detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Thu, 01 Dec 2022 05:05:26 GMT
Age: 82120
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2b0d826d8f7c987b72f8ede318bb71f5
21dd77cf975d65b9a145ebe6427fb4ecb81bbf04
6fe868b4f9dfb6560614339d635518b1985a4a6745897084ab20fc40ec5b85f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6FE868B4F9DFB6560614339D635518B1985A4A6745897084AB20FC40EC5B85F3"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11763
Expires: Fri, 02 Dec 2022 07:10:09 GMT
Date: Fri, 02 Dec 2022 03:54:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16309
Expires: Fri, 02 Dec 2022 08:25:55 GMT
Date: Fri, 02 Dec 2022 03:54:06 GMT
Connection: keep-alive
fantasylawnornaments.com/apisource.com/off33ice/login.php
66.115.173.183301 Moved Permanently 0 B URL HTTP/1.1 fantasylawnornaments.com/apisource.com/off33ice/login.php
IP 66.115.173.183:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /apisource.com/off33ice/login.php HTTP/1.1
Host: fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: PHPSESSID=318abfb43d0c62c97605c221f30bec6c; path=/
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: http://www.fantasylawnornaments.com/apisource.com/off33ice/login.php
content-length: 0
date: Fri, 02 Dec 2022 03:54:06 GMT
server: LiteSpeed
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10779
Expires: Fri, 02 Dec 2022 06:53:45 GMT
Date: Fri, 02 Dec 2022 03:54:06 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 38 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 92e51760e65ee54533bb4b8065bf50f9
cda96f2272f4ccb410800cf311e651d903bebe2a
9738f6375edd4d8a3ee30b7cf4eb0739756bae181c631e2ab883fc0fad952960
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: I6ya4WrJ4Y5yXks2hGTEeokDBhc9pzkx8xdYZGwH1NU3VqY4oWQSIQ==
content-encoding: gzip
via: 1.1 2a44ef7b9d28e74c78ffadeedcbb887c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 03:41:50 GMT
content-type: application/json
content-length: 38432
age: 736
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: b2yoEMAT1si42LrELUvOw3AcxS9NH4QaP/GQwevcuAnJksxE6Adztx8ga7Kt43tZ/GOOc83VP0c=
x-amz-request-id: QW65QEBV9DDCQBPS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 03:27:27 GMT
age: 1599
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6136
Cache-Control: max-age=116362
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:54:06 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 12:13:28 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 03:18:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2156
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 03:54:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Thu, 01 Dec 2022 05:05:26 GMT
Age: 82121
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b848497a03e34431bbb01e78ba1b3afb
8c0ae674910a9029b85d235f0f19e8173ef08c07
b69cf92f59b0dac9e4a9fb54b08642282fa9b383ebf16fb5a96396565af2b873
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6184
Cache-Control: max-age=143053
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:54:07 GMT
Etag: "6388ea84-1d7"
Expires: Sat, 03 Dec 2022 19:38:20 GMT
Last-Modified: Thu, 01 Dec 2022 17:55:16 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6138
Cache-Control: max-age=111300
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:54:07 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:49:07 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 03:08:57 GMT
cache-control: public,max-age=3600
age: 2710
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.fantasylawnornaments.com/apisource.com/off33ice/login.php
66.115.173.183404 Not Found 7.1 kB URL HTTP/1.1 www.fantasylawnornaments.com/apisource.com/off33ice/login.php
IP 66.115.173.183:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 2918a010045cbc43799c0019b60dd98e
1bc21a7edd423dbb97001ce0c69925c8703312fa
c6459ef2cc11394dd85193a4e672f67e1628e9f1f948d9e0db5c67145b22ce9e
Analyzer Verdict Alert fortinet Malware
GET /apisource.com/off33ice/login.php HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: PHPSESSID=951baaea61af3292988e1158df971679; path=/
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <http://www.fantasylawnornaments.com/wp-json/>; rel="https://api.w.org/"
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 02 Dec 2022 03:54:07 GMT
server: LiteSpeed
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
35.82.2.166200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 35.82.2.166:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Fri, 02 Dec 2022 03:54:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
push.services.mozilla.com/
54.203.75.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.203.75.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2Rfoakn4DyUcqZublFXRTg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: n1+ev8Q1zvQ8oV2C22iMaBgzHY0=
fonts.googleapis.com/css?family=Yanone+Kaffeesatz:light,regular,bold&subset=latin
142.250.74.106200 OK 506 B URL HTTP/1.1 fonts.googleapis.com/css?family=Yanone+Kaffeesatz:light,regular,bold&subset=latin
IP 142.250.74.106:0
Hash d0156434883577c4d1b97543cc4ec6e9
75b25422392688a83007c2f478959c0d2f7d9509
a617cf8858c10f991152351a781af546585e407635b6f5e07abb7a4961df90f4
GET /css?family=Yanone+Kaffeesatz:light,regular,bold&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 02 Dec 2022 03:54:07 GMT
Date: Fri, 02 Dec 2022 03:54:07 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=:&subset=latin
142.250.74.106400 Bad Request 794 B URL HTTP/1.1 fonts.googleapis.com/css?family=:&subset=latin
IP 142.250.74.106:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1650), with no line terminators
Hash 1c67bb958c90f874ea6830d6e3987248
f8d975f6cc0af522f741ca2386b82287e25fde0c
58088091bc8a4a5bfa1ca2a234c613dfa23f14d8bd34a2519dacf237126a2425
GET /css?family=:&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/
HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Fri, 02 Dec 2022 03:54:07 GMT
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
www.fantasylawnornaments.com/wp-content/themes/InStyle/style.css
66.115.173.183200 OK 5.5 kB URL HTTP/1.1 www.fantasylawnornaments.com/wp-content/themes/InStyle/style.css
IP 66.115.173.183:0
File type ASCII text, with very long lines (654)
Hash c689a827de0410015fc4f6e6ab7c8c74
18064c9f6e376d895d5d0117ca910338824bde2a
e3cd3ef0b5cfd77f5052bb4960e6c25448fd22b5ab9969dc22239f150a56467d
GET /wp-content/themes/InStyle/style.css HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/apisource.com/off33ice/login.php
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:07 GMT
content-type: text/css
last-modified: Tue, 23 Oct 2018 08:38:54 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5545
date: Fri, 02 Dec 2022 03:54:07 GMT
server: LiteSpeed
www.fantasylawnornaments.com/wp-content/themes/InStyle/includes/page_templates/page_templates.css?ver=1.8
66.115.173.183200 OK 2.2 kB URL HTTP/1.1 www.fantasylawnornaments.com/wp-content/themes/InStyle/includes/page_templates/page_templates.css?ver=1.8
IP 66.115.173.183:0
Hash 541a176067aa8784b51478e6720b1a96
e5726a100d4fbef09b5fac83d1369de6110643a8
0abb25fb824b56f0ad885de28304c608f5b907b01e416085bb2474d5d396d535
GET /wp-content/themes/InStyle/includes/page_templates/page_templates.css?ver=1.8 HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/apisource.com/off33ice/login.php
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:07 GMT
content-type: text/css
last-modified: Tue, 23 Oct 2018 08:38:53 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2175
date: Fri, 02 Dec 2022 03:54:07 GMT
server: LiteSpeed
www.fantasylawnornaments.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
66.115.173.183200 OK 4.2 kB URL HTTP/1.1 www.fantasylawnornaments.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 66.115.173.183:0
File type ASCII text, with very long lines (11126)
Hash c41f3a82e911de81a1817131069bc7d2
1e883290a0b794916cead41e5f0705716fd77b89
e9791f24770f098ea30bb4d25e2e10bdedb97132d0bbf7d2bd79eedac22efa27
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/apisource.com/off33ice/login.php
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:07 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4168
date: Fri, 02 Dec 2022 03:54:07 GMT
server: LiteSpeed
www.fantasylawnornaments.com/wp-content/themes/InStyle/js/superfish.js
66.115.173.183200 OK 1.5 kB URL HTTP/1.1 www.fantasylawnornaments.com/wp-content/themes/InStyle/js/superfish.js
IP 66.115.173.183:0
Hash d7da32bda0d3e9ef6c1dab8dee3fa069
69c929db929980bf903a46242bb5e7a94536681d
9ef7b9a3acd6b93c40e0f7686ba93a0a7ddd6a9cb166fb03ecb90814baa07ae7
GET /wp-content/themes/InStyle/js/superfish.js HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/apisource.com/off33ice/login.php
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:07 GMT
content-type: application/javascript
last-modified: Tue, 23 Oct 2018 08:38:53 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1521
date: Fri, 02 Dec 2022 03:54:07 GMT
server: LiteSpeed
www.fantasylawnornaments.com/wp-content/themes/InStyle/epanel/shortcodes/css/shortcodes.css?ver=4.0.7
66.115.173.183200 OK 5.8 kB URL HTTP/1.1 www.fantasylawnornaments.com/wp-content/themes/InStyle/epanel/shortcodes/css/shortcodes.css?ver=4.0.7
IP 66.115.173.183:0
File type ASCII text, with very long lines (859)
Hash 22a048f99006501ff1963097e33021fa
b513dbaea605fa57259cec264bc5d9c566912bde
cb597645799f4f647e605af13afd3430abb1722c0db3d7d8a1727f86315be464
GET /wp-content/themes/InStyle/epanel/shortcodes/css/shortcodes.css?ver=4.0.7 HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/apisource.com/off33ice/login.php
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:07 GMT
content-type: text/css
last-modified: Tue, 23 Oct 2018 08:38:53 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5779
date: Fri, 02 Dec 2022 03:54:07 GMT
server: LiteSpeed
www.fantasylawnornaments.com/wp-content/themes/InStyle/includes/page_templates/js/magnific_popup/magnific_popup.css?ver=1.3.4
66.115.173.183200 OK 2.0 kB URL HTTP/1.1 www.fantasylawnornaments.com/wp-content/themes/InStyle/includes/page_templates/js/magnific_popup/magnific_popup.css?ver=1.3.4
IP 66.115.173.183:0
File type ASCII text, with very long lines (302)
Hash 1f1a27b5da5e93d27d3e766035dd5b6b
4c06c3738d554a06f4114dc2a9e89a3b15ea7346
5089106b162313217bbaa89fb49e9113d77736b62c64448b0257f12aa2aafd34
GET /wp-content/themes/InStyle/includes/page_templates/js/magnific_popup/magnific_popup.css?ver=1.3.4 HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/apisource.com/off33ice/login.php
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:07 GMT
content-type: text/css
last-modified: Tue, 23 Oct 2018 08:38:53 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1992
date: Fri, 02 Dec 2022 03:54:07 GMT
server: LiteSpeed
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221669936801912%22
34.102.187.140200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221669936801912%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (21675), with no line terminators
Hash c967c541823ec84bd282bfd35096ac22
b6ba860a5d5d135b88bf187e8db8f86a9fcdcaf0
947c50c743501db73503eaea046e8b8f03a4fb4e54d46b003c3d3cfdaf079b54
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221669936801912%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Fri, 02 Dec 2022 03:22:01 GMT
cache-control: public,max-age=3600
age: 1927
last-modified: Thu, 01 Dec 2022 23:20:01 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=:&subset=latin
142.250.74.106400 Bad Request 794 B URL HTTP/1.1 fonts.googleapis.com/css?family=:&subset=latin
IP 142.250.74.106:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1650), with no line terminators
Hash 1c67bb958c90f874ea6830d6e3987248
f8d975f6cc0af522f741ca2386b82287e25fde0c
58088091bc8a4a5bfa1ca2a234c613dfa23f14d8bd34a2519dacf237126a2425
GET /css?family=:&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/
HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Fri, 02 Dec 2022 03:54:08 GMT
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
www.fantasylawnornaments.com/wp-content/themes/InStyle/js/custom.js
66.115.173.183200 OK 1.4 kB URL HTTP/1.1 www.fantasylawnornaments.com/wp-content/themes/InStyle/js/custom.js
IP 66.115.173.183:0
Hash 6103389f746cfc707653592b761b0863
6adb8f3b8da9ca98f57bc7d54322ca4d55f67cb8
5c021ff515bfdca0e00fd677d5271bfda13ea2cc8ba1315d629af5b24f2005fa
GET /wp-content/themes/InStyle/js/custom.js HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/apisource.com/off33ice/login.php
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:08 GMT
content-type: application/javascript
last-modified: Tue, 23 Oct 2018 08:38:53 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1403
date: Fri, 02 Dec 2022 03:54:08 GMT
server: LiteSpeed
www.fantasylawnornaments.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
66.115.173.183200 OK 31 kB URL HTTP/1.1 www.fantasylawnornaments.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 66.115.173.183:0
File type ASCII text, with very long lines (65447)
Hash cc5a8bfbf7d31fbc3022dc05e964a95c
81edda48c2c2c97bf79dea1ec91b89105e4ba00b
651c822702a9ac476c260fd37dccab6c3da8306ff6dd922e9d68cfa7863bfe42
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/apisource.com/off33ice/login.php
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:07 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 05:17:33 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 31046
date: Fri, 02 Dec 2022 03:54:07 GMT
server: LiteSpeed
www.fantasylawnornaments.com/wp-content/themes/InStyle/includes/page_templates/js/jquery.easing-1.3.pack.js?ver=1.3.4
66.115.173.183200 OK 2.2 kB URL HTTP/1.1 www.fantasylawnornaments.com/wp-content/themes/InStyle/includes/page_templates/js/jquery.easing-1.3.pack.js?ver=1.3.4
IP 66.115.173.183:0
File type Unicode text, UTF-8 text, with very long lines (3199)
Hash 733f1bf9f01b901dd5e6e62f7a27b516
857ef93d394c253a055a91f72efbddd89b4d9a91
0ef321e9673494ed5c8b3792f557152f6506a5c40b70d05d17bc745208e6e3ac
GET /wp-content/themes/InStyle/includes/page_templates/js/jquery.easing-1.3.pack.js?ver=1.3.4 HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/apisource.com/off33ice/login.php
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:08 GMT
content-type: application/javascript
last-modified: Tue, 23 Oct 2018 08:38:53 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2231
date: Fri, 02 Dec 2022 03:54:08 GMT
server: LiteSpeed
www.fantasylawnornaments.com/wp-content/themes/InStyle/includes/page_templates/js/magnific_popup/jquery.magnific-popup.js?ver=1.3.4
66.115.173.183200 OK 8.5 kB URL HTTP/1.1 www.fantasylawnornaments.com/wp-content/themes/InStyle/includes/page_templates/js/magnific_popup/jquery.magnific-popup.js?ver=1.3.4
IP 66.115.173.183:0
File type ASCII text, with very long lines (21123)
Hash 49e85f8811a2782823b98719638642b4
966957c2857596e9be720a523d70fe86fd92013c
fbaebf46878c919d013658ed85ad754a71c122654a8a3b80963d121fe11b53c1
GET /wp-content/themes/InStyle/includes/page_templates/js/magnific_popup/jquery.magnific-popup.js?ver=1.3.4 HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/apisource.com/off33ice/login.php
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:08 GMT
content-type: application/javascript
last-modified: Tue, 23 Oct 2018 08:38:53 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 8452
date: Fri, 02 Dec 2022 03:54:08 GMT
server: LiteSpeed
www.fantasylawnornaments.com/wp-content/themes/InStyle/includes/page_templates/js/et-ptemplates-frontend.js?ver=1.1
66.115.173.183200 OK 2.2 kB URL HTTP/1.1 www.fantasylawnornaments.com/wp-content/themes/InStyle/includes/page_templates/js/et-ptemplates-frontend.js?ver=1.1
IP 66.115.173.183:0
Hash 79ddc7aa266f685a5610e68a6405e6ca
8be8e84ad891874fcdeed802f5824dd372218378
41b66734e06d8ade8d9a2df96109509dfbebaf6c7930fb09ff602db32074fe27
GET /wp-content/themes/InStyle/includes/page_templates/js/et-ptemplates-frontend.js?ver=1.1 HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/apisource.com/off33ice/login.php
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:08 GMT
content-type: application/javascript
last-modified: Tue, 23 Oct 2018 08:38:53 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2232
date: Fri, 02 Dec 2022 03:54:08 GMT
server: LiteSpeed
www.fantasylawnornaments.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
66.115.173.183200 OK 12 kB URL HTTP/1.1 www.fantasylawnornaments.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 66.115.173.183:0
File type ASCII text, with very long lines (47826)
Hash 45b3843596f3eda24398e2c1f68ee268
4ad9a0e6ed85ca57c5d134aa5ca546e19910640d
f2784720bca9efcc4c4c3ab35d5fa3b523eb1915acc04a53273559907d352e36
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/apisource.com/off33ice/login.php
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:08 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 00:04:58 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 12489
date: Fri, 02 Dec 2022 03:54:08 GMT
server: LiteSpeed
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1669811837825&_since=%221666204638208%22
34.102.187.140200 OK 6.9 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1669811837825&_since=%221666204638208%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (6883), with no line terminators
Hash 8a5e09f5fb8417b5618e87d18d325721
c48523de09554c2dcb2cd6241bfeeaaec2803fb8
515c738bf239a57be380cb1cfe70051112b0218858fcbc9843702c7801ea60be
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1669811837825&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 6883
via: 1.1 google
date: Fri, 02 Dec 2022 03:07:11 GMT
cache-control: public,max-age=3600
age: 2817
last-modified: Wed, 30 Nov 2022 12:37:17 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.fantasylawnornaments.com/wp-includes/css/classic-themes.min.css?ver=1
66.115.173.183200 OK 188 B URL HTTP/1.1 www.fantasylawnornaments.com/wp-includes/css/classic-themes.min.css?ver=1
IP 66.115.173.183:0
Hash 8ac085745a5bcc97c54f8088973df029
4e065566e82d4623d0f5b4d9275d3ee29e15acd1
a0b69c3418ce7d86bcd33d370dec1ba31f2d9c143d932f52de7c4f98427a813f
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/apisource.com/off33ice/login.php
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:08 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 05:17:25 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 188
date: Fri, 02 Dec 2022 03:54:08 GMT
server: LiteSpeed
www.fantasylawnornaments.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
66.115.173.183200 OK 5.0 kB URL HTTP/1.1 www.fantasylawnornaments.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 66.115.173.183:0
File type ASCII text, with very long lines (15660)
Hash 848f9aadf194f3d024a2a90dbd11e3b5
aecd4b03b5a7829c6ca015d926798dc95e4fa912
36ff79b2f6827e46be1df95ff739e536718c0ee4fc09462678b32d7abd60fc6c
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/apisource.com/off33ice/login.php
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:08 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5021
date: Fri, 02 Dec 2022 03:54:08 GMT
server: LiteSpeed
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: grQo7pelQbUr/a6vMChgzENdYmks+sKW8rsTlrxfxrsxWHfS2Ri0MTIpytHh1xXhC76BLc2N5hc=
x-amz-request-id: 3Z3ZR0SACY57YW9Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 03:46:33 GMT
age: 455
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/yanonekaffeesatz/v24/3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2
216.58.207.227200 OK 26 kB URL HTTP/1.1 fonts.gstatic.com/s/yanonekaffeesatz/v24/3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 25540, version 1.0\012- data
Hash 3dc72cae1a32e87b38144a702ba627e0
bfbc729a34b987cd06d20842c5049ac275ea4139
1c57101bb57275c8c8cafc5d6216131a378c4388a52656ed3770068cd0ab10b9
GET /s/yanonekaffeesatz/v24/3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.fantasylawnornaments.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 25540
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 14:26:01 GMT
Expires: Wed, 29 Nov 2023 14:26:01 GMT
Cache-Control: public, max-age=31536000
Age: 221287
Last-Modified: Tue, 23 Aug 2022 18:11:50 GMT
Content-Type: font/woff2
www.fantasylawnornaments.com/wp-content/themes/InStyle/images/search_btn.png
66.115.173.183200 OK 641 B URL HTTP/1.1 www.fantasylawnornaments.com/wp-content/themes/InStyle/images/search_btn.png
IP 66.115.173.183:0
File type PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a406a9c34c0afdc6546c0d6ad06513f
54dd9b970ad699db3d44fd2d53d073009a63e092
1292a51bdc5e423066b90173bb1a81dbea6e5a17d2ba8b4f3e27f54881f2c2cd
GET /wp-content/themes/InStyle/images/search_btn.png HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/apisource.com/off33ice/login.php
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:08 GMT
content-type: image/png
last-modified: Tue, 23 Oct 2018 08:38:53 GMT
accept-ranges: bytes
content-length: 641
date: Fri, 02 Dec 2022 03:54:08 GMT
server: LiteSpeed
www.fantasylawnornaments.com/wp-content/themes/InStyle/images/header-bg.png
66.115.173.183200 OK 148 B URL HTTP/1.1 www.fantasylawnornaments.com/wp-content/themes/InStyle/images/header-bg.png
IP 66.115.173.183:0
File type PNG image data, 2 x 71, 8-bit/color RGBA, non-interlaced\012- data
Hash c0411a3faf181e61541080160ce68c6b
0b12e2b0e00c4b15ae24a5c2b1abe0ea2461098f
480a4c74db491f2b97121537b851620af97986ea2e21f05770f1b1f8a205163a
GET /wp-content/themes/InStyle/images/header-bg.png HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/wp-content/themes/InStyle/style.css
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:08 GMT
content-type: image/png
last-modified: Tue, 23 Oct 2018 08:38:53 GMT
accept-ranges: bytes
content-length: 148
date: Fri, 02 Dec 2022 03:54:08 GMT
server: LiteSpeed
www.fantasylawnornaments.com/wp-content/themes/InStyle/images/content-top-bg.png
66.115.173.183200 OK 487 B URL HTTP/1.1 www.fantasylawnornaments.com/wp-content/themes/InStyle/images/content-top-bg.png
IP 66.115.173.183:0
File type PNG image data, 960 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e99f6f21f6318e8256f7fcefe80c508
f3204e1a5cf249ce27f4a810b2ab6e76f986a380
6ac2bfcc8e69348cf4682e074dee15d52f7599dab6d01bbdbdda9b4a02ae2aeb
GET /wp-content/themes/InStyle/images/content-top-bg.png HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/wp-content/themes/InStyle/style.css
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:08 GMT
content-type: image/png
last-modified: Tue, 23 Oct 2018 08:38:53 GMT
accept-ranges: bytes
content-length: 487
date: Fri, 02 Dec 2022 03:54:08 GMT
server: LiteSpeed
www.fantasylawnornaments.com/wp-content/themes/InStyle/images/search-bg.png
66.115.173.183200 OK 890 B URL HTTP/1.1 www.fantasylawnornaments.com/wp-content/themes/InStyle/images/search-bg.png
IP 66.115.173.183:0
File type PNG image data, 197 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash 0301195eece17454ba827966091353d4
4610ff97fe45be5643408db297b6cae38fad08ee
41d1cf1a9c120917617b8677b0da17a71cf7fa13b4a18e7f3db245f8e7f02e3c
GET /wp-content/themes/InStyle/images/search-bg.png HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/wp-content/themes/InStyle/style.css
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:08 GMT
content-type: image/png
last-modified: Tue, 23 Oct 2018 08:38:53 GMT
accept-ranges: bytes
content-length: 890
date: Fri, 02 Dec 2022 03:54:08 GMT
server: LiteSpeed
www.fantasylawnornaments.com/wp-content/themes/InStyle/images/content-bg.png
66.115.173.183200 OK 163 B URL HTTP/1.1 www.fantasylawnornaments.com/wp-content/themes/InStyle/images/content-bg.png
IP 66.115.173.183:0
File type PNG image data, 960 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash af5699a7cdc330a37ce7334bccd90952
cd0375f271d28eef9f814aeb8307937d29d2b3e4
77be369485125982dfc80b8007c0119848d1f834ae9510b820ba8ea07823edc7
GET /wp-content/themes/InStyle/images/content-bg.png HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/wp-content/themes/InStyle/style.css
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:08 GMT
content-type: image/png
last-modified: Tue, 23 Oct 2018 08:38:53 GMT
accept-ranges: bytes
content-length: 163
date: Fri, 02 Dec 2022 03:54:08 GMT
server: LiteSpeed
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1669921742494&_since=%221666279968541%22
34.102.187.140200 OK 55 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1669921742494&_since=%221666279968541%22
IP 34.102.187.140:0
File type ASCII text, with very long lines (54825), with no line terminators
Hash e23148e1ad911825865e8e615b1b582e
6a014f0c42c4552cb30edffdda68930faaa49dd3
ec7a7282313fe3a22ada1bf52391b3d253ea7edfefc337fcc4c237b042a356e7
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1669921742494&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 54825
via: 1.1 google
date: Fri, 02 Dec 2022 02:55:40 GMT
cache-control: public,max-age=3600
age: 3508
last-modified: Thu, 01 Dec 2022 19:09:02 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.fantasylawnornaments.com/wp-content/uploads/2018/10/fantasylawnornaments.png
66.115.173.183200 OK 80 kB URL HTTP/1.1 www.fantasylawnornaments.com/wp-content/uploads/2018/10/fantasylawnornaments.png
IP 66.115.173.183:0
File type PNG image data, 883 x 292, 8-bit/color RGBA, non-interlaced\012- data
Hash 27f45035476504ae9cb4c0ab784e2b52
329eb3a4db2471462f7312a92fe6cac4e91ba72c
3594bd5189e776e3bbc2d000cf1fdc1e71b64f4f6fd6b55eb5aa95c2ef16ba3a
GET /wp-content/uploads/2018/10/fantasylawnornaments.png HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/apisource.com/off33ice/login.php
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:08 GMT
content-type: image/png
last-modified: Tue, 23 Oct 2018 15:41:24 GMT
accept-ranges: bytes
content-length: 80226
date: Fri, 02 Dec 2022 03:54:08 GMT
server: LiteSpeed
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: peqgvLvtzTO0hIkNEzVvhoCzQV0TSbFpNKZQZUHlRm/+tjWvvxqn26FMFeDuOT1eOjOt8SwGP5U=
x-amz-request-id: MD6WTQA19RQZ50M6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 03:47:06 GMT
age: 422
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.fantasylawnornaments.com/wp-content/themes/InStyle/fonts/ColabThi-webfont.woff
66.115.173.183200 OK 28 kB URL HTTP/1.1 www.fantasylawnornaments.com/wp-content/themes/InStyle/fonts/ColabThi-webfont.woff
IP 66.115.173.183:0
File type Web Open Font Format, TrueType, length 27708, version 1.0\012- data
Hash f33d81419d220a7f3803938b35981afd
5dc51fcff0aebb04f65ef2d19683f1d47281d0ff
4448eb2c35dd1f8e8d7fc0063441eec8ce9a3931e23e9f9b941cbee45552cffe
GET /wp-content/themes/InStyle/fonts/ColabThi-webfont.woff HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/wp-content/themes/InStyle/style.css
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:08 GMT
content-type: font/woff
last-modified: Tue, 23 Oct 2018 08:38:53 GMT
accept-ranges: bytes
content-length: 27708
date: Fri, 02 Dec 2022 03:54:08 GMT
server: LiteSpeed
www.fantasylawnornaments.com/wp-content/themes/InStyle/images/widget-separator.png
66.115.173.183200 OK 113 B URL HTTP/1.1 www.fantasylawnornaments.com/wp-content/themes/InStyle/images/widget-separator.png
IP 66.115.173.183:0
File type PNG image data, 1 x 2, 8-bit/color RGB, non-interlaced\012- data
Hash ef41288c179d7d159abb0eaf5ce5ee3a
8dc17a5b1f9cc5e6da05e8a25627862e66da5387
248885f72704fb3ed793d9c01d919b6d09d186c81de890e64d2dac81485c182d
GET /wp-content/themes/InStyle/images/widget-separator.png HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/wp-content/themes/InStyle/style.css
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:08 GMT
content-type: image/png
last-modified: Tue, 23 Oct 2018 08:38:53 GMT
accept-ranges: bytes
content-length: 113
date: Fri, 02 Dec 2022 03:54:08 GMT
server: LiteSpeed
www.fantasylawnornaments.com/wp-content/themes/InStyle/images/sidebar-bullet.png
66.115.173.183200 OK 293 B URL HTTP/1.1 www.fantasylawnornaments.com/wp-content/themes/InStyle/images/sidebar-bullet.png
IP 66.115.173.183:0
File type PNG image data, 7 x 8, 8-bit/color RGBA, non-interlaced\012- data
Hash 7f60f77a4c6b6e74685bc8ef61454abb
389a7f5aa6f2ce3526cc423836388a1f187acdb1
8d972ce1a582e21e2bb51396a3f4b074b40a18c3ae23ce1af2a06d44918c7208
GET /wp-content/themes/InStyle/images/sidebar-bullet.png HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/wp-content/themes/InStyle/style.css
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:08 GMT
content-type: image/png
last-modified: Tue, 23 Oct 2018 08:38:53 GMT
accept-ranges: bytes
content-length: 293
date: Fri, 02 Dec 2022 03:54:08 GMT
server: LiteSpeed
www.fantasylawnornaments.com/wp-content/themes/InStyle/images/content-bottom-bg.png
66.115.173.183200 OK 490 B URL HTTP/1.1 www.fantasylawnornaments.com/wp-content/themes/InStyle/images/content-bottom-bg.png
IP 66.115.173.183:0
File type PNG image data, 960 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash e49bf5a848e04d2a380e1f5ac2be601b
38aa6126f3a1f21846e59576068d632864cf92ed
567af576e268b8e859f076f1e3382efafbbc821309c5a181480f2ba8e5cb4a3f
GET /wp-content/themes/InStyle/images/content-bottom-bg.png HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/wp-content/themes/InStyle/style.css
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:08 GMT
content-type: image/png
last-modified: Tue, 23 Oct 2018 08:38:53 GMT
accept-ranges: bytes
content-length: 490
date: Fri, 02 Dec 2022 03:54:08 GMT
server: LiteSpeed
www.fantasylawnornaments.com/wp-includes/images/rss.png
66.115.173.183200 OK 608 B URL HTTP/1.1 www.fantasylawnornaments.com/wp-includes/images/rss.png
IP 66.115.173.183:0
File type PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash a5b05bbf28f294b02efd942a4e5ab806
fd8211de3485d2ec75c242c6faa32a62e504f135
0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8
GET /wp-includes/images/rss.png HTTP/1.1
Host: www.fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/apisource.com/off33ice/login.php
Cookie: PHPSESSID=951baaea61af3292988e1158df971679
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:08 GMT
content-type: image/png
last-modified: Wed, 07 Nov 2012 18:49:10 GMT
accept-ranges: bytes
content-length: 608
date: Fri, 02 Dec 2022 03:54:08 GMT
server: LiteSpeed
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
34.102.187.140200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (1719), with no line terminators
Hash 5506ce693edc810aad75bdb6c06d2995
97d323e096862e4274b08587d81810fd86cc98f9
08f697c9426a4fb6003aaf14323813c55a82a6640db202c43011d2551f278970
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1719
via: 1.1 google
date: Fri, 02 Dec 2022 03:36:56 GMT
cache-control: public,max-age=3600
age: 1032
last-modified: Thu, 01 Dec 2022 16:36:43 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
fantasylawnornaments.com/wp-content/themes/InStyle/images/clouds.jpg
66.115.173.183200 OK 110 kB URL HTTP/1.1 fantasylawnornaments.com/wp-content/themes/InStyle/images/clouds.jpg
IP 66.115.173.183:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1280x838, components 3\012- data
Size 110 kB (110200 bytes)
Hash 5cace25a36d6de495c83c82d34a7161c
33aad5b1a2f53810b525c362a4b176385c632e22
6cd573bbdd5a9d0c834bde2342613f000ca416d18c35206f8d0b64471bec78a2
GET /wp-content/themes/InStyle/images/clouds.jpg HTTP/1.1
Host: fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/
Cookie: PHPSESSID=318abfb43d0c62c97605c221f30bec6c
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:08 GMT
content-type: image/jpeg
last-modified: Tue, 23 Oct 2018 08:38:53 GMT
accept-ranges: bytes
content-length: 110200
date: Fri, 02 Dec 2022 03:54:08 GMT
server: LiteSpeed
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1669904594434&_since=%221657747510534%22
34.102.187.140200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1669904594434&_since=%221657747510534%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (1681), with no line terminators
Hash af79074b29e42f4e5be6b1e10e2af516
11fbd0f05beb0aaf0f0f7c699a124bbfff71be07
860c337ae66ebf02db30e18992dfddec6b9df1cab60d84fe3f061aa674d41be4
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1669904594434&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1681
via: 1.1 google
date: Fri, 02 Dec 2022 03:34:01 GMT
cache-control: public,max-age=3600
age: 1207
last-modified: Thu, 01 Dec 2022 14:23:14 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
fantasylawnornaments.com/wp-content/themes/InStyle/images/landscape.jpg
66.115.173.183200 OK 163 kB URL HTTP/1.1 fantasylawnornaments.com/wp-content/themes/InStyle/images/landscape.jpg
IP 66.115.173.183:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1280x838, components 3\012- data
Size 163 kB (162717 bytes)
Hash db4a6e760e70d33bad4551e106e3b637
0f33cc1012bbe24998e2e34caf2310aca16d1d74
4e35d85331cc0293682342ea99af4b02db6b037f804079a770ecc9ee5db100d9
GET /wp-content/themes/InStyle/images/landscape.jpg HTTP/1.1
Host: fantasylawnornaments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fantasylawnornaments.com/
Cookie: PHPSESSID=318abfb43d0c62c97605c221f30bec6c
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:54:08 GMT
content-type: image/jpeg
last-modified: Tue, 23 Oct 2018 08:38:53 GMT
accept-ranges: bytes
content-length: 162717
date: Fri, 02 Dec 2022 03:54:08 GMT
server: LiteSpeed
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1669736690606&_since=%221666483264567%22
34.102.187.140200 OK 51 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1669736690606&_since=%221666483264567%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (51208), with no line terminators
Hash 9afaeae9d1527c87128e50461d2a6ef5
bde6a4638ccd5cb5a276909de5ee7fd8dfbf1f92
457c31b4e64a3d3482a8800d0fecdfa79a444dbf9e3aea58787756922629f6b2
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1669736690606&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 51208
via: 1.1 google
date: Fri, 02 Dec 2022 02:31:23 GMT
cache-control: public,max-age=3600
age: 4965
last-modified: Tue, 29 Nov 2022 15:44:50 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
34.102.187.140200 OK 681 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (681), with no line terminators
Hash 01e6d8f0887454b033cd3d4cdb2f39f8
befee34a8f5c745b16752b061fdaa701e209ac8c
68f4889979f90605fd4fe35053efa202a5ced22b40bf321f51a2d7e97d49fbdc
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 681
via: 1.1 google
date: Fri, 02 Dec 2022 03:20:27 GMT
cache-control: public,max-age=3600
age: 2022
last-modified: Sun, 27 Nov 2022 16:36:54 GMT
etag: "1669567014153"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
34.102.187.140200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (1504), with no line terminators
Hash b480aba9ecded00911f29a626460b51a
ab390c2fdec3566f044afc6441e0bead2c854c3a
045742eee1dfc1cb13696b18f5e657dac32df0bcac9650e85d623547cda6a393
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1504
via: 1.1 google
date: Fri, 02 Dec 2022 03:22:16 GMT
cache-control: public,max-age=3600
age: 1913
last-modified: Sun, 27 Nov 2022 16:36:43 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14901
Expires: Fri, 02 Dec 2022 08:02:30 GMT
Date: Fri, 02 Dec 2022 03:54:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14901
Expires: Fri, 02 Dec 2022 08:02:30 GMT
Date: Fri, 02 Dec 2022 03:54:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14901
Expires: Fri, 02 Dec 2022 08:02:30 GMT
Date: Fri, 02 Dec 2022 03:54:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14901
Expires: Fri, 02 Dec 2022 08:02:30 GMT
Date: Fri, 02 Dec 2022 03:54:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14901
Expires: Fri, 02 Dec 2022 08:02:30 GMT
Date: Fri, 02 Dec 2022 03:54:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 21853
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 498ab4412ed5cf977bc23e4e870894b0
23753fe8af09ec8ffa10eed4d201a71833885c99
036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7334
x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoHJOoAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tuKmV_nb4HVbqkhtCnZY3b33VB-bB6UxaBl6HsY_JgWesbUB8SPt-g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:09:38 GMT
age: 20671
etag: "23753fe8af09ec8ffa10eed4d201a71833885c99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89e1a735e16f55c78fa75ae434294029
6c56f4015305eff04a99cec9758cd40bf4e5f704
26e8b042c0bbef2c7f93f77451563cf6e12af282251ef864652574be2b2c5b15
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3711
x-amzn-requestid: 68772438-16c4-40ab-a40e-860425d8301c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGyhHVsIAMFmsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e76-21d27db6708228002e738938;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JOCSKxy4WUDbS22Gd9BlyN1gmcDsDNlNWnT57KITGlNwfOe_Iaco9g==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:59 GMT
age: 21910
etag: "6c56f4015305eff04a99cec9758cd40bf4e5f704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321bfec8-0690-49d3-ba43-a2899f137b6b.jpeg
34.120.237.76200 OK 1.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321bfec8-0690-49d3-ba43-a2899f137b6b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 367a113e3826442861c63ba501d2d67d
764f6910ecc1ee436a70aa83f5bd363c2e500341
5e5cc53aba99e68211c86a2fd83ac4a023d1c82875d60a09d52875ef129cbb71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321bfec8-0690-49d3-ba43-a2899f137b6b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 1654
x-amzn-requestid: 537d523f-a3fb-4514-bda5-ecc834c1ed39
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgBEFNIAMFTjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891dff-0c12ccea20e953c236ca2b1b;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IXNpFJsiqPvrg8f-op2tcIVW2qoV7ZPm12wsTTXfYu0369N4Csy8BA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:56 GMT
age: 22753
etag: "764f6910ecc1ee436a70aa83f5bd363c2e500341"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e65083422468e512aa73eb68f20b2ec
73884daab5e71e4917637b3679c0bb5a1f0447de
f0d97bb9e3f01bbdbe91ba1f9b6ea0f649c66192383c51fe5c7ca9ac2a38ebdb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9719
x-amzn-requestid: c4ba3502-e191-40fa-8ae0-71dc6f733db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPjhHE8woAMFyKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382e606-70ab0e5523c91e5420efec78;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:22:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oBn917CDV6DjSs9TAL2iBU0Rn8_f8ny1rAVXrbI9KML2P7pxusbdjA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 03:43:52 GMT
age: 617
etag: "73884daab5e71e4917637b3679c0bb5a1f0447de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd78aa69439c995167f32b8a41a1f4f6
d07d6145182f312f3ed86ecf96b4ffa175416fa0
3b08cf3fad31ee0cf3ee25abc2484fb4283543865a42dfc568b14f9856fd3bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7722
x-amzn-requestid: 8d7c4800-6c06-43ed-afa1-94840d42f591
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGy2Gr1IAMFWeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e78-429ae3135d47e3b020c4c7a1;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z8thSamrCRejcAcQEGAp4WpSMzMEvstuZtVpKAjiCH4dyJyf1yihBA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:11 GMT
age: 21838
etag: "d07d6145182f312f3ed86ecf96b4ffa175416fa0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2