973145146.1668288440&ul=en-us&sr=1280x1024&_s=1&sid=1668288440&sct=1&seg=0&dl=https%3A%2F%2Fwww.filipinoprivatedutynurseonline.com%2F&dt=TRUSTED%20CARE%20RIGHT%20AT%20YOUR%20HOME%20FILIPINO%20HOME%20NURSING%20SERVICE%20-%20Home&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-B5CHRBSZLL>m=2oeb90&_p=595731686&_gaz=1&cid=1973145146.1668288440&ul=en-us&sr=1280x1024&_s=1&sid=1668288440&sct=1&seg=0&dl=https%3A%2F%2Fwww.filipinoprivatedutynurseonline.com%2F&dt=TRUSTED%20CARE%20RIGHT%20AT%20YOUR%20HOME%20FILIPINO%20HOME%20NURSING%20SERVICE%20-%20Home&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-B5CHRBSZLL>m=2oeb90&_p=595731686&_gaz=1&cid=1973145146.1668288440&ul=en-us&sr=1280x1024&_s=1&sid=1668288440&sct=1&seg=0&dl=https%3A%2F%2Fwww.filipinoprivatedutynurseonline.com%2F&dt=TRUSTED%20CARE%20RIGHT%20AT%20YOUR%20HOME%20FILIPINO%20HOME%20NURSING%20SERVICE%20-%20Home&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.filipinoprivatedutynurseonline.com
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.filipinoprivatedutynurseonline.com
date: Sat, 12 Nov 2022 21:27:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-B5CHRBSZLL&cid=1973145146.1668288440>m=2oeb90&aip=1
204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-B5CHRBSZLL&cid=1973145146.1668288440>m=2oeb90&aip=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-B5CHRBSZLL&cid=1973145146.1668288440>m=2oeb90&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.filipinoprivatedutynurseonline.com
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.filipinoprivatedutynurseonline.com
date: Sat, 12 Nov 2022 21:27:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 23dd8b12572b78e5d32d491b3d0d9d32
718c3e3abcc55c295c72e5ee4e5441fe5acc1363
f72c359246ea96d4f28bbc5aee8d4d24fcba9f47dfc691693f6c49e370d9b103
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 7bac4105a262ff965581494a0b396775
a77b361ec6a96b7523d56e8599939be3fe1c0c34
c18227ed74ba64dadbccd08b5d47e667cfaf39baea87028ca57a932f583046ec
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 12 Nov 2022 21:27:21 GMT
server: ESF
cache-control: private
content-length: 30992
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e46444dffd461c8b9dff230925c5ad9e
a64464d4819393511522e60422c4d0980b2fc9d0
49ce6e4993f47bbb20b98a0e9232f31589add1574385f1c94ba0b03987197574
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1808
Origin: https://www.filipinoprivatedutynurseonline.com
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 21:27:21 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=b8f8859f-93fe-4087-80a9-cab9f32b41af; Expires=Sun, 12 Nov 2023 21:27:21 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.filipinoprivatedutynurseonline.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
i.ytimg.com/vi/aGEInVqKJys/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AGUA4AC0AWKAgwIABABGDwgXihlMA8=&rs=AOn4CLByYLlsIs6VcYazbflJLaqoAZIXyQ
200 OK 17 kB URL HTTP/2 i.ytimg.com/vi/aGEInVqKJys/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AGUA4AC0AWKAgwIABABGDwgXihlMA8=&rs=AOn4CLByYLlsIs6VcYazbflJLaqoAZIXyQ
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 89ff170b57de514f2c35630b60aefc1d
b3dc33534a710b00dfc02eb9c2e2f07801eadb63
ac4bdf68f4479f166495d89aa840e30f1f2527a2f6bb7ac9c6f2d4615b69e438
GET /vi/aGEInVqKJys/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AGUA4AC0AWKAgwIABABGDwgXihlMA8=&rs=AOn4CLByYLlsIs6VcYazbflJLaqoAZIXyQ HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 16831
date: Sat, 12 Nov 2022 21:27:21 GMT
expires: Sat, 12 Nov 2022 23:27:21 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 562149e460e7949cc1e3726ac7c854bf
90c304ab2081e4d04e1c6a176e8193787986a0b2
9f83f2b72570abc2c662aacf80e9eac0ab0410de0e147b2f786767edd4dcc4fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e46444dffd461c8b9dff230925c5ad9e
a64464d4819393511522e60422c4d0980b2fc9d0
49ce6e4993f47bbb20b98a0e9232f31589add1574385f1c94ba0b03987197574
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s3-us-west-2.amazonaws.com/mfesecure-public/host/filipinoprivatedutynurseonline.com/client.json?source=jsinline
200 OK 180 B URL HTTP/1.1 s3-us-west-2.amazonaws.com/mfesecure-public/host/filipinoprivatedutynurseonline.com/client.json?source=jsinline
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash e87165f005376b8f729afb6b6a37c2ab
8655c0dc3be02cd62f2440370be07190b6c12af5
7c90a2760ed713572851215c23ed2510d1f683863c21e2987ec87760e0957732
GET /mfesecure-public/host/filipinoprivatedutynurseonline.com/client.json?source=jsinline HTTP/1.1
Host: s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.filipinoprivatedutynurseonline.com
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: RfJojPneWXFsYB8MpvkKNjksotVPaK8CttFxUakUl/wmFq4G5NkDmFKdNnvwm8FfDt+dRkTNuWw=
x-amz-request-id: HSTVT3NCMWPMY6PM
Date: Sat, 12 Nov 2022 21:27:22 GMT
Access-Control-Allow-Origin: https://www.filipinoprivatedutynurseonline.com
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Max-Age: 60
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-replication-status: COMPLETED
Last-Modified: Fri, 16 Jul 2021 17:00:59 GMT
ETag: "e87165f005376b8f729afb6b6a37c2ab"
Cache-Control: public, max-age=60
Content-Encoding: gzip
x-amz-version-id: MKzzcGO9qmFDy72g8f277MAWwolWqTQk
Accept-Ranges: bytes
Content-Type: application/json
Server: AmazonS3
Content-Length: 180
s3-us-west-2.amazonaws.com/mfesecure-public/host/filipinoprivatedutynurseonline.com/client.json?source=jsmain
200 OK 180 B URL HTTP/1.1 s3-us-west-2.amazonaws.com/mfesecure-public/host/filipinoprivatedutynurseonline.com/client.json?source=jsmain
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash e87165f005376b8f729afb6b6a37c2ab
8655c0dc3be02cd62f2440370be07190b6c12af5
7c90a2760ed713572851215c23ed2510d1f683863c21e2987ec87760e0957732
GET /mfesecure-public/host/filipinoprivatedutynurseonline.com/client.json?source=jsmain HTTP/1.1
Host: s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.filipinoprivatedutynurseonline.com
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Z6ZIxHmO+/te3oY/gYFNbkfCl1gz1J/27qqQustq9jH+GjPP8ARAv2lfQ26o8uPb4EIAg9/yjEI=
x-amz-request-id: HSTVXS4T1SEA3QMA
Date: Sat, 12 Nov 2022 21:27:22 GMT
Access-Control-Allow-Origin: https://www.filipinoprivatedutynurseonline.com
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Max-Age: 60
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-replication-status: COMPLETED
Last-Modified: Fri, 16 Jul 2021 17:00:59 GMT
ETag: "e87165f005376b8f729afb6b6a37c2ab"
Cache-Control: public, max-age=60
Content-Encoding: gzip
x-amz-version-id: MKzzcGO9qmFDy72g8f277MAWwolWqTQk
Accept-Ranges: bytes
Content-Type: application/json
Server: AmazonS3
Content-Length: 180
ocsp.digicert.com/
200 OK 471 B IP
Hash 125323db3ff29b80f81fae08e2d58df6
5a407fed4d6d43f2a4ccc6d5168f147d7f2af4a2
6e100312be7aa9f36164adeb96b6cead8685c4c0a1d950334128f598b17a945b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6197
Cache-Control: max-age=131317
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:21 GMT
Etag: "636f5579-1d7"
Expires: Mon, 14 Nov 2022 09:55:58 GMT
Last-Modified: Sat, 12 Nov 2022 08:12:41 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
www.weebly.com/weebly/apps/generateVideo.php?source=weebly&output=js&elementid=970773448788527481&user=40919919&ineditor=0&align=center&margintop=15px&marginbottom=15px&downloadable=0&height=282&video=b/40919919-602948890348889816/vid-20220217-wa0004_276.mp4&image=b/40919919-602948890348889816/vid-20220217-wa0004_276.jpg
200 OK 8.0 kB URL HTTP/1.1 www.weebly.com/weebly/apps/generateVideo.php?source=weebly&output=js&elementid=970773448788527481&user=40919919&ineditor=0&align=center&margintop=15px&marginbottom=15px&downloadable=0&height=282&video=b/40919919-602948890348889816/vid-20220217-wa0004_276.mp4&image=b/40919919-602948890348889816/vid-20220217-wa0004_276.jpg
IP
Hash 898f840f31623ee620fd40add62507a0
422093dac5a400c9fda4550493c2b1cee78322fd
2399f83bd57a0d6298d948c14fd6f6a51529cec01920511d7bc32d6fab095318
GET /weebly/apps/generateVideo.php?source=weebly&output=js&elementid=970773448788527481&user=40919919&ineditor=0&align=center&margintop=15px&marginbottom=15px&downloadable=0&height=282&video=b/40919919-602948890348889816/vid-20220217-wa0004_276.mp4&image=b/40919919-602948890348889816/vid-20220217-wa0004_276.jpg HTTP/1.1
Host: www.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 21:27:21 GMT
Server: Apache
X-Host: blu13.sf2p.intern.weebly.net
Vary: User-Agent
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 7982
Keep-Alive: timeout=10, max=73
Connection: Keep-Alive
Content-Type: application/javascript
X-W-DC: SFO
Set-Cookie: language=en; expires=Sat, 26-Nov-2022 21:27:21 GMT; Max-Age=1209600; path=/
sto-id-editor=MPDFBNAK; Domain=weebly.com; Path=/
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7178c97c15d49f214dd4e238628d8123
60c15885ccb9910621dd369fc0578a344bdab734
c668912ace8d705981ac3a28ffef7075f373ef1352b58d6384f44aae1c386baf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/ga.js
200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Sat, 12 Nov 2022 20:32:37 GMT
expires: Sat, 12 Nov 2022 22:32:37 GMT
cache-control: public, max-age=7200
age: 3284
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js
200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js
IP
File type ASCII text, with very long lines (668)
Size 163 kB (162590 bytes)
Hash 70dc760a0efad09d703883a39f7683b2
2bc70f2a100ff27d27a89d563dfe279590c8336b
2bc59eab94309c59fba62afa40dfd841fb83760714e9ec7248ce3e10ae05fd19
GET /recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.filipinoprivatedutynurseonline.com
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162590
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Nov 2022 23:25:44 GMT
expires: Sat, 11 Nov 2023 23:25:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
content-type: text/javascript
age: 79297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 0ac10debd3a9ea8147a26d045bb93e6e
ff45f3442508e8695f2303701682ebdb6e016464
5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: fR6nP/Xgn+mqK26jVYc6WrXVreB/J+4MS9mnX7oc1y3/W8EemCamm+ddsUqohmeDg9FO4Db2v1PkxbJUxA/G9A==
priority: u=3,i
content-length: 27337
x-fb-trip-id: 1904183273
date: Sat, 12 Nov 2022 21:27:21 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 125323db3ff29b80f81fae08e2d58df6
5a407fed4d6d43f2a4ccc6d5168f147d7f2af4a2
6e100312be7aa9f36164adeb96b6cead8685c4c0a1d950334128f598b17a945b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6198
Cache-Control: max-age=131317
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:22 GMT
Etag: "636f5579-1d7"
Expires: Mon, 14 Nov 2022 09:55:59 GMT
Last-Modified: Sat, 12 Nov 2022 08:12:41 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7178c97c15d49f214dd4e238628d8123
60c15885ccb9910621dd369fc0578a344bdab734
c668912ace8d705981ac3a28ffef7075f373ef1352b58d6384f44aae1c386baf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.filipinoprivatedutynurseonline.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
200 OK 348 B URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
Analyzer Verdict Alert fortinet Malware
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://www.filipinoprivatedutynurseonline.com
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Cookie: is_mobile=0; language=en; _snow_ses.4293=*; _snow_id.4293=d23bd231-fd2c-4288-8ebd-434c76413ac1.1668288440.1.1668288440.1668288440.c5b8f4bd-2f6a-4e1e-a403-a3301edc346b; _ga_B5CHRBSZLL=GS1.1.1668288440.1.0.1668288440.60.0.0; _ga=GA1.1.1973145146.1668288440
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 21:27:22 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn73.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=61
Connection: Keep-Alive
Content-Type: application/json
yt3.ggpht.com/ytc/AMLnZu-RprgAWsje_UHZq1Gsiz6PcWOq87zJZeuxkwNL=s68-c-k-c0x00ffffff-no-rj
200 OK 5.0 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu-RprgAWsje_UHZq1Gsiz6PcWOq87zJZeuxkwNL=s68-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 9e7e7901f6d97b74477bc91fee15b298
023ec26cdc62c72b5010820a1b6be7e73b2b9514
bb3d144b58826c667f0f268fe8d5402c58a0533db9c74814669cfce872534c31
GET /ytc/AMLnZu-RprgAWsje_UHZq1Gsiz6PcWOq87zJZeuxkwNL=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1c9"
expires: Sun, 13 Nov 2022 21:27:22 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 12 Nov 2022 21:27:22 GMT
server: fife
content-length: 4977
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.filipinoprivatedutynurseonline.com/favicon.ico
200 OK 17 kB URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash 170ed3d80d128b32646af8a8559e4b8c
c5b7e0e7822d12ad02c497c85fcc6b3ac2f6509c
d82ccc565853d0c18ffc6c1681e18da5a962552a2dbe8c4e4f1e5bb81432790d
GET /favicon.ico HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Cookie: is_mobile=0; language=en; _snow_ses.4293=*; _snow_id.4293=d23bd231-fd2c-4288-8ebd-434c76413ac1.1668288440.1.1668288440.1668288440.c5b8f4bd-2f6a-4e1e-a403-a3301edc346b; _ga_B5CHRBSZLL=GS1.1.1668288440.1.0.1668288440.60.0.0; _ga=GA1.1.1973145146.1668288440
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 21:27:22 GMT
Content-Type: image/x-icon
Content-Length: 16958
Connection: keep-alive
Last-Modified: Tue, 22 Feb 2022 05:07:10 GMT
x-rgw-object-type: Normal
ETag: "170ed3d80d128b32646af8a8559e4b8c"
x-amz-request-id: tx0000000000000307436da-0063700fba-c699baa-sfo1
X-Storage-Bucket: zd82c
X-Storage-Object: d82ccc565853d0c18ffc6c1681e18da5a962552a2dbe8c4e4f1e5bb81432790d
X-Host: grn44.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 562149e460e7949cc1e3726ac7c854bf
90c304ab2081e4d04e1c6a176e8193787986a0b2
9f83f2b72570abc2c662aacf80e9eac0ab0410de0e147b2f786767edd4dcc4fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 21:27:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.filipinoprivatedutynurseonline.com/uploads/b/40919919-602948890348889816/vid-20220217-wa0004_276.jpg
200 OK 35 kB URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/uploads/b/40919919-602948890348889816/vid-20220217-wa0004_276.jpg
IP
File type JPEG image data, baseline, precision 8, 640x640, components 3\012- data
Hash 12ab81b88fc098d6af4c12642bcd10d4
36a33b740e5e0e88de5e3feaed2f9135d0c1baf0
7342b1f2d54ab458e4ec4cdeedd54db03a3468d42b1c7c1add52e47cb723f5ff
GET /uploads/b/40919919-602948890348889816/vid-20220217-wa0004_276.jpg HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Cookie: is_mobile=0; language=en; _snow_ses.4293=*; _snow_id.4293=d23bd231-fd2c-4288-8ebd-434c76413ac1.1668288440.1.1668288440.1668288440.c5b8f4bd-2f6a-4e1e-a403-a3301edc346b; _ga_B5CHRBSZLL=GS1.1.1668288440.1.0.1668288440.60.0.0; _ga=GA1.2.1973145146.1668288440; _gid=GA1.2.1553746629.1668288441; _gat_www.filipinoprivatedutynurseonline.com=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 21:27:22 GMT
Content-Type: image/jpeg
Content-Length: 34903
Connection: keep-alive
Last-Modified: Thu, 17 Feb 2022 22:16:29 GMT
x-rgw-object-type: Normal
ETag: "12ab81b88fc098d6af4c12642bcd10d4"
x-amz-request-id: tx00000000000002f9596a3-0063700fba-c67eadd-sfo1
X-Storage-Bucket: z7342
X-Storage-Object: 7342b1f2d54ab458e4ec4cdeedd54db03a3468d42b1c7c1add52e47cb723f5ff
X-Host: blu68.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes
www.filipinoprivatedutynurseonline.com/ajax/api/JsonRPC/Membership/?Membership[Member::get_account_information]
200 OK 12 kB URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/ajax/api/JsonRPC/Membership/?Membership[Member::get_account_information]
IP
Hash cc0598b2e5a206a9248b4563305440ee
57c5fc38a1b4d0dbefbe84ed76a116e7c39f097d
6a8221d7163cf0d8bcd4001aa42bf70a96796a6fc2e0e88649ddc15c62a82147
Analyzer Verdict Alert fortinet Malware
POST /ajax/api/JsonRPC/Membership/?Membership[Member::get_account_information] HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 79
Origin: https://www.filipinoprivatedutynurseonline.com
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Cookie: is_mobile=0; language=en; _snow_ses.4293=*; _snow_id.4293=d23bd231-fd2c-4288-8ebd-434c76413ac1.1668288440.1.1668288440.1668288440.c5b8f4bd-2f6a-4e1e-a403-a3301edc346b; _ga_B5CHRBSZLL=GS1.1.1668288440.1.0.1668288440.60.0.0; _ga=GA1.2.1973145146.1668288440; _gid=GA1.2.1553746629.1668288441; _gat_www.filipinoprivatedutynurseonline.com=1; distinct_id=9749731_1668288441453_1211
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 21:27:22 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
Set-Cookie: site_session=63700fba6b9328.11764797; path=/
language=en; expires=Sat, 26-Nov-2022 21:27:22 GMT; Max-Age=1209600; path=/
X-Host: blu67.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 186
Keep-Alive: timeout=10, max=68
Connection: Keep-Alive
Content-Type: application/json
www.filipinoprivatedutynurseonline.com/ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getShoppingCart]
200 OK 7.1 kB URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getShoppingCart]
IP
File type gzip compressed data, from Unix\012- data
Hash 26c75464a0b78e3271633bd80f610460
78b4193c632f957893aa06e3c2734c2e60193421
362823945a4452b3176bc728ceae7bbf06627ef4b9402d9fb76f9de0f3c70366
POST /ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getShoppingCart] HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 73
Origin: https://www.filipinoprivatedutynurseonline.com
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Cookie: is_mobile=0; language=en; _snow_ses.4293=*; _snow_id.4293=d23bd231-fd2c-4288-8ebd-434c76413ac1.1668288440.1.1668288440.1668288440.c5b8f4bd-2f6a-4e1e-a403-a3301edc346b; _ga_B5CHRBSZLL=GS1.1.1668288440.1.0.1668288440.60.0.0; _ga=GA1.2.1973145146.1668288440; _gid=GA1.2.1553746629.1668288441; _gat_www.filipinoprivatedutynurseonline.com=1; distinct_id=9749731_1668288441453_1211
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 21:27:22 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
Set-Cookie: language=en; expires=Sat, 26-Nov-2022 21:27:22 GMT; Max-Age=1209600; path=/
X-Host: blu129.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 184
Keep-Alive: timeout=10, max=71
Connection: Keep-Alive
Content-Type: application/json
www.filipinoprivatedutynurseonline.com/ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getMiniCart]
200 OK 2.1 kB URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getMiniCart]
IP
File type JSON data\012- , ASCII text, with very long lines (2086), with no line terminators
Hash 833560c5aea245021fcffb301152202c
1e356d5416a39d60528c77a2caf51ef105ab19c5
602332667d7e0f4cb80db6eb064785da932378926d841ad23d1a78122f833f68
POST /ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getMiniCart] HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 69
Origin: https://www.filipinoprivatedutynurseonline.com
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Cookie: is_mobile=0; language=en; _snow_ses.4293=*; _snow_id.4293=d23bd231-fd2c-4288-8ebd-434c76413ac1.1668288440.1.1668288440.1668288440.c5b8f4bd-2f6a-4e1e-a403-a3301edc346b; _ga_B5CHRBSZLL=GS1.1.1668288440.1.0.1668288440.60.0.0; _ga=GA1.1.1973145146.1668288440
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 21:27:22 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn149.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 2086
Keep-Alive: timeout=10, max=49
Connection: Keep-Alive
Content-Type: application/json
www.facebook.com/tr/?id=1361619307298169&ev=PageView&dl=https%3A%2F%2Fwww.filipinoprivatedutynurseonline.com%2F&rl=&if=false&ts=1668288441557&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=28&fbp=fb.1.1668288441555.318861835&it=1668288441192&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1361619307298169&ev=PageView&dl=https%3A%2F%2Fwww.filipinoprivatedutynurseonline.com%2F&rl=&if=false&ts=1668288441557&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=28&fbp=fb.1.1668288441555.318861835&it=1668288441192&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1361619307298169&ev=PageView&dl=https%3A%2F%2Fwww.filipinoprivatedutynurseonline.com%2F&rl=&if=false&ts=1668288441557&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=28&fbp=fb.1.1668288441555.318861835&it=1668288441192&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Nov 2022 21:27:22 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1361619307298169&ev=Search&dl=https%3A%2F%2Fwww.filipinoprivatedutynurseonline.com%2F&rl=&if=false&ts=1668288441561&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=1&o=28&fbp=fb.1.1668288441555.318861835&it=1668288441192&coo=false&rqm=GET
200 OK 5.0 kB URL HTTP/2 www.facebook.com/tr/?id=1361619307298169&ev=Search&dl=https%3A%2F%2Fwww.filipinoprivatedutynurseonline.com%2F&rl=&if=false&ts=1668288441561&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=1&o=28&fbp=fb.1.1668288441555.318861835&it=1668288441192&coo=false&rqm=GET
IP
Hash f62c71cb75509007f5acdc473f9e18ba
fcbacfe20e770001072a82c462c7711a8a8cbc69
41d4fd7dcb2dd690f56f332ff8b657ac11094efbeccabbdb4473fa215f56b13a
GET /tr/?id=1361619307298169&ev=Search&dl=https%3A%2F%2Fwww.filipinoprivatedutynurseonline.com%2F&rl=&if=false&ts=1668288441561&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=1&o=28&fbp=fb.1.1668288441555.318861835&it=1668288441192&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Nov 2022 21:27:22 GMT
X-Firefox-Spdy: h2
cdn.ywxi.net/meter/filipinoprivatedutynurseonline.com/205.svg?ts=1626454857501&l=en-US
200 OK 7.4 kB URL HTTP/2 cdn.ywxi.net/meter/filipinoprivatedutynurseonline.com/205.svg?ts=1626454857501&l=en-US
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8293)
Hash 7c69f40c600b2209000b4bb3f766feb2
5115dac8a9de2ea623558932e1258d2d4c80dc50
fea4ec273446d371d91552bc9490371d68b14ca905ccce20d456d3ab03b0486e
GET /meter/filipinoprivatedutynurseonline.com/205.svg?ts=1626454857501&l=en-US HTTP/1.1
Host: cdn.ywxi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 7400
date: Sat, 12 Nov 2022 21:27:22 GMT
server: Apache
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cache-control: public
expires: Sat, 12 Nov 2022 22:27:22 GMT
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -19DIa7lAlznvDxhwxpzAToD6QZsd_q8n0yZxswIYsG3dPWANZwsmQ==
X-Firefox-Spdy: h2
gapi.beeketing.com/v1/feature-switch/get-data/frontend/9749731
200 OK 3.8 kB URL HTTP/2 gapi.beeketing.com/v1/feature-switch/get-data/frontend/9749731
IP
File type JSON data\012- , ASCII text, with very long lines (7009), with no line terminators
Hash 7472fba98566ec10ca5749778ebd8d57
177be146a42e83de57e7d42fa7712aa7638b6f95
08e88aae159b8dfcc5de63271bac618881b183d3ce15c55bb848f81e23cc1797
GET /v1/feature-switch/get-data/frontend/9749731 HTTP/1.1
Host: gapi.beeketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.filipinoprivatedutynurseonline.com
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 21:27:23 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.filipinoprivatedutynurseonline.com
cache-control: public, max-age=300, stale-while-revalidate=60, stale-if-error=60
etag: W/"TUFTSRXUWPUXKGDDSSSX"
x-proto-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FFFYYmhP4I7GRZH1xnH6KNK2FQJo6xh2goi%2FVVZg6iXDHNi5jl6vsSRhgpeRY%2BdZHbUKz%2BeJwmDDLyrfeCDL%2FlM037P%2FfUn%2BAFsxkXfKM7l0PFMeNsVvr%2FR3zETHdOul751aeA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 769259ec8e911c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.trustedsite.com/rpc/ajax?do=tmjs-visit&host=filipinoprivatedutynurseonline.com&rand=1668288442026
200 OK 16 kB URL HTTP/2 www.trustedsite.com/rpc/ajax?do=tmjs-visit&host=filipinoprivatedutynurseonline.com&rand=1668288442026
IP
Hash 6284bd088ba8fc1501f73edefb2595c8
83240aa7dc13d7abff502c1398910645166810eb
ded9b1871dd731277886361a33f1088c96f367a2bb44693dd220e536f81dfc66
GET /rpc/ajax?do=tmjs-visit&host=filipinoprivatedutynurseonline.com&rand=1668288442026 HTTP/1.1
Host: www.trustedsite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 21:27:23 GMT
content-type: text/javascript; charset=utf-8
content-length: 26
set-cookie: AWSALB=8Ge3TSLMb/jdg2kPyfAmhuVOy0oYBOh9MLB0fkOggDlXHwzxrV8YNdPLTL04hLtuKCwdoQAzev426W5vjo6nQSk9h3n99xgbtzJBiB8+WLglC8zsl9EkAuX9EJYT; Expires=Sat, 19 Nov 2022 21:27:23 GMT; Path=/
AWSALBCORS=8Ge3TSLMb/jdg2kPyfAmhuVOy0oYBOh9MLB0fkOggDlXHwzxrV8YNdPLTL04hLtuKCwdoQAzev426W5vjo6nQSk9h3n99xgbtzJBiB8+WLglC8zsl9EkAuX9EJYT; Expires=Sat, 19 Nov 2022 21:27:23 GMT; Path=/; SameSite=None; Secure
server: Apache
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
X-Firefox-Spdy: h2
www.filipinoprivatedutynurseonline.com/uploads/4/0/9/1/40919919/img-20220305-233100_orig.jpg
200 OK 127 kB URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/uploads/4/0/9/1/40919919/img-20220305-233100_orig.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 810x1080, components 3\012- data
Size 127 kB (126921 bytes)
Hash 7014cca771dfaf9b9609865a0e638ea9
851f9b3e8e8d69be41f5386f0c0ff7b80487614b
e67c46b7c9726236d618918ab0229b25ad415548a170125b98a542bbb9d897f4
GET /uploads/4/0/9/1/40919919/img-20220305-233100_orig.jpg HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Cookie: is_mobile=0; language=en; _snow_ses.4293=*; _snow_id.4293=d23bd231-fd2c-4288-8ebd-434c76413ac1.1668288440.1.1668288440.1668288440.c5b8f4bd-2f6a-4e1e-a403-a3301edc346b; _ga_B5CHRBSZLL=GS1.1.1668288440.1.0.1668288440.60.0.0; _ga=GA1.2.1973145146.1668288440; _gid=GA1.2.1553746629.1668288441; _gat_www.filipinoprivatedutynurseonline.com=1; distinct_id=9749731_1668288441453_1211; _fbp=fb.1.1668288441555.318861835; site_session=63700fba6b9328.11764797; trustedsite_visit=1; trustedsite_tm_float_seen=1; bk_cart={%22t%22:%22fake_cart_token_9749731_1668288441436_8532%22%2C%22s%22:[]%2C%22a%22:[]%2C%22i%22:[]}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 21:27:24 GMT
Content-Type: image/jpeg
Content-Length: 126921
Connection: keep-alive
Last-Modified: Sat, 05 Mar 2022 15:38:01 GMT
x-rgw-object-type: Normal
ETag: "7014cca771dfaf9b9609865a0e638ea9"
x-amz-request-id: tx0000000000000307e14f5-0063700fbc-c669cc6-sfo1
X-Storage-Bucket: ze67c
X-Storage-Object: e67c46b7c9726236d618918ab0229b25ad415548a170125b98a542bbb9d897f4
X-Host: blu31.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9f88d70-47ed-4a86-9b90-ea63f189df00.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9f88d70-47ed-4a86-9b90-ea63f189df00.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94a390953f36bf9902cb9f04007c36c1
13535f16f207d4c19c1b6019757f6739a4531eeb
37d73300955a979e5b9d3dabc6e924c4e9734c6c63d92c42c709f8cb0d5aeabb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9f88d70-47ed-4a86-9b90-ea63f189df00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5902
x-amzn-requestid: 9c8be25c-9c96-4861-89c8-8b7bf06ffc16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNBrH2DoAMFqbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec20a-6c770a86581d1f7f4599684f;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: T6_3oJ8lEFeYF3wFDvIVfSRZbILHdbpDuAd50fwkzcYji2yVLUQkmQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:44:57 GMT
age: 85350
etag: "13535f16f207d4c19c1b6019757f6739a4531eeb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.filipinoprivatedutynurseonline.com/uploads/4/0/9/1/40919919/img-20220305-232949_orig.jpg
200 OK 63 kB URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/uploads/4/0/9/1/40919919/img-20220305-232949_orig.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 920x1173, components 3\012- data
Hash 163ccbb97251ae4c04d84783c55f0706
09a1e993bcf4dc99bbbb1eae835b362e160f2a62
813881045c1d867bd03af4d0cd6d230970756842cf549c0dacddd10c2463201c
GET /uploads/4/0/9/1/40919919/img-20220305-232949_orig.jpg HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Cookie: is_mobile=0; language=en; _snow_ses.4293=*; _snow_id.4293=d23bd231-fd2c-4288-8ebd-434c76413ac1.1668288440.1.1668288440.1668288440.c5b8f4bd-2f6a-4e1e-a403-a3301edc346b; _ga_B5CHRBSZLL=GS1.1.1668288440.1.0.1668288440.60.0.0; _ga=GA1.2.1973145146.1668288440; _gid=GA1.2.1553746629.1668288441; _gat_www.filipinoprivatedutynurseonline.com=1; distinct_id=9749731_1668288441453_1211; _fbp=fb.1.1668288441555.318861835; site_session=63700fba6b9328.11764797; trustedsite_visit=1; trustedsite_tm_float_seen=1; bk_cart={%22t%22:%22fake_cart_token_9749731_1668288441436_8532%22%2C%22s%22:[]%2C%22a%22:[]%2C%22i%22:[]}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 21:27:27 GMT
Content-Type: image/jpeg
Content-Length: 62914
Connection: keep-alive
Last-Modified: Sat, 05 Mar 2022 15:38:04 GMT
x-rgw-object-type: Normal
ETag: "163ccbb97251ae4c04d84783c55f0706"
x-amz-request-id: tx0000000000000306062cc-0063700fbf-c696eea-sfo1
X-Storage-Bucket: z8138
X-Storage-Object: 813881045c1d867bd03af4d0cd6d230970756842cf549c0dacddd10c2463201c
X-Host: grn64.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes
www.filipinoprivatedutynurseonline.com/uploads/4/0/9/1/40919919/img-20220305-232752_orig.jpg
200 OK 0 B URL HTTP/1.1 www.filipinoprivatedutynurseonline.com/uploads/4/0/9/1/40919919/img-20220305-232752_orig.jpg
IP
GET /uploads/4/0/9/1/40919919/img-20220305-232752_orig.jpg HTTP/1.1
Host: www.filipinoprivatedutynurseonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 21:27:20 GMT
Content-Type: image/jpeg
Content-Length: 75890
Connection: keep-alive
Last-Modified: Sat, 05 Mar 2022 15:37:50 GMT
x-rgw-object-type: Normal
ETag: "c4df269922dbde4103aa7133e2210c99"
x-amz-request-id: tx00000000000002f749bff-0063700fb8-c6aed46-sfo1
X-Storage-Bucket: za072
X-Storage-Object: a072a54474fc935010f2f6e6df53501dcfa528095b6546737886086af275a884
X-Host: grn66.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes
fonts.googleapis.com/css?family=Oswald:400,300,700&subset=latin,latin-ext
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald:400,300,700&subset=latin,latin-ext
IP
GET /css?family=Oswald:400,300,700&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Nov 2022 21:27:19 GMT
date: Sat, 12 Nov 2022 21:27:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main.js?buildTime=1659042403
200 OK 0 B URL HTTP/2 cdn2.editmysite.com/js/site/main.js?buildTime=1659042403
IP
GET /js/site/main.js?buildTime=1659042403 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filipinoprivatedutynurseonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 00:22:09 GMT
etag: "6361b831-74804"
expires: Wed, 16 Nov 2022 12:41:25 GMT
cache-control: max-age=1209600
x-host: grn82.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Nov 2022 21:27:19 GMT
age: 895554
x-served-by: cache-sjc10059-SJC, cache-bma1663-BMA
x-cache: HIT, HIT
x-cache-hits: 3960, 1
x-timer: S1668288440.867129,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146400
X-Firefox-Spdy: h2
199.34.228.159
23.36.77.32
151.101.85.46
104.21.91.43
93.184.220.29