belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&utm_source=newsletter&utm_medium=mail&utm_campaign=&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
151.101.66.159301 Moved Permanently 162 B URL HTTP/1.1 belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&utm_source=newsletter&utm_medium=mail&utm_campaign=&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
IP 151.101.66.159:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/cmd.php?bx_sender_conversion_id=53034&utm_source=newsletter&utm_medium=mail&utm_campaign=&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Location: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-FW-Server: Flywheel/5.1.0
X-FW-Hash: 2klz4jifsf
X-FW-Version: 5.0.0
Server: Flywheel/5.1.0
Accept-Ranges: bytes
Date: Sun, 23 Oct 2022 06:29:06 GMT
X-Served-By: cache-bma1673-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1666506546.283112,VS0,VE124
Vary: Authorization
X-FW-Serve: TRUE
X-FW-Static: NO
X-FW-Type: VISIT
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c19f4a1def760c07cbc4aec1d0d6c050
6ad911a7c02f5e5fdd82fa86cae0453528d53a6d
750bba81910a4bbd78ab484ba03781a36459a0aec147d7c47424e9a9bf152b40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750BBA81910A4BBD78AB484BA03781A36459A0AEC147D7C47424E9A9BF152B40"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3828
Expires: Sun, 23 Oct 2022 07:32:54 GMT
Date: Sun, 23 Oct 2022 06:29:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 23 Oct 2022 05:52:50 GMT
Expires: Sun, 23 Oct 2022 06:06:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wL0dDVG7KHLhbN0pwqEBV-tjdb5P_jc8scux2-mljoMYO0RlW77MSA==
Age: 2176
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cecd3b2e0cd07173ee1fb63b0a744119
774e0935fffd5bb39799c040098e32c3dc88702f
78c2c60f2d752f572f1711e23aa3f82d5e5bce1940064405f6f989886f6315df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78C2C60F2D752F572F1711E23AA3F82D5E5BCE1940064405F6F989886F6315DF"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4910
Expires: Sun, 23 Oct 2022 07:50:56 GMT
Date: Sun, 23 Oct 2022 06:29:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0QF8u7Vx4M4nmtea+eiLD26QKHPMphPPkNhvVRiLHBP2FTLWIFX66XdouJNCq68OmIcvQBf4dd4=
x-amz-request-id: 61XFGX5560N5DBJF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 23 Oct 2022 05:37:51 GMT
age: 3075
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 06:29:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 23 Oct 2022 05:43:40 GMT
Expires: Sun, 23 Oct 2022 06:21:36 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 55YPMi_Xww6Mvu747hO6UOqwaLNVeT_o50frv6sdKrg4yp1P6G10xQ==
Age: 2727
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fecd12689ba4c6aa556814b7fac0d344
a3005f6333ce5201a73e2857c764a1b0091a91d5
83e0fb564f86df4300e8fc4b5baaf0ed13102c384922d388e02620fb3363a842
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1067
Cache-Control: max-age=93325
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:29:07 GMT
Etag: "6353a495-1d7"
Expires: Mon, 24 Oct 2022 08:24:32 GMT
Last-Modified: Sat, 22 Oct 2022 08:06:45 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.238.202.79101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.202.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pwK6Pzi1UBJBj4M6J0lsAA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kL0gqnWtkHppeljrHmQ39L8O6VM=
belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
151.101.66.159404 Not Found 8.5 kB URL HTTP/2 belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
IP 151.101.66.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9606)
Hash 1e917691a8e484fa01b0ddc1b53ff84c
a134a2efdba93e260ff29a11c654c07df2c9ef83
36d9204a7d4e29b4df20688678393f3d9b539d5b06e14feba54bef41f4ce6a45
GET /wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://belindalogan.com/wp-json/>; rel="https://api.w.org/"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: 2klz4jifsf
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: NO:Not Cacheable
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1666506547.594199,VS0,VE1462
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 8500
X-Firefox-Spdy: h2
belindalogan.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.5.1
151.101.66.159200 OK 2.1 kB URL HTTP/2 belindalogan.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.5.1
IP 151.101.66.159:0
File type ASCII text, with very long lines (10435), with no line terminators
Hash 981cb58e6a5b52533a99b2b9b36fa401
43f8fe9e96aaebb512ba014e0ed7888d01c82707
6a2ee63270789000b09db69fda23e814970ba5f1ff128722183df07732ad0417
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.5.1 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 21 Oct 2022 14:52:10 GMT
etag: W/"6352b21a-28c3"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 2klz4jifsf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666506548.152724,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2146
X-Firefox-Spdy: h2
belindalogan.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
151.101.66.159200 OK 14 kB URL HTTP/2 belindalogan.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 151.101.66.159:0
File type ASCII text, with very long lines (43771)
Hash 1047dd6779111ec73736abd71a40fef9
e08643922ce9a1a488f2a72c0341807f59f7528e
d85287eacda4e97356cf1b53ec765e34c8913558d6fb485b334debf78c89a3bf
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-15b64"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: 2klz4jifsf
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666506548.152640,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 13906
X-Firefox-Spdy: h2
belindalogan.com/wp-content/plugins/nrdly-books/css/styles.css?ver=6.0.3
151.101.66.159200 OK 446 B URL HTTP/2 belindalogan.com/wp-content/plugins/nrdly-books/css/styles.css?ver=6.0.3
IP 151.101.66.159:0
Hash 6af3ce3ec531763dafc553e7c0edfad2
4b1f68b3f4163cc0a77500caf5c904bd7d4219b7
656a0a87785e2e5b484167ed659aae625679600d4e3aafd8b4518f53d1799f9e
GET /wp-content/plugins/nrdly-books/css/styles.css?ver=6.0.3 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 21 Oct 2022 14:51:46 GMT
etag: W/"6352b202-448"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 2klz4jifsf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666506548.153592,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 446
X-Firefox-Spdy: h2
belindalogan.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.5.1
151.101.66.159200 OK 30 kB URL HTTP/2 belindalogan.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.5.1
IP 151.101.66.159:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 025e582a85e34eba0b58aaa26776ca19
7db4a057021041c0c6240e88b743d551b052fa8d
04717cd81c021fd107742a0b7f27bf7c42e69f106e5fe002a175446931a228fa
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.5.1 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 21 Oct 2022 14:52:11 GMT
etag: W/"6352b21b-384e1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 2klz4jifsf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666506548.152969,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 29961
X-Firefox-Spdy: h2
belindalogan.com/wp-content/plugins/nrdly-courses//css/styles.css?ver=1666363908
151.101.66.159200 OK 591 B URL HTTP/2 belindalogan.com/wp-content/plugins/nrdly-courses//css/styles.css?ver=1666363908
IP 151.101.66.159:0
Hash f308f1aed21b8a90edc0bca2da766f0e
fb3f46aa28c6ae6c9e000ac11d28d2164f1cffe0
5b346b346e7feebdd521dc9d7757f958568b7e013c7c758331bb9a2815c9f1e2
GET /wp-content/plugins/nrdly-courses//css/styles.css?ver=1666363908 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 21 Oct 2022 14:51:48 GMT
etag: W/"6352b204-5d4"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 2klz4jifsf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666506548.155135,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 591
X-Firefox-Spdy: h2
belindalogan.com/wp-content/themes/nrdly-original/stylesheets/css/style.css?ver=1666365891
151.101.66.159200 OK 16 kB URL HTTP/2 belindalogan.com/wp-content/themes/nrdly-original/stylesheets/css/style.css?ver=1666365891
IP 151.101.66.159:0
Hash 11393e818e8b9d40c1cd4be6bd25c238
b350710bc4014e1f970ea3ee8da4482ba006b82e
e7a78f92fce593e665e0b35eb5c673dcd0630158991d596d189a968faf1e1687
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/nrdly-original/stylesheets/css/style.css?ver=1666365891 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 21 Oct 2022 15:24:51 GMT
etag: W/"6352b9c3-13140"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 2klz4jifsf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666506548.157337,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 16379
X-Firefox-Spdy: h2
belindalogan.com/wp-includes/css/dashicons.min.css?ver=6.0.3
151.101.66.159200 OK 37 kB URL HTTP/2 belindalogan.com/wp-includes/css/dashicons.min.css?ver=6.0.3
IP 151.101.66.159:0
File type ASCII text, with very long lines (58981)
Hash 004101af9c3befba2e10d525146a727f
077953fb6eed94ca90e8b301ec23fa9d0308587f
1fcba3a13205f4a577119cfebcb57d9c5519956f8e972c7fb8d9ce4fca557206
GET /wp-includes/css/dashicons.min.css?ver=6.0.3 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-e688"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: 2klz4jifsf
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666506548.158004,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 36596
X-Firefox-Spdy: h2
belindalogan.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
151.101.66.159200 OK 34 kB URL HTTP/2 belindalogan.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 151.101.66.159:0
File type ASCII text, with very long lines (65447)
Hash 22b0253c0ecce70e41e296d176b0d972
a161c363d2092739db21bfeb2cf23c980ec71580
181967b7928e133789c8edbb8bdcb73d44a0328d884b613f8ebfb182b4c3c52e
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-15db1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: 2klz4jifsf
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666506548.159241,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 34060
X-Firefox-Spdy: h2
belindalogan.com/wp-content/themes/nrdly-original/js/header.js?ver=1666365891
151.101.66.159200 OK 479 B URL HTTP/2 belindalogan.com/wp-content/themes/nrdly-original/js/header.js?ver=1666365891
IP 151.101.66.159:0
Hash a1dc2074ab38403430f6baa7fffb5709
9fb000c42064964eff40db849e099ca81de1b60c
b1ddf91b879c344b1626b1c8ba25004dadb532203762012ca230445f7593fc0e
GET /wp-content/themes/nrdly-original/js/header.js?ver=1666365891 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 21 Oct 2022 15:24:51 GMT
etag: W/"6352b9c3-3c7"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 2klz4jifsf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666506548.160477,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 479
X-Firefox-Spdy: h2
belindalogan.com/wp-content/themes/nrdly-original/js/jquery.fitvids.js?ver=6.0.3
151.101.66.159200 OK 1.4 kB URL HTTP/2 belindalogan.com/wp-content/themes/nrdly-original/js/jquery.fitvids.js?ver=6.0.3
IP 151.101.66.159:0
File type HTML document, ASCII text
Hash 97fa2109b95905e7794f1944c6f16234
10061463f7b7450a1ab0f14a28fcb423155a3d14
ee3c1ef4f93942dcb9d0d5a5fba141710038ea376e09549d4d6cc56b5012c6ff
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/nrdly-original/js/jquery.fitvids.js?ver=6.0.3 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 21 Oct 2022 15:24:51 GMT
etag: W/"6352b9c3-d17"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 2klz4jifsf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666506548.160624,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1398
X-Firefox-Spdy: h2
belindalogan.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
151.101.66.159200 OK 4.4 kB URL HTTP/2 belindalogan.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 151.101.66.159:0
File type ASCII text, with very long lines (11126)
Hash 24957bc8161f979c6e661f46fdc3974f
fa1237ffe8b3745baa78ac481239038e133fcc17
46acf87c90961d413ac24eace25b77a8d5236daf38799fec2daf0bc350cc6ebe
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-2bd8"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: 2klz4jifsf
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666506548.160492,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4405
X-Firefox-Spdy: h2
belindalogan.com/wp-content/themes/nrdly-original/js/jquery.modal.min.js?ver=6.0.3
151.101.66.159200 OK 1.8 kB URL HTTP/2 belindalogan.com/wp-content/themes/nrdly-original/js/jquery.modal.min.js?ver=6.0.3
IP 151.101.66.159:0
File type HTML document, ASCII text, with very long lines (4862)
Hash 3f9d6f6fee1fdf9d77a36623967c367c
b33cc726b2a41a19990d26ac3bdf84170ea247e3
a4063566fcbbe48edbb9eac48fc38b806d17c2e26aaa0d9191f267cd86a289e8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/nrdly-original/js/jquery.modal.min.js?ver=6.0.3 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 21 Oct 2022 15:24:51 GMT
etag: W/"6352b9c3-1359"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 2klz4jifsf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666506548.161397,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1774
X-Firefox-Spdy: h2
belindalogan.com/wp-content/themes/nrdly-original/stylesheets/css/jquery.modal.min.css?ver=1666365891
151.101.66.159200 OK 1.8 kB URL HTTP/2 belindalogan.com/wp-content/themes/nrdly-original/stylesheets/css/jquery.modal.min.css?ver=1666365891
IP 151.101.66.159:0
File type ASCII text, with very long lines (3201), with no line terminators
Hash c57acec0ecc3aed3517f88e466f4494e
5cb85064debd15584147d1479d30e71a24db5c38
9517cb25d5dc3f352c0e252372786256615773c98b802f8e7e504727b3d95b5e
GET /wp-content/themes/nrdly-original/stylesheets/css/jquery.modal.min.css?ver=1666365891 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 21 Oct 2022 15:24:51 GMT
etag: W/"6352b9c3-c81"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 2klz4jifsf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666506548.155962,VS0,VE9
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1793
X-Firefox-Spdy: h2
belindalogan.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.0.0
151.101.66.159200 OK 3.7 kB URL HTTP/2 belindalogan.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.0.0
IP 151.101.66.159:0
File type ASCII text, with very long lines (9115)
Hash 6a9c6fdacdf14b613d643f562fd41764
e41c68b535a83864dba54eedaa48a9c3332168c0
2066890038c65f8d4cdd90a2d0c755014fa443ccc5fa7ce33e72c75285292ef6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.0.0 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 21 Oct 2022 14:52:42 GMT
etag: W/"6352b23a-2525"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 2klz4jifsf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666506548.166515,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3675
X-Firefox-Spdy: h2
belindalogan.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.0
151.101.66.159200 OK 1.0 kB URL HTTP/2 belindalogan.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.0
IP 151.101.66.159:0
File type ASCII text, with very long lines (1668)
Hash 7821acfdb8b6a9b7239c819e511d2037
bdff79427e23f820c2b219dad0d9a6763930c1dc
e8e9806a85797e1392e7d87132fbc9e411ba5e3838bce7ab1a178bc1fd721cfe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.0 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 21 Oct 2022 14:52:41 GMT
etag: W/"6352b239-72a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 2klz4jifsf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666506548.168948,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1000
X-Firefox-Spdy: h2
belindalogan.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.0.0
151.101.66.159200 OK 1.1 kB URL HTTP/2 belindalogan.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.0.0
IP 151.101.66.159:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash 25e23a802d20db87fcc1f06b03c1e8a2
f161cebfbad2f5eb07a2a9df1ce49cd7e7b2179b
c2a882653542c39ff9479ce69781d0cae503b3e03727d96ee61cfb203ca5942f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.0.0 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 21 Oct 2022 14:52:42 GMT
etag: W/"6352b23a-b7a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 2klz4jifsf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666506548.170108,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1086
X-Firefox-Spdy: h2
belindalogan.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.0.0
151.101.66.159200 OK 836 B URL HTTP/2 belindalogan.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.0.0
IP 151.101.66.159:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash b0099b2baa05980cbc24ac27a8e95be3
f72e3bab79d57be81440a23adcca469cd9f4506a
ed4794d311b177c5847a43b9e13df968a32153f4a45fa72d7ef8c9a0c00a11b1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.0.0 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 21 Oct 2022 14:52:42 GMT
etag: W/"6352b23a-85b"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 2klz4jifsf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666506548.169558,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 836
X-Firefox-Spdy: h2
belindalogan.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.0.0
151.101.66.159200 OK 1.1 kB URL HTTP/2 belindalogan.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.0.0
IP 151.101.66.159:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 8871d4b6a802b8e8edc5730053aa997c
d39838f5c81eb52dcc3ffb87584b2365930af96f
6912b68af7b9d4a040ac738f58c1bba3886197af833fbc59215a35bbe77ac3bc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.0.0 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 21 Oct 2022 14:52:42 GMT
etag: W/"6352b23a-bdd"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 2klz4jifsf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666506548.167241,VS0,VE5
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1145
X-Firefox-Spdy: h2
belindalogan.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
151.101.66.159200 OK 5.5 kB URL HTTP/2 belindalogan.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 151.101.66.159:0
File type ASCII text, with very long lines (15660)
Hash 17db16eba9de064a60b18a592b36634a
82fc955209623803111e48d5be3cf345315be6f5
1144901adf4e1d54838e6e04a2b75314f3b95518ee654d8c1742af50e355b433
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-48b9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: 2klz4jifsf
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666506548.217852,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 5515
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuFuYAZ9hiA.woff2
216.58.207.195200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuFuYAZ9hiA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17784, version 1.0\012- data
Hash 8d7a3f034881d1712b3325cc71425c10
9594f24367800a20297a96c2d4f957e62c63e207
ced2d8e02e2fbf08d2edec9b5f13648ed8348588a05f7181632f3c1dd6e1f5c3
GET /s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuFuYAZ9hiA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://belindalogan.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17784
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 02:55:44 GMT
expires: Sun, 22 Oct 2023 02:55:44 GMT
cache-control: public, max-age=31536000
age: 99204
last-modified: Mon, 11 Jul 2022 21:02:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/inconsolata/v31/QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15.woff2
216.58.207.195200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/inconsolata/v31/QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash b4eb8749bd707af4c13348f55a24f5b0
f349d1a2c0ea9bd4cfc1b372ea4af692502a9b9a
5d5476afa39f08490e9c4e1844eb25fd5c1fd71169e360b44e1398ee5ecece40
GET /s/inconsolata/v31/QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://belindalogan.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 01:47:34 GMT
expires: Sun, 22 Oct 2023 01:47:34 GMT
cache-control: public, max-age=31536000
age: 103294
last-modified: Mon, 11 Jul 2022 18:59:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 06:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
belindalogan.com/wp-content/themes/nrdly-original/nrdly-logo-white.png
151.101.66.159200 OK 6.4 kB URL HTTP/2 belindalogan.com/wp-content/themes/nrdly-original/nrdly-logo-white.png
IP 151.101.66.159:0
File type PNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data
Hash 735603d692700a63a337af3e593cadae
f1ab961943a49a69e36b99627afa94b557da5593
61f5ddee472cec389a257112f5aa787a1472e1622db991a36feaae2d62bfab6f
GET /wp-content/themes/nrdly-original/nrdly-logo-white.png HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 21 Oct 2022 15:24:52 GMT
etag: W/"6352b9c4-1bc4"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 2klz4jifsf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:08 GMT
x-served-by: cache-bma1675-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1666506548.165295,VS0,VE481
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 6448
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4284
Expires: Sun, 23 Oct 2022 07:40:32 GMT
Date: Sun, 23 Oct 2022 06:29:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4284
Expires: Sun, 23 Oct 2022 07:40:32 GMT
Date: Sun, 23 Oct 2022 06:29:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080f3444-90ed-495b-96d4-2db78eb397df.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080f3444-90ed-495b-96d4-2db78eb397df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c0675dc4be3e7a62f7083f4b34e5959
f6c43d035774306f3622029fb6a2c9d44086a3f8
56153c1a09bbf2a2d0079fe15ee54733460bbce7572d6b1b66972a0e00123b1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080f3444-90ed-495b-96d4-2db78eb397df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7588
x-amzn-requestid: b6a2786a-7863-49b7-b96f-09b94c44dcdc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abRm0GRfIAMFVcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635462f8-58ef725d7c9a71fc0c90a86d;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:39:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: jtZFCDkxgLwr6JRka5OuVuFcxmZH4sNWrhT_kx1DkFTSN3NQ9NUu0Q==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:43:36 GMT
etag: "f6c43d035774306f3622029fb6a2c9d44086a3f8"
content-type: image/jpeg
age: 31532
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59238334-9f45-421d-9067-ed59fbf8b0b6.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59238334-9f45-421d-9067-ed59fbf8b0b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a47128c87b628846400333388bd8326
b0d44fc160f020dba7782d1ffd3995b93bceb909
77123eae8c61d6ad061d2a0720b608d34ca9ed59e274ecb6824e5fc30a997505
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59238334-9f45-421d-9067-ed59fbf8b0b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10292
x-amzn-requestid: fca5e428-9855-4891-bc80-5ff5a7c29ca0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aDVCRHlRIAMFgdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634acedb-140b0cdc0d2d814e4ee53ef7;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 15:16:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uuzjffiuDYZObYZ1pP6_ndGpUxpxM3AVamvctTfVkDIv9fxF-0RZUg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 03:09:44 GMT
age: 11964
etag: "b0d44fc160f020dba7782d1ffd3995b93bceb909"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa75f7b18-e0d1-4cfe-b763-83c991def199.webp
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa75f7b18-e0d1-4cfe-b763-83c991def199.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bed49abb7a64c9f0717ac283b30bff8b
0f9e4ab8e7ceff21752ea83a243431fc4c78a4e3
ddb5ed6e7b818593ac9819be0a8d376e26ef3b45b417f00ce1d7dbee47465bec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa75f7b18-e0d1-4cfe-b763-83c991def199.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4746
x-amzn-requestid: fa85cf46-7cea-439e-92d5-db3875ff4479
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aIQpNFk5IAMF16Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634cc7d4-245cdd691d0c415d508421ce;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 03:11:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _-h7oz6Zv1P40jltqN71dpyrUJG_HzVJS8gKby0vgdkaNJ4ljXUwCg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 15:25:14 GMT
age: 54234
etag: "0f9e4ab8e7ceff21752ea83a243431fc4c78a4e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd337e0f9-4135-4fa1-9843-c609356020a9.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd337e0f9-4135-4fa1-9843-c609356020a9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bcadefe69587d4ab5bf5ff9e71eb5cab
066fb94a6ae38e57d67001cc319eea17f837d511
45b175a2cecee90b2d0efc16c4139686ffcf34bfac9084fe9e5e1c926dc1330c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd337e0f9-4135-4fa1-9843-c609356020a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10036
x-amzn-requestid: b1f0e0b9-6fc6-4b7c-a9b0-55845cdfd2d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abR9aEvjIAMF22Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63546388-72742b3a1279d76e2e842930;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:41:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e-Q7z6QYQB1CGZ57JUJIf6l7Ofu9nGkF-ONfTrXJb6MMegchNYMqWQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:50:36 GMT
etag: "066fb94a6ae38e57d67001cc319eea17f837d511"
content-type: image/jpeg
age: 31112
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeb090f5-d3fb-4dcf-bfb4-7490dee6c833.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeb090f5-d3fb-4dcf-bfb4-7490dee6c833.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ebab98ee9ab567348e2c31cccdbc62c2
6c453568c39d65380ebcf7151b5383994b864abe
e9bf601eb67aa9778b326e7568f990352d9bfa574da283e879e62e9a2dddb2fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeb090f5-d3fb-4dcf-bfb4-7490dee6c833.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6821
x-amzn-requestid: 05d1de38-a072-4392-b1c6-a07f7d67fbf0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMGWZGH-IAMFVzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e50f5-3868ae460a52caa178d8ff2f;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:08:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Q0jfZigs37oi_sofHLQimt37uujfVdoqz2kLm26FgF5i1ziagz3noQ==
via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:09:09 GMT
age: 33599
etag: "6c453568c39d65380ebcf7151b5383994b864abe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50afa8fe-bd4e-4951-bc9f-b9a25aa28c7b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50afa8fe-bd4e-4951-bc9f-b9a25aa28c7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 319c9a70bded148097c378aee2e5e7e3
9815cabee697f91758b3d6049b33b6e6372fc69e
511dfb789ee7031302e0b18761854b93b47a7113d7a6a1a8ee16b3f1e425786b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50afa8fe-bd4e-4951-bc9f-b9a25aa28c7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8344
x-amzn-requestid: 563c255f-62bf-4038-92e0-ffb869de9acd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abRkFHUUIAMFY3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635462e6-34b76ac446e96214580e6fe6;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ODC-cdFkM2mIQFcZjYm_ECZjhrFEewsJxzlZXisEt8l8GYnD4KuKEg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:43:36 GMT
age: 31532
etag: "9815cabee697f91758b3d6049b33b6e6372fc69e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
belindalogan.com/wp-content/uploads/2021/06/cropped-favicon-32x32.png
151.101.66.159200 OK 755 B URL HTTP/2 belindalogan.com/wp-content/uploads/2021/06/cropped-favicon-32x32.png
IP 151.101.66.159:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 6071c8705a109ab3399161470e175435
cc0e82d1985147c9b3474d6e02864ac26222332a
c13baa27b1dceb8bdc294169ad165648f74433433efbfd6ab708cb4ab8a202e1
GET /wp-content/uploads/2021/06/cropped-favicon-32x32.png HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Mon, 16 Aug 2021 14:25:53 GMT
etag: W/"611a7571-2d7"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 2klz4jifsf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:09 GMT
x-served-by: cache-bma1675-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1666506549.636407,VS0,VE364
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 755
X-Firefox-Spdy: h2
belindalogan.com/wp-content/uploads/2021/06/cropped-favicon-192x192.png
151.101.66.159200 OK 4.1 kB URL HTTP/2 belindalogan.com/wp-content/uploads/2021/06/cropped-favicon-192x192.png
IP 151.101.66.159:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash d1ac7dc33393f4d5baa07f772257f1a6
5e7ca26884ca073d80833d030c790ed30562920c
f62db8250b94fa1791962f4aa9400360cc0cb3c1a143f80e0fb5f3e1eaabdca1
GET /wp-content/uploads/2021/06/cropped-favicon-192x192.png HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Mon, 16 Aug 2021 14:25:54 GMT
etag: W/"611a7572-1074"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 2klz4jifsf
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:09 GMT
x-served-by: cache-bma1675-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1666506549.636179,VS0,VE483
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4129
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Inconsolata:wght@400;500;600;700&family=Inter:wght@700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Inconsolata:wght@400;500;600;700&family=Inter:wght@700&display=swap
IP 142.250.74.10:0
GET /css2?family=Inconsolata:wght@400;500;600;700&family=Inter:wght@700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://belindalogan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 23 Oct 2022 06:29:08 GMT
date: Sun, 23 Oct 2022 06:29:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
belindalogan.com/?wc-ajax=get_refreshed_fragments
151.101.66.159200 OK 0 B URL HTTP/2 belindalogan.com/?wc-ajax=get_refreshed_fragments
IP 151.101.66.159:0
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: belindalogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://belindalogan.com/wp-content/cmd.php?bx_sender_conversion_id=53034&sign=f512e57005e01b174a86cdb33af8c17c8aa82589ad6f61a380f9b346cef1a779
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://belindalogan.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://belindalogan.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
cache-control: no-cache, must-revalidate, max-age=0
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: 2klz4jifsf
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: NO:Not Cacheable
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 23 Oct 2022 06:29:09 GMT
x-served-by: cache-bma1675-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1666506548.386250,VS0,VE801
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
X-Firefox-Spdy: h2