ce4c58d96fb69c26eed60f376ae92a059de29f1a4100b6c82aca05487c2d8b42

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
14/05/2024, 11:39 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

415b9b87711a649549132d12a9b1c918_JaffaCakes118.html
Size

52KB
MD5

415b9b87711a649549132d12a9b1c918
SHA1

88c7f2fb3d68e50fd7fc1296d573cbe44daafe07
SHA256

ce4c58d96fb69c26eed60f376ae92a059de29f1a4100b6c82aca05487c2d8b42
SHA512

8042a7ccd8fd1a4401857d374a9bda9fc13a16ecc292461df2df27c53146c76df8a874649fe31ae7bb609ef13dc4aaeb0e7870d12fcdee5a5205f11e8e51b32d
SSDEEP

1536:Ab3zZiOe5n0ghNxgefN3MU39DMglNJfXwJ0:68Oe50geefR9Dt+J0

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1848	msedge.exe
1848	msedge.exe
544	msedge.exe
544	msedge.exe
532	identity_helper.exe
532	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe
544	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 544 wrote to memory of 4468	544	msedge.exe	81
PID 544 wrote to memory of 4468	544	msedge.exe	81
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 3968	544	msedge.exe	82
PID 544 wrote to memory of 1848	544	msedge.exe	83
PID 544 wrote to memory of 1848	544	msedge.exe	83
PID 544 wrote to memory of 4732	544	msedge.exe	84
PID 544 wrote to memory of 4732	544	msedge.exe	84
PID 544 wrote to memory of 4732	544	msedge.exe	84
PID 544 wrote to memory of 4732	544	msedge.exe	84
PID 544 wrote to memory of 4732	544	msedge.exe	84
PID 544 wrote to memory of 4732	544	msedge.exe	84
PID 544 wrote to memory of 4732	544	msedge.exe	84
PID 544 wrote to memory of 4732	544	msedge.exe	84
PID 544 wrote to memory of 4732	544	msedge.exe	84
PID 544 wrote to memory of 4732	544	msedge.exe	84
PID 544 wrote to memory of 4732	544	msedge.exe	84
PID 544 wrote to memory of 4732	544	msedge.exe	84
PID 544 wrote to memory of 4732	544	msedge.exe	84
PID 544 wrote to memory of 4732	544	msedge.exe	84
PID 544 wrote to memory of 4732	544	msedge.exe	84
PID 544 wrote to memory of 4732	544	msedge.exe	84
PID 544 wrote to memory of 4732	544	msedge.exe	84
PID 544 wrote to memory of 4732	544	msedge.exe	84
PID 544 wrote to memory of 4732	544	msedge.exe	84
PID 544 wrote to memory of 4732	544	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\415b9b87711a649549132d12a9b1c918_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcaaf146f8,0x7ffcaaf14708,0x7ffcaaf14718
  2⤵
  PID:4468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1996,11307104660137157764,14034191073767622345,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
  2⤵
  PID:3968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1996,11307104660137157764,14034191073767622345,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1996,11307104660137157764,14034191073767622345,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2740 /prefetch:8
  2⤵
  PID:4732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,11307104660137157764,14034191073767622345,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:3116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,11307104660137157764,14034191073767622345,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:4920
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1996,11307104660137157764,14034191073767622345,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5212 /prefetch:8
  2⤵
  PID:636
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1996,11307104660137157764,14034191073767622345,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5212 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,11307104660137157764,14034191073767622345,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
  2⤵
  PID:8
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,11307104660137157764,14034191073767622345,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1
  2⤵
  PID:3616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,11307104660137157764,14034191073767622345,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1
  2⤵
  PID:4624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,11307104660137157764,14034191073767622345,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1
  2⤵
  PID:1636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,11307104660137157764,14034191073767622345,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3744 /prefetch:1
  2⤵
  PID:972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,11307104660137157764,14034191073767622345,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4848 /prefetch:1
  2⤵
  PID:3540

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3868

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3920

Network

DNS

s.w.org

msedge.exe

Remote address:

8.8.8.8:53

Request

s.w.org

IN A

Response

s.w.org

IN A

192.0.77.48
DNS

flossinseconds.com

msedge.exe

Remote address:

8.8.8.8:53

Request

flossinseconds.com

IN A

Response

flossinseconds.com

IN A

104.21.46.54

flossinseconds.com

IN A

172.67.223.226
GET

http://flossinseconds.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

msedge.exe

Remote address:

104.21.46.54:80

Request

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: flossinseconds.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Date: Tue, 14 May 2024 11:40:02 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 14 May 2024 12:40:02 GMT
Location: https://flossinseconds.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=64Ae%2BuFIZ%2FEQvFVwPGyHBZ5%2Fo6etoxe4I3xJLefD4yybPTvyZx1sD%2FPYV42BZ5CZYUV2yEM2rKWwRPaYP5E68pMqW6MRIspeC5XSRYpSyPMNva8wyAMQE419VNrwUbrbgKikKOc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 883a9c724ca1776e-LHR
alt-svc: h3=":443"; ma=86400
GET

http://flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=1.0

msedge.exe

Remote address:

104.21.46.54:80

Request

GET /wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=1.0 HTTP/1.1
Host: flossinseconds.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Date: Tue, 14 May 2024 11:40:03 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 14 May 2024 12:40:03 GMT
Location: https://flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=1.0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J8E4mwp3qZAF%2FZnVgFjHsYORfSdmJB6zAFFc%2FsoUNq3lawWSB3dBFkK2H0DS4yZUqc%2FEQivJ9NAgAj3dMqOYTlqup4ias3CjHYdqT3r1jsjaL%2FWi9Cx0b7EPjtuPmrfl12%2B6DGI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 883a9c77dbb8776e-LHR
alt-svc: h3=":443"; ma=86400
GET

http://flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/global.js?ver=1.0

msedge.exe

Remote address:

104.21.46.54:80

Request

GET /wp-content/themes/twentyseventeen/assets/js/global.js?ver=1.0 HTTP/1.1
Host: flossinseconds.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Date: Tue, 14 May 2024 11:40:03 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 14 May 2024 12:40:03 GMT
Location: https://flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/global.js?ver=1.0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=00fknzXFNFeZ8rEEQF03S%2FONkZBv0uZMYIPUX%2FLWSJ%2BYYA2w2vI%2BDdCrV%2FEITtuLk%2F4Ij%2FWV7n2c%2FcldP0J51Is2YjejmG14Bg34i6B7eINYuyeIdkEDqb6VLmMKGVE%2BGZUpj7U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 883a9c788c8e776e-LHR
alt-svc: h3=":443"; ma=86400
GET

http://flossinseconds.com/wp-content/themes/twentyseventeen/style.css?ver=4.9.4

msedge.exe

Remote address:

104.21.46.54:80

Request

GET /wp-content/themes/twentyseventeen/style.css?ver=4.9.4 HTTP/1.1
Host: flossinseconds.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Date: Tue, 14 May 2024 11:40:02 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 14 May 2024 12:40:02 GMT
Location: https://flossinseconds.com/wp-content/themes/twentyseventeen/style.css?ver=4.9.4
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KYtxxOxTTw3J%2B9DuuzBRoaiD6CUg35Cj7R7Eb2u6jjNZc2ic9Ky2ipqCPQv7YvCBIdUk2IyQ1ygcH%2B6S%2BGgOw8fftuSwFAqHFgCkOvX5BSqjGR6%2BAkZNgxoS5w3GXpXZD0KJXVY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 883a9c724975dd23-LHR
alt-svc: h3=":443"; ma=86400
GET

http://flossinseconds.com/wp-includes/js/wp-embed.min.js?ver=4.9.4

msedge.exe

Remote address:

104.21.46.54:80

Request

GET /wp-includes/js/wp-embed.min.js?ver=4.9.4 HTTP/1.1
Host: flossinseconds.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Date: Tue, 14 May 2024 11:40:03 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 14 May 2024 12:40:03 GMT
Location: https://flossinseconds.com/wp-includes/js/wp-embed.min.js?ver=4.9.4
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vygZwCzvuTn0BZQlUvHMXNppSEou6In112h%2Fjh4W5cwlnEyZx8SE8UzNApUMgz5e0aP%2FuwqMn7UssZWwREoxlFGNwVCAvj7sBjTjnVRrv6bKQTa5Imof%2B6S5WQ6AaoQzH0D%2BuWI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 883a9c78892edd23-LHR
alt-svc: h3=":443"; ma=86400
GET

http://flossinseconds.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

msedge.exe

Remote address:

104.21.46.54:80

Request

GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: flossinseconds.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Date: Tue, 14 May 2024 11:40:02 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 14 May 2024 12:40:02 GMT
Location: https://flossinseconds.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TKD1FM1cyun7Gkq%2BQMxIINmuW5mvEFv%2BzXHv6LOWAIxiugdcBM1yjzeBUc%2FtJzhbg5jgLhDBiiobxyylXRKEmTscEOea0HWlYz4ojjxCyO1jL7QOrlKPaYAc4ErFWmp9n0dDr9g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 883a9c724f50d17c-LHR
alt-svc: h3=":443"; ma=86400
GET

http://flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2

msedge.exe

Remote address:

104.21.46.54:80

Request

GET /wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2 HTTP/1.1
Host: flossinseconds.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Date: Tue, 14 May 2024 11:40:03 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 14 May 2024 12:40:03 GMT
Location: https://flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7EUzz739Bn24WjNhnieyIW3UyuVqIB8imHf5AzXYdNDU6%2B51Jhe3mAWCaguT0BZCYJtPjXlu5jnBosItb8MNeLBuUv%2B5hDkartyzIjJDyn%2FhrA5VRNAaQSjF65GE9Tu2o%2BQWf4g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 883a9c788803d17c-LHR
alt-svc: h3=":443"; ma=86400
GET

https://flossinseconds.com/wp-content/themes/twentyseventeen/style.css?ver=4.9.4

msedge.exe

Remote address:

104.21.46.54:443

Request

GET /wp-content/themes/twentyseventeen/style.css?ver=4.9.4 HTTP/2.0
host: flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

date: Tue, 14 May 2024 11:40:02 GMT
content-type: text/html
content-length: 167
location: https://www.flossinseconds.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
cache-control: max-age=3600
expires: Tue, 14 May 2024 12:40:02 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OrPpt%2BVWIDUvoYvY9suGyRIf6f0ednRp4OdbNBX44ZaUNdQDWzJqo1G93KjOP2GC3hUHVkBZi72sqHjMAuKuxljXzGgCFfDXBf6iA%2Bp7kh1niB4MYEX9NWwxIEUTzqK6fF4jiyY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 883a9c72dd8d8862-LHR
alt-svc: h3=":443"; ma=86400
GET

https://flossinseconds.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

msedge.exe

Remote address:

104.21.46.54:443

Request

GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/2.0
host: flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

date: Tue, 14 May 2024 11:40:02 GMT
content-type: text/html
content-length: 167
location: https://www.flossinseconds.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
cache-control: max-age=3600
expires: Tue, 14 May 2024 12:40:02 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dirXpfVM3J8EwLM%2FWBIfMt%2BqqYlMbAepbbmmQrafUiYHvbJ3DHup7ewhYiJbDBY9AQsQHqMXJSaNWm8lLG0t%2Bi7ve2FGfIKVulLL8q05%2FPw7ObSZekA%2FgKk3BVsi%2F9lyLOWYqZo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 883a9c72dd8f8862-LHR
alt-svc: h3=":443"; ma=86400
GET

https://flossinseconds.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

msedge.exe

Remote address:

104.21.46.54:443

Request

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/2.0
host: flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

date: Tue, 14 May 2024 11:40:02 GMT
content-type: text/html
content-length: 167
location: https://www.flossinseconds.com/wp-content/themes/twentyseventeen/style.css?ver=4.9.4
cache-control: max-age=3600
expires: Tue, 14 May 2024 12:40:02 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8R9VVCG1QwJIcgJV8kpiwlFFBpGdav0mN1vNqtKQSg2SJRr7rUsIpjd3LBZYcVvDrGX9WYrgFiWfGVKetd7Cl4zq0Uhe0MDbqF6M4I4R3q9QWw160xpw6TOB6XXKCOJ%2B0MbpQcQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 883a9c72dd8c8862-LHR
alt-svc: h3=":443"; ma=86400
GET

https://flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=1.0

msedge.exe

Remote address:

104.21.46.54:443

Request

GET /wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=1.0 HTTP/2.0
host: flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

date: Tue, 14 May 2024 11:40:03 GMT
content-type: text/html
content-length: 167
location: https://www.flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=1.0
cache-control: max-age=3600
expires: Tue, 14 May 2024 12:40:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJnyfbsgsfQ38iyND0jmwUCoWtS8PK2E%2Bv7cW%2FA1GdDjJo8p%2BBOsbCXYvVFX%2BmDsO7wFgK1z55LGVeRvf4uvfvi9TztLLCZaXOOuar7AciL3Qne%2FqWy%2BhsSVbYpIR2G0pVyHR1c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 883a9c77fcd18862-LHR
alt-svc: h3=":443"; ma=86400
GET

https://flossinseconds.com/wp-includes/js/wp-embed.min.js?ver=4.9.4

msedge.exe

Remote address:

104.21.46.54:443

Request

GET /wp-includes/js/wp-embed.min.js?ver=4.9.4 HTTP/2.0
host: flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

date: Tue, 14 May 2024 11:40:03 GMT
content-type: text/html
content-length: 167
location: https://www.flossinseconds.com/wp-includes/js/wp-embed.min.js?ver=4.9.4
cache-control: max-age=3600
expires: Tue, 14 May 2024 12:40:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LUEgD86XmmxpDu47FIZIHUs9IeXxB7M6IvS1DhxTgnEpWYNKW0UaDFD9y0ErORNkPA%2FKt3OXIQXLovKrklDGYH%2FcQcAOL3iU2wT3hCVHi%2Bhy6Q6GYBej6jr4D%2FpGVZvR2cWZtTo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 883a9c792e468862-LHR
alt-svc: h3=":443"; ma=86400
GET

https://flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2

msedge.exe

Remote address:

104.21.46.54:443

Request

GET /wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2 HTTP/2.0
host: flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

date: Tue, 14 May 2024 11:40:03 GMT
content-type: text/html
content-length: 167
location: https://www.flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/global.js?ver=1.0
cache-control: max-age=3600
expires: Tue, 14 May 2024 12:40:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i7YJizTd2Te%2BLbhuzoATy2S%2Bs9bsQUYL32iP%2BufcjKtZ8Dy3tWLO1igKgKrd8P11TzYPb0zLobeJfLTU%2FboHghvFKvs90QkLEvgkQlsTeMTDIgGSfVAl%2BdNi1fP0V0y4jilpbuM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 883a9c793e578862-LHR
alt-svc: h3=":443"; ma=86400
GET

https://flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/global.js?ver=1.0

msedge.exe

Remote address:

104.21.46.54:443

Request

GET /wp-content/themes/twentyseventeen/assets/js/global.js?ver=1.0 HTTP/2.0
host: flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

date: Tue, 14 May 2024 11:40:03 GMT
content-type: text/html
content-length: 167
location: https://www.flossinseconds.com/wp-content/themes/twentyseventeen/assets/images/header.jpg
cache-control: max-age=3600
expires: Tue, 14 May 2024 12:40:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eo3EU0E0WL%2F2uFAi1EHusNqo1%2Bvs%2FDLgHNzM%2BWH14pX%2FXIXQ8TekWU5RLNqb6DSjmWTi%2F4xfpqABytaorjM0q6NCPnzuiqG8NlNt6Ix6dlMVty7FKTZW14rPhfQlZYvNFfbiAPQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 883a9c793e5a8862-LHR
alt-svc: h3=":443"; ma=86400
GET

https://flossinseconds.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.4

msedge.exe

Remote address:

104.21.46.54:443

Request

GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.4 HTTP/2.0
host: flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

date: Tue, 14 May 2024 11:40:03 GMT
content-type: text/html
content-length: 167
location: https://www.flossinseconds.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.4
cache-control: max-age=3600
expires: Tue, 14 May 2024 12:40:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=36bYStuJM1onSW8RrhwndozrABeBVNjPo5OUVZZ%2BSVquGXl0p3a9fOrLZuAnGzELKrNj2isF6SAXTT1RpynPYm8XbVVuTuzSPjgmAu9rrOgOep%2Bp52fsW%2F0RhqUTa7E%2BanjBrUQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 883a9c793e588862-LHR
alt-svc: h3=":443"; ma=86400
GET

https://flossinseconds.com/wp-content/themes/twentyseventeen/assets/images/header.jpg

msedge.exe

Remote address:

104.21.46.54:443

Request

GET /wp-content/themes/twentyseventeen/assets/images/header.jpg HTTP/2.0
host: flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

date: Tue, 14 May 2024 11:40:03 GMT
content-type: text/html
content-length: 167
location: https://www.flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2
cache-control: max-age=3600
expires: Tue, 14 May 2024 12:40:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I7ZPRCE1xy7HrjrB%2FPkCWquw5I2fgFbzD3gK41jboM22TK%2B51SRJ4mHng1yWPOOBGoXcPIjntlPXDZPWpDLoxrv%2Ba4ZYRswepo0ft1wH1EwtfVFM6Aj%2F8%2FrIplCAfPrwAHHX0sY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 883a9c793e558862-LHR
alt-svc: h3=":443"; ma=86400
DNS

www.flossinseconds.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.flossinseconds.com

IN A

Response

www.flossinseconds.com

IN CNAME

d2s2lmhnxj3jws.cloudfront.net

d2s2lmhnxj3jws.cloudfront.net

IN A

18.172.89.52

d2s2lmhnxj3jws.cloudfront.net

IN A

18.172.89.81

d2s2lmhnxj3jws.cloudfront.net

IN A

18.172.89.24

d2s2lmhnxj3jws.cloudfront.net

IN A

18.172.89.78
GET

https://www.flossinseconds.com/wp-content/themes/twentyseventeen/style.css?ver=4.9.4

msedge.exe

Remote address:

18.172.89.52:443

Request

GET /wp-content/themes/twentyseventeen/style.css?ver=4.9.4 HTTP/2.0
host: www.flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 303

content-type: text/html; charset=utf-8
content-length: 36
location: /notfound
set-cookie: _lsession=MTcxNTY4NjgwMnxEdi1CQkFFQ180SUFBUkFCRUFBQVFfLUNBQUVHYzNSeWFXNW5EQWNBQlZOVlZVbEVCbk4wY21sdVp3d21BQ1E0T0dJMU5HTXdPQzB6Wm1FMUxXWTNZV1V0WlRNeE1pMWxOV1UxWXpCaE1ESmpNVE09fOgRt2gRfeF7dhXwbto35n85tE_SYIsNGOnMXtTUm880; Path=/; Expires=Fri, 17 May 2024 11:40:02 GMT; Max-Age=259200
set-cookie: locale=en; Path=/; HttpOnly
set-cookie: uid=f2f142db-acc0-47f9-a527-2ef15b12050a; Path=/; Expires=Thu, 13 Jun 2024 11:40:02 GMT; Max-Age=2592000; HttpOnly
set-cookie: _fbp=fb.1.1715686802753.833997939; Path=/; Expires=Sun, 09 Jun 2024 17:40:02 GMT; Max-Age=604800; HttpOnly
set-cookie: publish2_publish_scheduled_time=; Path=/; HttpOnly; Secure
set-cookie: pubilsh2_publish_draft_content=false; Path=/; HttpOnly; Secure
vary: Origin
date: Tue, 14 May 2024 11:40:02 GMT
x-cache: Miss from cloudfront
via: 1.1 9bdf9e651e9c38c45493ae2dfd52e636.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: 6fVEOLkf74LX7D430cX2wDi_L7zfjoUQDE2aoRhKvdhAFR8kNGVniw==
GET

https://www.flossinseconds.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

msedge.exe

Remote address:

18.172.89.52:443

Request

GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/2.0
host: www.flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 303

content-type: text/html; charset=utf-8
content-length: 36
location: /notfound
set-cookie: _lsession=MTcxNTY4NjgwMnxEdi1CQkFFQ180SUFBUkFCRUFBQVFfLUNBQUVHYzNSeWFXNW5EQWNBQlZOVlZVbEVCbk4wY21sdVp3d21BQ1F6TmpRd05HUTBNeTAxTkdGbExUY3lZV1l0T1RneE5pMHlOakUwTjJFMU1EQm1aV1E9fBVBDCYFFpRGOmxozfJwdgtFaR4HbIX-GgjYcgNUmibv; Path=/; Expires=Fri, 17 May 2024 11:40:02 GMT; Max-Age=259200
set-cookie: locale=en; Path=/; HttpOnly
set-cookie: uid=c6b461fe-e79e-4288-80d4-9531b9c8db3d; Path=/; Expires=Thu, 13 Jun 2024 11:40:02 GMT; Max-Age=2592000; HttpOnly
set-cookie: _fbp=fb.1.1715686802753.1065660258; Path=/; Expires=Sun, 09 Jun 2024 17:40:02 GMT; Max-Age=604800; HttpOnly
set-cookie: publish2_publish_scheduled_time=; Path=/; HttpOnly; Secure
set-cookie: pubilsh2_publish_draft_content=false; Path=/; HttpOnly; Secure
vary: Origin
date: Tue, 14 May 2024 11:40:02 GMT
x-cache: Miss from cloudfront
via: 1.1 9bdf9e651e9c38c45493ae2dfd52e636.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: zUfE_Qw2DO58tqMIE_N-kPjM5MNyWMPueFqDsEZe4uYMP-F0kT-EwA==
GET

https://www.flossinseconds.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

msedge.exe

Remote address:

18.172.89.52:443

Request

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/2.0
host: www.flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 303

content-type: text/html; charset=utf-8
content-length: 36
location: /notfound
set-cookie: _lsession=MTcxNTY4NjgwMnxEdi1CQkFFQ180SUFBUkFCRUFBQVFfLUNBQUVHYzNSeWFXNW5EQWNBQlZOVlZVbEVCbk4wY21sdVp3d21BQ1EzTW1ZMU5qbGxNQzAxT1RreExUWXhNR010T0dNellpMDNNak5tTXpoaE1qSTJOR009fLRKCo4NcuN40qfYYC2RM-0Hb-Cc95O1jpGPbj6nyuWd; Path=/; Expires=Fri, 17 May 2024 11:40:02 GMT; Max-Age=259200
set-cookie: locale=en; Path=/; HttpOnly
set-cookie: uid=96abb4ce-c6ed-4357-be8a-e19fbfd93648; Path=/; Expires=Thu, 13 Jun 2024 11:40:02 GMT; Max-Age=2592000; HttpOnly
set-cookie: _fbp=fb.1.1715686802753.1097638636; Path=/; Expires=Sun, 09 Jun 2024 17:40:02 GMT; Max-Age=604800; HttpOnly
set-cookie: publish2_publish_scheduled_time=; Path=/; HttpOnly; Secure
set-cookie: pubilsh2_publish_draft_content=false; Path=/; HttpOnly; Secure
vary: Origin
date: Tue, 14 May 2024 11:40:02 GMT
x-cache: Miss from cloudfront
via: 1.1 9bdf9e651e9c38c45493ae2dfd52e636.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: Q1-LozH1CXjbAWy18jzkchbd5sh_I9yy31MKS4qUF9jKAVXR8G0F8Q==
GET

https://www.flossinseconds.com/notfound

msedge.exe

Remote address:

18.172.89.52:443

Request

GET /notfound HTTP/2.0
host: www.flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 413
content-encoding: gzip
set-cookie: _session=MTcxNTY4NjgwMnxEdi1CQkFFQ180SUFBUkFCRUFBQUxQLUNBQUVHYzNSeWFXNW5EQXNBQ1hKbGRIVnlibDkwYndaemRISnBibWNNQ3dBSkwyNXZkR1p2ZFc1a3xbnFBWZq0-v4X2liVTBHw8OgHw5bJpBbB0ZqxZnbqFIg==; Path=/; Expires=Fri, 17 May 2024 11:40:02 GMT; Max-Age=259200
set-cookie: _lsession=MTcxNTY4NjgwMnxEdi1CQkFFQ180SUFBUkFCRUFBQVFfLUNBQUVHYzNSeWFXNW5EQWNBQlZOVlZVbEVCbk4wY21sdVp3d21BQ1EzWVRsak1XVTROQzFtWkRnMExXRTFNRGd0TkRBek9DMDBaalUwT1dZeE1UVmlNbUk9fOVheFhoqU_B1YVX6ukRhmwgdmxm2RJykXcTWAkiDvkf; Path=/; Expires=Fri, 17 May 2024 11:40:02 GMT; Max-Age=259200
set-cookie: locale=en; Path=/; HttpOnly
set-cookie: uid=9f947746-7a2c-4310-ad30-291e626699d8; Path=/; Expires=Thu, 13 Jun 2024 11:40:02 GMT; Max-Age=2592000; HttpOnly
set-cookie: _fbp=fb.1.1715686802928.1152373628; Path=/; Expires=Sun, 09 Jun 2024 17:40:02 GMT; Max-Age=604800; HttpOnly
set-cookie: publish2_publish_scheduled_time=; Path=/; HttpOnly; Secure
set-cookie: pubilsh2_publish_draft_content=false; Path=/; HttpOnly; Secure
vary: Origin
date: Tue, 14 May 2024 11:40:02 GMT
x-cache: Miss from cloudfront
via: 1.1 9bdf9e651e9c38c45493ae2dfd52e636.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: yVzeyVaMBkfJ9ZEiggWX6wcstVxbFd7nPbgw060f5AfYU0omT3JUUw==
GET

https://www.flossinseconds.com/notfound

msedge.exe

Remote address:

18.172.89.52:443

Request

GET /notfound HTTP/2.0
host: www.flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 413
content-encoding: gzip
set-cookie: _session=MTcxNTY4NjgwM3xEdi1CQkFFQ180SUFBUkFCRUFBQUxQLUNBQUVHYzNSeWFXNW5EQXNBQ1hKbGRIVnlibDkwYndaemRISnBibWNNQ3dBSkwyNXZkR1p2ZFc1a3zqazY7jG_L0-FC7sArmfBY2ATrdCKSUC7Tpsrlu48_tg==; Path=/; Expires=Fri, 17 May 2024 11:40:03 GMT; Max-Age=259200
set-cookie: _lsession=MTcxNTY4NjgwM3xEdi1CQkFFQ180SUFBUkFCRUFBQVFfLUNBQUVHYzNSeWFXNW5EQWNBQlZOVlZVbEVCbk4wY21sdVp3d21BQ1JpTlRVd05tUTFZeTAxWkdNMExUazFZamt0WkdWallTMHpNVGRqTWpRMVlUVmtabVE9fLsFFbtjeraT4yuM-gRDxF75SgAu-8rxbhiOssi_pE10; Path=/; Expires=Fri, 17 May 2024 11:40:03 GMT; Max-Age=259200
set-cookie: locale=en; Path=/; HttpOnly
set-cookie: uid=b226f162-0a3b-412e-9cbe-495354522a2a; Path=/; Expires=Thu, 13 Jun 2024 11:40:03 GMT; Max-Age=2592000; HttpOnly
set-cookie: _fbp=fb.1.1715686803110.1125849852; Path=/; Expires=Sun, 09 Jun 2024 17:40:03 GMT; Max-Age=604800; HttpOnly
set-cookie: publish2_publish_scheduled_time=; Path=/; HttpOnly; Secure
set-cookie: pubilsh2_publish_draft_content=false; Path=/; HttpOnly; Secure
vary: Origin
date: Tue, 14 May 2024 11:40:03 GMT
x-cache: Miss from cloudfront
via: 1.1 9bdf9e651e9c38c45493ae2dfd52e636.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: eAZw1oHcqCGerFOxr3pdS_CAIN-IDmX_pOp5jW4JQ1g9Lb1wrGG99A==
GET

https://www.flossinseconds.com/notfound

msedge.exe

Remote address:

18.172.89.52:443

Request

GET /notfound HTTP/2.0
host: www.flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 413
content-encoding: gzip
set-cookie: _session=MTcxNTY4NjgwM3xEdi1CQkFFQ180SUFBUkFCRUFBQUxQLUNBQUVHYzNSeWFXNW5EQXNBQ1hKbGRIVnlibDkwYndaemRISnBibWNNQ3dBSkwyNXZkR1p2ZFc1a3zqazY7jG_L0-FC7sArmfBY2ATrdCKSUC7Tpsrlu48_tg==; Path=/; Expires=Fri, 17 May 2024 11:40:03 GMT; Max-Age=259200
set-cookie: _lsession=MTcxNTY4NjgwM3xEdi1CQkFFQ180SUFBUkFCRUFBQVFfLUNBQUVHYzNSeWFXNW5EQWNBQlZOVlZVbEVCbk4wY21sdVp3d21BQ1F4TWpRNU5XUmlPUzFsTldKaUxXRTRZV1l0TldNMk1DMWpOekpoWWpCak9EQXdNREE9fO8nUpoZ8S2CVcn2PPG_NF7aOvomTLrDkEUuOrJYnktW; Path=/; Expires=Fri, 17 May 2024 11:40:03 GMT; Max-Age=259200
set-cookie: locale=en; Path=/; HttpOnly
set-cookie: uid=11903754-debc-4d52-b3e5-16c79c9a5033; Path=/; Expires=Thu, 13 Jun 2024 11:40:03 GMT; Max-Age=2592000; HttpOnly
set-cookie: _fbp=fb.1.1715686803217.790730759; Path=/; Expires=Sun, 09 Jun 2024 17:40:03 GMT; Max-Age=604800; HttpOnly
set-cookie: publish2_publish_scheduled_time=; Path=/; HttpOnly; Secure
set-cookie: pubilsh2_publish_draft_content=false; Path=/; HttpOnly; Secure
vary: Origin
date: Tue, 14 May 2024 11:40:03 GMT
x-cache: Miss from cloudfront
via: 1.1 9bdf9e651e9c38c45493ae2dfd52e636.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: bwGCg1DvQNOrujRsyHqzJ6kDDJzEeKO27xMDoBadC5qVVVcQjwUgYg==
GET

https://www.flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=1.0

msedge.exe

Remote address:

18.172.89.52:443

Request

GET /wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=1.0 HTTP/2.0
host: www.flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 303

content-type: text/html; charset=utf-8
content-length: 36
location: /notfound
set-cookie: _lsession=MTcxNTY4NjgwM3xEdi1CQkFFQ180SUFBUkFCRUFBQVFfLUNBQUVHYzNSeWFXNW5EQWNBQlZOVlZVbEVCbk4wY21sdVp3d21BQ1JrWkRZek4yTmlOeTFtTm1FNExUTXpaR1l0T0dZeVpTMHhNRE5oTVRFMk1UWmpOelU9fCTQDKaHu24odWDaabNnmOnO_HTOI-twYLUnkkiKQLqm; Path=/; Expires=Fri, 17 May 2024 11:40:03 GMT; Max-Age=259200
set-cookie: locale=en; Path=/; HttpOnly
set-cookie: uid=171f3b4e-1bbf-44a7-9d7b-4091867dd37b; Path=/; Expires=Thu, 13 Jun 2024 11:40:03 GMT; Max-Age=2592000; HttpOnly
set-cookie: _fbp=fb.1.1715686803269.831340884; Path=/; Expires=Sun, 09 Jun 2024 17:40:03 GMT; Max-Age=604800; HttpOnly
set-cookie: publish2_publish_scheduled_time=; Path=/; HttpOnly; Secure
set-cookie: pubilsh2_publish_draft_content=false; Path=/; HttpOnly; Secure
vary: Origin
date: Tue, 14 May 2024 11:40:03 GMT
x-cache: Miss from cloudfront
via: 1.1 9bdf9e651e9c38c45493ae2dfd52e636.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: 5PLOGubKuviuoN2fhsgrc_sk3-L_6A610AHgRMENkC89j3HOQq8WAA==
GET

https://www.flossinseconds.com/notfound

msedge.exe

Remote address:

18.172.89.52:443

Request

GET /notfound HTTP/2.0
host: www.flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 413
content-encoding: gzip
set-cookie: _session=MTcxNTY4NjgwM3xEdi1CQkFFQ180SUFBUkFCRUFBQUxQLUNBQUVHYzNSeWFXNW5EQXNBQ1hKbGRIVnlibDkwYndaemRISnBibWNNQ3dBSkwyNXZkR1p2ZFc1a3zqazY7jG_L0-FC7sArmfBY2ATrdCKSUC7Tpsrlu48_tg==; Path=/; Expires=Fri, 17 May 2024 11:40:03 GMT; Max-Age=259200
set-cookie: _lsession=MTcxNTY4NjgwM3xEdi1CQkFFQ180SUFBUkFCRUFBQVFfLUNBQUVHYzNSeWFXNW5EQWNBQlZOVlZVbEVCbk4wY21sdVp3d21BQ1JpTmpaaU5tVXhNaTB4TVROaUxUbGlNVEl0T1dSa01DMHpPREkzWkRrME0yVmpaR1E9fIT7sd7hcqxu6YuVbjYRpCMThq5TzigLBPI43P6WHPZk; Path=/; Expires=Fri, 17 May 2024 11:40:03 GMT; Max-Age=259200
set-cookie: locale=en; Path=/; HttpOnly
set-cookie: uid=2c233ac6-29a2-4202-ab52-d5ef00b3160e; Path=/; Expires=Thu, 13 Jun 2024 11:40:03 GMT; Max-Age=2592000; HttpOnly
set-cookie: _fbp=fb.1.1715686803512.512411459; Path=/; Expires=Sun, 09 Jun 2024 17:40:03 GMT; Max-Age=604800; HttpOnly
set-cookie: publish2_publish_scheduled_time=; Path=/; HttpOnly; Secure
set-cookie: pubilsh2_publish_draft_content=false; Path=/; HttpOnly; Secure
vary: Origin
date: Tue, 14 May 2024 11:40:03 GMT
x-cache: Miss from cloudfront
via: 1.1 9bdf9e651e9c38c45493ae2dfd52e636.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: TPJm3I1dh_kh28nDn20hij3gMmZky-c0cM8lWR747ZBKCQ0gNxtfFg==
GET

https://www.flossinseconds.com/wp-includes/js/wp-embed.min.js?ver=4.9.4

msedge.exe

Remote address:

18.172.89.52:443

Request

GET /wp-includes/js/wp-embed.min.js?ver=4.9.4 HTTP/2.0
host: www.flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 303

content-type: text/html; charset=utf-8
content-length: 36
location: /notfound
set-cookie: _lsession=MTcxNTY4NjgwM3xEdi1CQkFFQ180SUFBUkFCRUFBQVFfLUNBQUVHYzNSeWFXNW5EQWNBQlZOVlZVbEVCbk4wY21sdVp3d21BQ1JpWVdaaVpUYzVNQzB3TkRKbExXRXhaVGN0WVRZNVlpMDVPVE01Tm1FM1ptTTBaRGs9fBbC_pIdqdhqqP1PZh3MFdXoouonKbsrveJgz7_Zk3_o; Path=/; Expires=Fri, 17 May 2024 11:40:03 GMT; Max-Age=259200
set-cookie: locale=en; Path=/; HttpOnly
set-cookie: uid=4fdfe80c-b194-4c22-8d1b-d4772bd8c3a8; Path=/; Expires=Thu, 13 Jun 2024 11:40:03 GMT; Max-Age=2592000; HttpOnly
set-cookie: _fbp=fb.1.1715686803542.1208966286; Path=/; Expires=Sun, 09 Jun 2024 17:40:03 GMT; Max-Age=604800; HttpOnly
set-cookie: publish2_publish_scheduled_time=; Path=/; HttpOnly; Secure
set-cookie: pubilsh2_publish_draft_content=false; Path=/; HttpOnly; Secure
vary: Origin
date: Tue, 14 May 2024 11:40:03 GMT
x-cache: Miss from cloudfront
via: 1.1 9bdf9e651e9c38c45493ae2dfd52e636.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: wlC_v4wGBl4XYSM6-2JIyB7t4Kbx2lEvpgd5QOGyx3n9lxkGYjzZ9A==
GET

https://www.flossinseconds.com/wp-content/themes/twentyseventeen/assets/images/header.jpg

msedge.exe

Remote address:

18.172.89.52:443

Request

GET /wp-content/themes/twentyseventeen/assets/images/header.jpg HTTP/2.0
host: www.flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 303

content-type: text/html; charset=utf-8
content-length: 36
location: /notfound
set-cookie: _lsession=MTcxNTY4NjgwM3xEdi1CQkFFQ180SUFBUkFCRUFBQVFfLUNBQUVHYzNSeWFXNW5EQWNBQlZOVlZVbEVCbk4wY21sdVp3d21BQ1JtT0dObU9HSmtaQzFtTmpJNExXRTBNVGd0WVRBME1DMHpPRGRtTVRCak4yWmtNamM9fHvA_Zl9lt_6Kaze9gGpKCf5M3Fzh79lKYt81od2ZbPQ; Path=/; Expires=Fri, 17 May 2024 11:40:03 GMT; Max-Age=259200
set-cookie: locale=en; Path=/; HttpOnly
set-cookie: uid=22400f08-130e-4823-9c2f-4271aa85acd8; Path=/; Expires=Thu, 13 Jun 2024 11:40:03 GMT; Max-Age=2592000; HttpOnly
set-cookie: _fbp=fb.1.1715686803545.1223367104; Path=/; Expires=Sun, 09 Jun 2024 17:40:03 GMT; Max-Age=604800; HttpOnly
set-cookie: publish2_publish_scheduled_time=; Path=/; HttpOnly; Secure
set-cookie: pubilsh2_publish_draft_content=false; Path=/; HttpOnly; Secure
vary: Origin
date: Tue, 14 May 2024 11:40:03 GMT
x-cache: Miss from cloudfront
via: 1.1 9bdf9e651e9c38c45493ae2dfd52e636.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: n0IqDyP7lYBU-wx--WDyjdcsZ1eNu7p99fYq7WdEYJcwReYhi_qVJw==
GET

https://www.flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/global.js?ver=1.0

msedge.exe

Remote address:

18.172.89.52:443

Request

GET /wp-content/themes/twentyseventeen/assets/js/global.js?ver=1.0 HTTP/2.0
host: www.flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 303

content-type: text/html; charset=utf-8
content-length: 36
location: /notfound
set-cookie: _lsession=MTcxNTY4NjgwM3xEdi1CQkFFQ180SUFBUkFCRUFBQVFfLUNBQUVHYzNSeWFXNW5EQWNBQlZOVlZVbEVCbk4wY21sdVp3d21BQ1JoT1RRNE5XUmpZUzFoT0dJekxUTTJNREF0TVdZNVppMDBOakZoTnpNMk5XTTVPVE09fAyg21OKeHbTIQFcD_MxOlkFCerMhBXwBfa3INNDqxnn; Path=/; Expires=Fri, 17 May 2024 11:40:03 GMT; Max-Age=259200
set-cookie: locale=en; Path=/; HttpOnly
set-cookie: uid=199b75ef-d500-4957-89d8-46665cc4a31c; Path=/; Expires=Thu, 13 Jun 2024 11:40:03 GMT; Max-Age=2592000; HttpOnly
set-cookie: _fbp=fb.1.1715686803545.1094512496; Path=/; Expires=Sun, 09 Jun 2024 17:40:03 GMT; Max-Age=604800; HttpOnly
set-cookie: publish2_publish_scheduled_time=; Path=/; HttpOnly; Secure
set-cookie: pubilsh2_publish_draft_content=false; Path=/; HttpOnly; Secure
vary: Origin
date: Tue, 14 May 2024 11:40:03 GMT
x-cache: Miss from cloudfront
via: 1.1 9bdf9e651e9c38c45493ae2dfd52e636.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: czhPVsWQ5fIkdWMHHdfdu6fnw26HVxBn7X495G5B7UUlaNtFG2SANQ==
GET

https://www.flossinseconds.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.4

msedge.exe

Remote address:

18.172.89.52:443

Request

GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.4 HTTP/2.0
host: www.flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 303

content-type: text/html; charset=utf-8
content-length: 36
location: /notfound
set-cookie: _lsession=MTcxNTY4NjgwM3xEdi1CQkFFQ180SUFBUkFCRUFBQVFfLUNBQUVHYzNSeWFXNW5EQWNBQlZOVlZVbEVCbk4wY21sdVp3d21BQ1F6TlRReU9HWmhZUzAzWWpNM0xXWm1PRE10WVdGaU5TMDNPVGd3T1RBNVpXTmxObVU9fAUsAe75_MrlBPyX8wa5JuvGIB0pUWCsOHWkMLHxlh_x; Path=/; Expires=Fri, 17 May 2024 11:40:03 GMT; Max-Age=259200
set-cookie: locale=en; Path=/; HttpOnly
set-cookie: uid=0e8ec031-79ea-463e-8877-1b4874cd5c35; Path=/; Expires=Thu, 13 Jun 2024 11:40:03 GMT; Max-Age=2592000; HttpOnly
set-cookie: _fbp=fb.1.1715686803546.722921456; Path=/; Expires=Sun, 09 Jun 2024 17:40:03 GMT; Max-Age=604800; HttpOnly
set-cookie: publish2_publish_scheduled_time=; Path=/; HttpOnly; Secure
set-cookie: pubilsh2_publish_draft_content=false; Path=/; HttpOnly; Secure
vary: Origin
date: Tue, 14 May 2024 11:40:03 GMT
x-cache: Miss from cloudfront
via: 1.1 9bdf9e651e9c38c45493ae2dfd52e636.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: 0aNSAwJrlEq0VRVicAyzZ3zn_K6-5vWYznEzN3ibWOgwM_md9wwt0w==
GET

https://www.flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2

msedge.exe

Remote address:

18.172.89.52:443

Request

GET /wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2 HTTP/2.0
host: www.flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 303

content-type: text/html; charset=utf-8
content-length: 36
location: /notfound
set-cookie: _lsession=MTcxNTY4NjgwM3xEdi1CQkFFQ180SUFBUkFCRUFBQVFfLUNBQUVHYzNSeWFXNW5EQWNBQlZOVlZVbEVCbk4wY21sdVp3d21BQ1EwTnpNNU5XSXpaQzFsTVRVMExUUTJOakV0WVdFM09TMDVZMlk0WXpjMFlqUTRNbUU9fNntyScGqxshXjyV6Cu_76eTa0tw7JopE99e8e_U6gtG; Path=/; Expires=Fri, 17 May 2024 11:40:03 GMT; Max-Age=259200
set-cookie: locale=en; Path=/; HttpOnly
set-cookie: uid=2d9a3545-c99e-41e4-8060-b3c8eaa4f22d; Path=/; Expires=Thu, 13 Jun 2024 11:40:03 GMT; Max-Age=2592000; HttpOnly
set-cookie: _fbp=fb.1.1715686803546.1150433201; Path=/; Expires=Sun, 09 Jun 2024 17:40:03 GMT; Max-Age=604800; HttpOnly
set-cookie: publish2_publish_scheduled_time=; Path=/; HttpOnly; Secure
set-cookie: pubilsh2_publish_draft_content=false; Path=/; HttpOnly; Secure
vary: Origin
date: Tue, 14 May 2024 11:40:03 GMT
x-cache: Miss from cloudfront
via: 1.1 9bdf9e651e9c38c45493ae2dfd52e636.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: qrCkyvwUDEXDy8nwZuHPrAR9w6rtMLIQs8I3CF85WQ7VcZ9ej-YIrg==
GET

https://www.flossinseconds.com/notfound

msedge.exe

Remote address:

18.172.89.52:443

Request

GET /notfound HTTP/2.0
host: www.flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 413
content-encoding: gzip
set-cookie: _session=MTcxNTY4NjgwM3xEdi1CQkFFQ180SUFBUkFCRUFBQUxQLUNBQUVHYzNSeWFXNW5EQXNBQ1hKbGRIVnlibDkwYndaemRISnBibWNNQ3dBSkwyNXZkR1p2ZFc1a3zqazY7jG_L0-FC7sArmfBY2ATrdCKSUC7Tpsrlu48_tg==; Path=/; Expires=Fri, 17 May 2024 11:40:03 GMT; Max-Age=259200
set-cookie: _lsession=MTcxNTY4NjgwM3xEdi1CQkFFQ180SUFBUkFCRUFBQVFfLUNBQUVHYzNSeWFXNW5EQWNBQlZOVlZVbEVCbk4wY21sdVp3d21BQ1F5WVRZNFpXSTVNaTFqT0RnM0xUUTFPR1V0Tmpjek15MDROV1EyWXpBM01UY3lOVEk9fGxY0ovC8zGx84qBTjYLGxblM4e7X0ZNGrhiLtWhJYeX; Path=/; Expires=Fri, 17 May 2024 11:40:03 GMT; Max-Age=259200
set-cookie: locale=en; Path=/; HttpOnly
set-cookie: uid=a26628bf-f519-463d-b6d1-7cea2a97d2f2; Path=/; Expires=Thu, 13 Jun 2024 11:40:03 GMT; Max-Age=2592000; HttpOnly
set-cookie: _fbp=fb.1.1715686803642.791965575; Path=/; Expires=Sun, 09 Jun 2024 17:40:03 GMT; Max-Age=604800; HttpOnly
set-cookie: publish2_publish_scheduled_time=; Path=/; HttpOnly; Secure
set-cookie: pubilsh2_publish_draft_content=false; Path=/; HttpOnly; Secure
vary: Origin
date: Tue, 14 May 2024 11:40:03 GMT
x-cache: Miss from cloudfront
via: 1.1 9bdf9e651e9c38c45493ae2dfd52e636.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: DE7Bnf_CyejQgqvvpYc_gy_ymbuMsVXWI8lAjm_UhHnPIpYiKevTXg==
GET

https://www.flossinseconds.com/notfound

msedge.exe

Remote address:

18.172.89.52:443

Request

GET /notfound HTTP/2.0
host: www.flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 413
content-encoding: gzip
set-cookie: _session=MTcxNTY4NjgwM3xEdi1CQkFFQ180SUFBUkFCRUFBQUxQLUNBQUVHYzNSeWFXNW5EQXNBQ1hKbGRIVnlibDkwYndaemRISnBibWNNQ3dBSkwyNXZkR1p2ZFc1a3zqazY7jG_L0-FC7sArmfBY2ATrdCKSUC7Tpsrlu48_tg==; Path=/; Expires=Fri, 17 May 2024 11:40:03 GMT; Max-Age=259200
set-cookie: _lsession=MTcxNTY4NjgwM3xEdi1CQkFFQ180SUFBUkFCRUFBQVFfLUNBQUVHYzNSeWFXNW5EQWNBQlZOVlZVbEVCbk4wY21sdVp3d21BQ1EwTWpFd04yWXdOaTAzTXpkaUxXRTVOV0V0TVRWaE1DMHdaams1T1dFd05EUTFNek09fFJKxJLSvlSuhgjQPLBURbyXGb6lhEbnd7O441w73k_X; Path=/; Expires=Fri, 17 May 2024 11:40:03 GMT; Max-Age=259200
set-cookie: locale=en; Path=/; HttpOnly
set-cookie: uid=5cc32f64-e243-41d4-897f-7502afa685c9; Path=/; Expires=Thu, 13 Jun 2024 11:40:03 GMT; Max-Age=2592000; HttpOnly
set-cookie: _fbp=fb.1.1715686803748.1120490132; Path=/; Expires=Sun, 09 Jun 2024 17:40:03 GMT; Max-Age=604800; HttpOnly
set-cookie: publish2_publish_scheduled_time=; Path=/; HttpOnly; Secure
set-cookie: pubilsh2_publish_draft_content=false; Path=/; HttpOnly; Secure
vary: Origin
date: Tue, 14 May 2024 11:40:03 GMT
x-cache: Miss from cloudfront
via: 1.1 9bdf9e651e9c38c45493ae2dfd52e636.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: 9pndOGi7q9Q78xI4d6zfeRciAZnyQAwEjbY9GIniyL7ULAnhsJU1Hw==
GET

https://www.flossinseconds.com/notfound

msedge.exe

Remote address:

18.172.89.52:443

Request

GET /notfound HTTP/2.0
host: www.flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 413
content-encoding: gzip
set-cookie: _session=MTcxNTY4NjgwM3xEdi1CQkFFQ180SUFBUkFCRUFBQUxQLUNBQUVHYzNSeWFXNW5EQXNBQ1hKbGRIVnlibDkwYndaemRISnBibWNNQ3dBSkwyNXZkR1p2ZFc1a3zqazY7jG_L0-FC7sArmfBY2ATrdCKSUC7Tpsrlu48_tg==; Path=/; Expires=Fri, 17 May 2024 11:40:03 GMT; Max-Age=259200
set-cookie: _lsession=MTcxNTY4NjgwM3xEdi1CQkFFQ180SUFBUkFCRUFBQVFfLUNBQUVHYzNSeWFXNW5EQWNBQlZOVlZVbEVCbk4wY21sdVp3d21BQ1ExT1RsbVpqZzBOUzB4TlRjNExUSTVZbVl0TTJFek1DMDBPV1F5T1dObU9EWXhaV1U9fJw7Fisz44_D9NyvmwmbqoK5Z6W4yEqU6vs6o3g3Pv4n; Path=/; Expires=Fri, 17 May 2024 11:40:03 GMT; Max-Age=259200
set-cookie: locale=en; Path=/; HttpOnly
set-cookie: uid=0a85e3c3-f0f4-4542-8034-cf965d2fb448; Path=/; Expires=Thu, 13 Jun 2024 11:40:03 GMT; Max-Age=2592000; HttpOnly
set-cookie: _fbp=fb.1.1715686803854.1078765107; Path=/; Expires=Sun, 09 Jun 2024 17:40:03 GMT; Max-Age=604800; HttpOnly
set-cookie: publish2_publish_scheduled_time=; Path=/; HttpOnly; Secure
set-cookie: pubilsh2_publish_draft_content=false; Path=/; HttpOnly; Secure
vary: Origin
date: Tue, 14 May 2024 11:40:03 GMT
x-cache: Miss from cloudfront
via: 1.1 9bdf9e651e9c38c45493ae2dfd52e636.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: 6earymREO11Se3_4IiIMr5dlzh38f2X3t8Z4nYjksWslz-0EG-_X3g==
GET

https://www.flossinseconds.com/notfound

msedge.exe

Remote address:

18.172.89.52:443

Request

GET /notfound HTTP/2.0
host: www.flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 413
content-encoding: gzip
set-cookie: _session=MTcxNTY4NjgwM3xEdi1CQkFFQ180SUFBUkFCRUFBQUxQLUNBQUVHYzNSeWFXNW5EQXNBQ1hKbGRIVnlibDkwYndaemRISnBibWNNQ3dBSkwyNXZkR1p2ZFc1a3zqazY7jG_L0-FC7sArmfBY2ATrdCKSUC7Tpsrlu48_tg==; Path=/; Expires=Fri, 17 May 2024 11:40:03 GMT; Max-Age=259200
set-cookie: _lsession=MTcxNTY4NjgwM3xEdi1CQkFFQ180SUFBUkFCRUFBQVFfLUNBQUVHYzNSeWFXNW5EQWNBQlZOVlZVbEVCbk4wY21sdVp3d21BQ1EyT1dReU1ERTJOaTB3TmpBeExXWTFOR010WVdZNVppMDFPR1l4WVRrek4yUXlaR009fEpYSsuytNHAM0DDc5rtR9HFoCiYgGF4EVycaMJ8yhO-; Path=/; Expires=Fri, 17 May 2024 11:40:03 GMT; Max-Age=259200
set-cookie: locale=en; Path=/; HttpOnly
set-cookie: uid=8fd328d4-bcbc-4637-a4d6-1dff5bdf362d; Path=/; Expires=Thu, 13 Jun 2024 11:40:03 GMT; Max-Age=2592000; HttpOnly
set-cookie: _fbp=fb.1.1715686803966.1284030038; Path=/; Expires=Sun, 09 Jun 2024 17:40:03 GMT; Max-Age=604800; HttpOnly
set-cookie: publish2_publish_scheduled_time=; Path=/; HttpOnly; Secure
set-cookie: pubilsh2_publish_draft_content=false; Path=/; HttpOnly; Secure
vary: Origin
date: Tue, 14 May 2024 11:40:03 GMT
x-cache: Miss from cloudfront
via: 1.1 9bdf9e651e9c38c45493ae2dfd52e636.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: JP8wOHup0-qwcXxUfzeYWuziywnctszxDvGossACxLY2I6qMDbE04Q==
GET

https://www.flossinseconds.com/notfound

msedge.exe

Remote address:

18.172.89.52:443

Request

GET /notfound HTTP/2.0
host: www.flossinseconds.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 413
content-encoding: gzip
set-cookie: _session=MTcxNTY4NjgwNHxEdi1CQkFFQ180SUFBUkFCRUFBQUxQLUNBQUVHYzNSeWFXNW5EQXNBQ1hKbGRIVnlibDkwYndaemRISnBibWNNQ3dBSkwyNXZkR1p2ZFc1a3wvG704xMe49RfSrLD1LcyCLsw8W6TLFMyWr34xTEA7Qw==; Path=/; Expires=Fri, 17 May 2024 11:40:04 GMT; Max-Age=259200
set-cookie: _lsession=MTcxNTY4NjgwNHxEdi1CQkFFQ180SUFBUkFCRUFBQVFfLUNBQUVHYzNSeWFXNW5EQWNBQlZOVlZVbEVCbk4wY21sdVp3d21BQ1EyTWpKbVpUUmpaQzAwWXpaaExXSmlPV0l0TWpVeFlpMWlOVGd3TUdWaE9HTXhZekE9fFt8pmDuMobLiAbpS7qCwgg_6UILeekFeJrXOv4r_TpQ; Path=/; Expires=Fri, 17 May 2024 11:40:04 GMT; Max-Age=259200
set-cookie: locale=en; Path=/; HttpOnly
set-cookie: uid=313d0b28-9599-415a-bf9a-3f1c82cb7868; Path=/; Expires=Thu, 13 Jun 2024 11:40:04 GMT; Max-Age=2592000; HttpOnly
set-cookie: _fbp=fb.1.1715686804072.548957905; Path=/; Expires=Sun, 09 Jun 2024 17:40:04 GMT; Max-Age=604800; HttpOnly
set-cookie: publish2_publish_scheduled_time=; Path=/; HttpOnly; Secure
set-cookie: pubilsh2_publish_draft_content=false; Path=/; HttpOnly; Secure
vary: Origin
date: Tue, 14 May 2024 11:40:04 GMT
x-cache: Miss from cloudfront
via: 1.1 9bdf9e651e9c38c45493ae2dfd52e636.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN51-P1
x-amz-cf-id: 6VfK0KCkdSEXOKwPcsUFMCQ0Oy9wQO7FHVg45s0iHaZ_AHm1v_92vg==
DNS

69.31.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

69.31.126.40.in-addr.arpa

IN PTR

Response
DNS

163.20.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

163.20.217.172.in-addr.arpa

IN PTR

Response

163.20.217.172.in-addr.arpa

IN PTR

waw02s07-in-f1631e100net

163.20.217.172.in-addr.arpa

IN PTR

par10s49-in-f3�J

163.20.217.172.in-addr.arpa

IN PTR

waw02s07-in-f3�J
DNS

138.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

138.178.250.142.in-addr.arpa

IN PTR

Response

138.178.250.142.in-addr.arpa

IN PTR

par21s22-in-f101e100net
DNS

54.46.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

54.46.21.104.in-addr.arpa

IN PTR

Response
GET

http://flossinseconds.com/wp-content/themes/twentyseventeen/assets/images/header.jpg

msedge.exe

Remote address:

104.21.46.54:80

Request

GET /wp-content/themes/twentyseventeen/assets/images/header.jpg HTTP/1.1
Host: flossinseconds.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Date: Tue, 14 May 2024 11:40:03 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 14 May 2024 12:40:03 GMT
Location: https://flossinseconds.com/wp-content/themes/twentyseventeen/assets/images/header.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PNjTalmkkCqTVoNi8ijSyx0QCL8%2Ff9L7eqym8iArqSTQxfSVRyUiWeiVopfu8y4Z5HoebY%2F6fkLbkU8kA4SZJwA04TOPDQn9zM6cRWssRfCIvt3smp2yC%2BNlSCn0G3ShpaD4pAo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 883a9c78afb32406-LHR
alt-svc: h3=":443"; ma=86400
GET

http://flossinseconds.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.4

msedge.exe

Remote address:

104.21.46.54:80

Request

GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.4 HTTP/1.1
Host: flossinseconds.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Date: Tue, 14 May 2024 11:40:03 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 14 May 2024 12:40:03 GMT
Location: https://flossinseconds.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.4
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j5tJahaZZ1pHRJ%2BtH%2Bbhhsv%2BKyqKxYnfGLtd4cV3801iE4WR7JG3WuThGlf%2BaRkvCkdZ4Kwv9e8d9AEiknKmLCcOAyzStdEeWnbfSli42fGH%2BQa7HY8VjbPUi%2BWTUtNWaursQeQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 883a9c78aa1f4188-LHR
alt-svc: h3=":443"; ma=86400
DNS

52.89.172.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

52.89.172.18.in-addr.arpa

IN PTR

Response

52.89.172.18.in-addr.arpa

IN PTR

server-18-172-89-52man51r cloudfrontnet
DNS

55.81.224.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

55.81.224.13.in-addr.arpa

IN PTR

Response

55.81.224.13.in-addr.arpa

IN PTR

server-13-224-81-55man50r cloudfrontnet
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
GET

https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

Remote address:

88.221.83.224:443

Request

GET /th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90 HTTP/2.0
host: www.bing.com
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1107
date: Tue, 14 May 2024 11:40:04 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.dc53dd58.1715686804.26b2d840
DNS

26.35.223.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.35.223.20.in-addr.arpa

IN PTR

Response
DNS

224.83.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

224.83.221.88.in-addr.arpa

IN PTR

Response

224.83.221.88.in-addr.arpa

IN PTR

a88-221-83-224deploystaticakamaitechnologiescom
DNS

86.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

86.23.85.13.in-addr.arpa

IN PTR

Response
DNS

56.126.166.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.126.166.20.in-addr.arpa

IN PTR

Response
DNS

11.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.227.111.52.in-addr.arpa

IN PTR

Response
DNS

91.65.42.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

91.65.42.20.in-addr.arpa

IN PTR

Response

104.21.46.54:80

http://flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/global.js?ver=1.0

http

msedge.exe

1.6kB
3.1kB
12
9

HTTP Request

GET http://flossinseconds.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

HTTP Response

301

HTTP Request

GET http://flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=1.0

HTTP Response

301

HTTP Request

GET http://flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/global.js?ver=1.0

HTTP Response

301
104.21.46.54:80

http://flossinseconds.com/wp-includes/js/wp-embed.min.js?ver=4.9.4

http

msedge.exe

1.2kB
2.1kB
10
7

HTTP Request

GET http://flossinseconds.com/wp-content/themes/twentyseventeen/style.css?ver=4.9.4

HTTP Response

301

HTTP Request

GET http://flossinseconds.com/wp-includes/js/wp-embed.min.js?ver=4.9.4

HTTP Response

301
104.21.46.54:80

http://flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2

http

msedge.exe

1.2kB
2.1kB
10
7

HTTP Request

GET http://flossinseconds.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

HTTP Response

301

HTTP Request

GET http://flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2

HTTP Response

301
104.21.46.54:443

https://flossinseconds.com/wp-content/themes/twentyseventeen/assets/images/header.jpg

tls, http2

msedge.exe

3.4kB
12.0kB
37
41

HTTP Request

GET https://flossinseconds.com/wp-content/themes/twentyseventeen/style.css?ver=4.9.4

HTTP Request

GET https://flossinseconds.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

HTTP Request

GET https://flossinseconds.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

HTTP Response

301

HTTP Response

301

HTTP Response

301

HTTP Request

GET https://flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=1.0

HTTP Response

301

HTTP Request

GET https://flossinseconds.com/wp-includes/js/wp-embed.min.js?ver=4.9.4

HTTP Request

GET https://flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2

HTTP Request

GET https://flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/global.js?ver=1.0

HTTP Request

GET https://flossinseconds.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.4

HTTP Request

GET https://flossinseconds.com/wp-content/themes/twentyseventeen/assets/images/header.jpg

HTTP Response

301

HTTP Response

301

HTTP Response

301

HTTP Response

301

HTTP Response

301
104.21.46.54:443

flossinseconds.com

tls

msedge.exe

943 B
4.6kB
8
7
104.21.46.54:443

flossinseconds.com

tls

msedge.exe

931 B
4.6kB
9
7
18.172.89.52:443

www.flossinseconds.com

tls, http2

msedge.exe

1.1kB
6.2kB
11
11
18.172.89.52:443

www.flossinseconds.com

tls, http2

msedge.exe

1.1kB
6.2kB
11
11
18.172.89.52:443

https://www.flossinseconds.com/notfound

tls, http2

msedge.exe

4.8kB
30.1kB
56
72

HTTP Request

GET https://www.flossinseconds.com/wp-content/themes/twentyseventeen/style.css?ver=4.9.4

HTTP Request

GET https://www.flossinseconds.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

HTTP Request

GET https://www.flossinseconds.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

HTTP Response

303

HTTP Response

303

HTTP Response

303

HTTP Request

GET https://www.flossinseconds.com/notfound

HTTP Response

200

HTTP Request

GET https://www.flossinseconds.com/notfound

HTTP Response

200

HTTP Request

GET https://www.flossinseconds.com/notfound

HTTP Request

GET https://www.flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=1.0

HTTP Response

200

HTTP Response

303

HTTP Request

GET https://www.flossinseconds.com/notfound

HTTP Request

GET https://www.flossinseconds.com/wp-includes/js/wp-embed.min.js?ver=4.9.4

HTTP Request

GET https://www.flossinseconds.com/wp-content/themes/twentyseventeen/assets/images/header.jpg

HTTP Request

GET https://www.flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/global.js?ver=1.0

HTTP Request

GET https://www.flossinseconds.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.4

HTTP Request

GET https://www.flossinseconds.com/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2

HTTP Response

200

HTTP Response

303

HTTP Request

GET https://www.flossinseconds.com/notfound

HTTP Response

303

HTTP Response

303

HTTP Response

303

HTTP Response

303

HTTP Response

200

HTTP Request

GET https://www.flossinseconds.com/notfound

HTTP Response

200

HTTP Request

GET https://www.flossinseconds.com/notfound

HTTP Response

200

HTTP Request

GET https://www.flossinseconds.com/notfound

HTTP Response

200

HTTP Request

GET https://www.flossinseconds.com/notfound

HTTP Response

200
104.21.46.54:80

http://flossinseconds.com/wp-content/themes/twentyseventeen/assets/images/header.jpg

http

msedge.exe

775 B
1.2kB
8
6

HTTP Request

GET http://flossinseconds.com/wp-content/themes/twentyseventeen/assets/images/header.jpg

HTTP Response

301
104.21.46.54:80

http://flossinseconds.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.4

http

msedge.exe

715 B
1.2kB
8
6

HTTP Request

GET http://flossinseconds.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.4

HTTP Response

301
88.221.83.224:443

https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

tls, http2

1.4kB
6.3kB
16
11

HTTP Request

GET https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

HTTP Response

200

8.8.8.8:53

s.w.org

dns

msedge.exe

53 B
69 B
1
1

DNS Request

s.w.org

DNS Response

192.0.77.48
8.8.8.8:53

flossinseconds.com

dns

msedge.exe

64 B
96 B
1
1

DNS Request

flossinseconds.com

DNS Response

104.21.46.54

172.67.223.226
8.8.8.8:53

www.flossinseconds.com

dns

msedge.exe

68 B
175 B
1
1

DNS Request

www.flossinseconds.com

DNS Response

18.172.89.52

18.172.89.81

18.172.89.24

18.172.89.78
8.8.8.8:53

69.31.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

69.31.126.40.in-addr.arpa
8.8.8.8:53

163.20.217.172.in-addr.arpa

dns

73 B
171 B
1
1

DNS Request

163.20.217.172.in-addr.arpa
8.8.8.8:53

138.178.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

138.178.250.142.in-addr.arpa
8.8.8.8:53

54.46.21.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

54.46.21.104.in-addr.arpa
8.8.8.8:53

52.89.172.18.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

52.89.172.18.in-addr.arpa
8.8.8.8:53

55.81.224.13.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

55.81.224.13.in-addr.arpa
8.8.8.8:53

172.210.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.210.232.199.in-addr.arpa
8.8.8.8:53

26.35.223.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

26.35.223.20.in-addr.arpa
8.8.8.8:53

224.83.221.88.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

224.83.221.88.in-addr.arpa
224.0.0.251:5353

517 B
8
8.8.8.8:53

86.23.85.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

86.23.85.13.in-addr.arpa
8.8.8.8:53

56.126.166.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

56.126.166.20.in-addr.arpa
8.8.8.8:53

11.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

11.227.111.52.in-addr.arpa
8.8.8.8:53

91.65.42.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

91.65.42.20.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ce4c898f8fc7601e2fbc252fdadb5115

SHA1
01bf06badc5da353e539c7c07527d30dccc55a91

SHA256
bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa

SHA512
80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4158365912175436289496136e7912c2

SHA1
813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59

SHA256
354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1

SHA512
74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\999df8c9-8364-4b6c-93d0-b69909a81868.tmp

Filesize
6KB

MD5
84fcaecbad040b5431e33fc375453998

SHA1
53796102451f62b7e636eeb25604d07e5126db07

SHA256
491f8ae1e92ed58b5b1ffc244bca9adb0a79622aa286c8d070f6937b48ec58b6

SHA512
a9c9974a911096cd3eb44cec00ec101e5ffafcd375b44f74994332d036cb21221f886c82b033ccb262878ad57f2f60670e2d9573129b1d9319494b44455fae12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
465B

MD5
b03ef393816cfe134ccbec6902b3a1a2

SHA1
128d75249f61df99c44a21c85a76e74d0c71f62f

SHA256
1f86183dcfff26775d1162ca053a1add862c58bb2291246acc2338b623203a07

SHA512
dbe54985b28452fbbcdf3fb7b714b38eb43c8f49d6a070269706cc7da26f83ce43576364ca0729fb7e349e62493e64cf2d9ce980532e0d38fa54f3347f9a3d5e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
169542aab39fa42dc98445288aa301bf

SHA1
5d75066a38f91c54ff8402bbd053df85a9b068ba

SHA256
864dc25077a1a5909d083d01eb3707345fdcf4a18401f2289025337ab69a51a1

SHA512
3b324f39bb05039cce3ddb37fe611ad4963beed2397e847ea83a211a187b82058d125fa0bd46a1f6538db2770b340086595e67de262a10c4f980f8d73bde429c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
493616d7b02d2845a92545125edf583e

SHA1
701a4153f333cde47be0f0f575fc5f2bc27f76be

SHA256
80ddccc635b2c907b7d849399f3c0cb04309b808264f340a36940261e8da84b9

SHA512
c738e4176f50e6a94bbc14540dac3baf01b8fe63ea24cb87de76bbe75a066010dbd3773ffad089be72a70a0c5b56c87f82532d00dbbfcd4392511ee17d3df289

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
4595daf33a1d07b8e859b5010bdf1b49

SHA1
10590ca56980c021b8ce9b6968e0cac7828dac2e

SHA256
88b177b53f3473e249acdc7e9a201061b969a8f7c49362980cf660e17c63f0f7

SHA512
927b24a2881800d6418dafbefe37778ddcfb297714bf530b1e0f406206629577e4aa0e6fe3e5f6ad3339d509541085fc4aa2c2e8b15abd744ce96b8d78c20641

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
f2ebe9ac5f43ac1a19891c58578369c4

SHA1
40a3abf924002accc85d550c599f8430171116e4

SHA256
86b7442382df7fb73bfad1d55baa59e16f93ef198bed59debcc23ebb63e5e5a6

SHA512
fdf86a9a72de93a86c4196e223391d89c1876ad07dd49c8e7bca0c512164727fd98c9960b3681fa8c8913bbca73e95f52c4a955f68df86810caf9cb260e3a8a1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request