r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6253
Expires: Thu, 08 Dec 2022 08:41:55 GMT
Date: Thu, 08 Dec 2022 06:57:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3474
Expires: Thu, 08 Dec 2022 07:55:36 GMT
Date: Thu, 08 Dec 2022 06:57:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 06:08:09 GMT
content-type: application/json
age: 2973
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12108
Expires: Thu, 08 Dec 2022 10:19:30 GMT
Date: Thu, 08 Dec 2022 06:57:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qdXY5Q9xlCB4jCm31xqTOAD9DOcylVjXBxSjUwhFrt88t5J2efrbhUNZJDd/AiCZSJMCHCCdgPA=
x-amz-request-id: 8B7FXHX7KD611TZH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 06:47:49 GMT
age: 593
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 06:57:42 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 06:07:58 GMT
age: 2985
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
eur01.safelinks.protection.outlook.com/?url=https://email.notify.thinkific.com/c/eJwVjkGKxCAQRU8Tdwm22mVq4aI3c41QljqR2ImTGAb69OPAh794PHjRPcBKo2DWswiOOClSIjvQKL0MJiAwL5YsEM7wnBFpMPLKIW75Zwwx0V3aCB49PE3iNNqPquf0plzE6nRCtCQTWK95BqOksYFZR46JwaAobm2tXoN-Deqrb63cPjV9T1wyb-ne91iuiY93Z0dtef-v1fhAa_uL09G20t6Lws3kJ4qiuSu3uPzG0q241PPoqOVj_wP6rknS&data=05|01|ITHelpdesk@ducab.com|d9da7d9415ed4b47baf708dad8d41e75|e336e1e36dbb452a93ebe753e23c7e55|0|0|638060702797824269|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|3000|||&sdata=XR/rho3uzzEsfZokGu7pDG0W/azr8JAhoNEvujrbB24=&reserved=0
104.47.0.28302 Found 410 B URL HTTP/1.1 eur01.safelinks.protection.outlook.com/?url=https://email.notify.thinkific.com/c/eJwVjkGKxCAQRU8Tdwm22mVq4aI3c41QljqR2ImTGAb69OPAh794PHjRPcBKo2DWswiOOClSIjvQKL0MJiAwL5YsEM7wnBFpMPLKIW75Zwwx0V3aCB49PE3iNNqPquf0plzE6nRCtCQTWK95BqOksYFZR46JwaAobm2tXoN-Deqrb63cPjV9T1wyb-ne91iuiY93Z0dtef-v1fhAa_uL09G20t6Lws3kJ4qiuSu3uPzG0q241PPoqOVj_wP6rknS&data=05|01|ITHelpdesk@ducab.com|d9da7d9415ed4b47baf708dad8d41e75|e336e1e36dbb452a93ebe753e23c7e55|0|0|638060702797824269|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|3000|||&sdata=XR/rho3uzzEsfZokGu7pDG0W/azr8JAhoNEvujrbB24=&reserved=0
IP 104.47.0.28:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (338), with CRLF line terminators
Hash e620b253d09ee874bce6a3e8c024bd89
ed9c1f9b10351dfe15d457e73c9cf3d57a726d55
1dd6808f6e388c770b40e4168ffdbd7486db4cc219848b820814ce1af2c1fda1
GET /?url=https://email.notify.thinkific.com/c/eJwVjkGKxCAQRU8Tdwm22mVq4aI3c41QljqR2ImTGAb69OPAh794PHjRPcBKo2DWswiOOClSIjvQKL0MJiAwL5YsEM7wnBFpMPLKIW75Zwwx0V3aCB49PE3iNNqPquf0plzE6nRCtCQTWK95BqOksYFZR46JwaAobm2tXoN-Deqrb63cPjV9T1wyb-ne91iuiY93Z0dtef-v1fhAa_uL09G20t6Lws3kJ4qiuSu3uPzG0q241PPoqOVj_wP6rknS&data=05|01|ITHelpdesk@ducab.com|d9da7d9415ed4b47baf708dad8d41e75|e336e1e36dbb452a93ebe753e23c7e55|0|0|638060702797824269|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|3000|||&sdata=XR/rho3uzzEsfZokGu7pDG0W/azr8JAhoNEvujrbB24=&reserved=0 HTTP/1.1
Host: eur01.safelinks.protection.outlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://email.notify.thinkific.com/c/eJwVjkGKxCAQRU8Tdwm22mVq4aI3c41QljqR2ImTGAb69OPAh794PHjRPcBKo2DWswiOOClSIjvQKL0MJiAwL5YsEM7wnBFpMPLKIW75Zwwx0V3aCB49PE3iNNqPquf0plzE6nRCtCQTWK95BqOksYFZR46JwaAobm2tXoN-Deqrb63cPjV9T1wyb-ne91iuiY93Z0dtef-v1fhAa_uL09G20t6Lws3kJ4qiuSu3uPzG0q241PPoqOVj_wP6rknS
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 4.0
X-SL-GetUrlReputation-Verdict: Good
X-Robots-Tag: noindex, nofollow
X-AspNet-Version: 4.0.30319
X-ServerName: HE1EUR01WS053
X-ServerVersion: 15.20.5901.014
X-ServerLat: 747
X-SafeLinks-Tracking-Id: 69374014-a465-4cf8-e872-08dad8e980b3
X-Powered-By: ASP.NET
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
Date: Thu, 08 Dec 2022 06:57:42 GMT
Connection: close
Content-Length: 410
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 925
Cache-Control: max-age=95072
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:57:43 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 09:22:15 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d3a032547d1c7ac9803e04914e1ce2e7
a97b5e0518f9a40fda2d12251c860800592afdaa
7f3c52b19a3111d6317ccdaf1071e9f6a5b7b0acecbc01667c60a79ee69f3b4a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F3C52B19A3111D6317CCDAF1071E9F6A5B7B0ACECBC01667C60A79EE69F3B4A"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10167
Expires: Thu, 08 Dec 2022 09:47:10 GMT
Date: Thu, 08 Dec 2022 06:57:43 GMT
Connection: keep-alive
email.notify.thinkific.com/c/eJwVjkGKxCAQRU8Tdwm22mVq4aI3c41QljqR2ImTGAb69OPAh794PHjRPcBKo2DWswiOOClSIjvQKL0MJiAwL5YsEM7wnBFpMPLKIW75Zwwx0V3aCB49PE3iNNqPquf0plzE6nRCtCQTWK95BqOksYFZR46JwaAobm2tXoN-Deqrb63cPjV9T1wyb-ne91iuiY93Z0dtef-v1fhAa_uL09G20t6Lws3kJ4qiuSu3uPzG0q241PPoqOVj_wP6rknS
34.86.85.56302 Found 454 B URL HTTP/2 email.notify.thinkific.com/c/eJwVjkGKxCAQRU8Tdwm22mVq4aI3c41QljqR2ImTGAb69OPAh794PHjRPcBKo2DWswiOOClSIjvQKL0MJiAwL5YsEM7wnBFpMPLKIW75Zwwx0V3aCB49PE3iNNqPquf0plzE6nRCtCQTWK95BqOksYFZR46JwaAobm2tXoN-Deqrb63cPjV9T1wyb-ne91iuiY93Z0dtef-v1fhAa_uL09G20t6Lws3kJ4qiuSu3uPzG0q241PPoqOVj_wP6rknS
IP 34.86.85.56:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4122850b7b3548f185247c80d08d5cfe
9d46766324f9693af90c8970667c3fedaddd5891
4dc5c0a117f8926bb401563f9577f86b148e4a0d08d33059384112d7a380aae9
GET /c/eJwVjkGKxCAQRU8Tdwm22mVq4aI3c41QljqR2ImTGAb69OPAh794PHjRPcBKo2DWswiOOClSIjvQKL0MJiAwL5YsEM7wnBFpMPLKIW75Zwwx0V3aCB49PE3iNNqPquf0plzE6nRCtCQTWK95BqOksYFZR46JwaAobm2tXoN-Deqrb63cPjV9T1wyb-ne91iuiY93Z0dtef-v1fhAa_uL09G20t6Lws3kJ4qiuSu3uPzG0q241PPoqOVj_wP6rknS HTTP/1.1
Host: email.notify.thinkific.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-store
content-type: text/html
date: Thu, 08 Dec 2022 06:57:43 GMT
location: https://hpctzpfg.clickfunnels.com/optin1670391977703
x-robots-tag: noindex
x-xss-protection: 1; mode=block
content-length: 454
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.39.57.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.57.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lXees4sO+KBhS/LdD1fEiw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UmxUmTEF8SW7V3kUvTyQrqPgQco=
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash cded971a6083abea5c1ef6291d83c97c
4ead035720ea6e35ed33e01d0b72b18615ed03d8
2619ed857382b1a059854d7e34f7a99a1f934f63e2bbdea106ee1880ab3ffefe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6454
Cache-Control: max-age=106708
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:57:43 GMT
Etag: "63906f85-116"
Expires: Fri, 09 Dec 2022 12:36:11 GMT
Last-Modified: Wed, 07 Dec 2022 10:48:37 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3334fdf917e935ba9d8b2eeba8e5cffe
117351b066025011e14ee1a9435982f666c3b869
06920b7da42ae1a0f2b35b0fb0b5b9c1653f37cf05768cbf4c1e02239619393b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 275
Cache-Control: max-age=172171
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:57:43 GMT
Etag: "6391875f-117"
Expires: Sat, 10 Dec 2022 06:47:14 GMT
Last-Modified: Thu, 08 Dec 2022 06:42:39 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:57:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:57:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
app.clickfunnels.com/assets/lander.css
104.16.16.194200 OK 72 kB URL HTTP/2 app.clickfunnels.com/assets/lander.css
IP 104.16.16.194:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (53232)
Hash 74fb48107870d37dfd574e5f25e2c2e5
dc6a912b1a3660cff10ef4d425b3b47f88e9b0b4
37abbf2187fb7c9ba64517b94f8c7f554252231be5fa60c7ea1736e07d53cf34
GET /assets/lander.css HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Cookie: __cf_bm=maufTKbfTPIK1FNh6LaHqaIJzSDEiOVQRUGmdecIVpA-1670482663-0-AYhPKzYGPM08x3yW1IYY74WKzacBGLMsNtktknuuoKzzs3X9Yfz7jkCI02A0WggeObA+sW8Z5OfbsFt5RCgxQ9IrBXicmz2N2i61iDr4PxY2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 06:57:44 GMT
content-type: text/css
cf-ray: 77639bc9fa4cfab8-OSL
access-control-allow-origin: *
age: 122
cache-control: public, max-age=1200
etag: W/"637bf173-6a514"
expires: Thu, 08 Dec 2022 07:17:44 GMT
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
app.clickfunnels.com/assets/userevents/application.js
104.16.16.194200 OK 2.1 kB URL HTTP/2 app.clickfunnels.com/assets/userevents/application.js
IP 104.16.16.194:0
File type ASCII text, with very long lines (5244), with no line terminators
Hash 124e739c09bd085f90596389281c8f37
0e331223dcb52e0c2fb5b8a2eaf4004f89d97010
b1afc12f0d5c9fd54e3acd54bf7385a767211e2ce62ea6538eab26c664c75fd7
GET /assets/userevents/application.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Cookie: __cf_bm=maufTKbfTPIK1FNh6LaHqaIJzSDEiOVQRUGmdecIVpA-1670482663-0-AYhPKzYGPM08x3yW1IYY74WKzacBGLMsNtktknuuoKzzs3X9Yfz7jkCI02A0WggeObA+sW8Z5OfbsFt5RCgxQ9IrBXicmz2N2i61iDr4PxY2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 06:57:44 GMT
content-type: application/x-javascript
cf-ray: 77639bca3a65fab8-OSL
access-control-allow-origin: *
age: 520
cache-control: public, max-age=1200
etag: W/"637bf173-147c"
expires: Thu, 08 Dec 2022 07:17:44 GMT
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
142.250.74.106200 OK 2.9 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP 142.250.74.106:0
Hash 193f3c7dd83b0763911db614f7616d2d
89318bc6102cd00796f820c139ca0d29d6c1b0d8
b6bd6b1219a0f9e33d3d0c37be03016fbd7dc3a0aeda935545836109b303ca15
GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 06:57:44 GMT
date: Thu, 08 Dec 2022 06:57:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 61e3d9d6a1d8215a72262cabeeba48a7
9bae804c95bc7930bfd4223c01eaecd249f56f59
194e20346762205c87deb74d2f1b2ff6143fbdf3ce3542dc4049f7071a03ac89
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 95
Cache-Control: max-age=105042
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:57:44 GMT
Etag: "639081db-117"
Expires: Fri, 09 Dec 2022 12:08:26 GMT
Last-Modified: Wed, 07 Dec 2022 12:06:51 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
104.16.16.194200 OK 5.3 kB URL HTTP/2 images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
IP 104.16.16.194:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d99a10ef5010513b3d30f7cf51614b5f
d60c1da11f05540f39632c7357c22b76c9ee1ed7
5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474
GET /3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png HTTP/1.1
Host: images.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Cookie: __cf_bm=maufTKbfTPIK1FNh6LaHqaIJzSDEiOVQRUGmdecIVpA-1670482663-0-AYhPKzYGPM08x3yW1IYY74WKzacBGLMsNtktknuuoKzzs3X9Yfz7jkCI02A0WggeObA+sW8Z5OfbsFt5RCgxQ9IrBXicmz2N2i61iDr4PxY2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 06:57:44 GMT
content-type: image/webp
content-length: 5276
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9030
content-disposition: inline; filename="ClickfunnelsTag.webp"
etag: "a633777156a5ffeb58c92d3d59fa4e34"
last-modified: Fri, 03 Jan 2020 17:41:49 GMT
vary: Accept
x-amz-id-2: mpfiofoz3/g51l0X59TmfRciwp2R2+klwKzL5vkyJWZPbOjzCzwQzX2/BNhT36HmjMtaLHBKOlM=
x-amz-request-id: 8H4XD9AS9YGT4H71
cf-cache-status: HIT
age: 1514
expires: Sun, 01 Jan 2023 06:57:44 GMT
cache-control: public, max-age=2073600
accept-ranges: bytes
server: cloudflare
cf-ray: 77639bcafab7fab8-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6392
Expires: Thu, 08 Dec 2022 08:44:16 GMT
Date: Thu, 08 Dec 2022 06:57:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6392
Expires: Thu, 08 Dec 2022 08:44:16 GMT
Date: Thu, 08 Dec 2022 06:57:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6392
Expires: Thu, 08 Dec 2022 08:44:16 GMT
Date: Thu, 08 Dec 2022 06:57:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6392
Expires: Thu, 08 Dec 2022 08:44:16 GMT
Date: Thu, 08 Dec 2022 06:57:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6392
Expires: Thu, 08 Dec 2022 08:44:16 GMT
Date: Thu, 08 Dec 2022 06:57:44 GMT
Connection: keep-alive
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
172.64.133.15200 OK 8.8 kB URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (26440)
Hash a5a7e146984c5d7b339aca9a939f00fb
35fee527d8d710569a63a4256f2fb22855fccbb7
a658e53cf5ba96ad68544ec26eef24c577d4b334c0980a54cc87c9c8fae74150
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 06:57:44 GMT
content-type: text/css
x-amz-id-2: WpVlr9E4LNAdFsXi6U7ITEvBAF0od/nY8z13ckAJA/I/wFoGHyoSwlXOyhWr8pqbj6dB1MeQp5k=
x-amz-request-id: CN86A7VHSM61Q680
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2140570
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rouo%2Fe%2Bx5Rrfk9a63o09bw%2FAWWZAZ0fcPB%2Bl5dnGSBFnn7cMDLeTmgJGTxgz%2BeDIeF940udG0JFceifrBrYUkRpLVecISGbcDGDxJeMtVZVVDC9SKeWB98dqcsM8drZdy4u9MIB%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77639bcac9d50052-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2d14fc1b5d2e6d6f4751a2fe741b990
86cd1428b2fd21ccb9d80c7f6be4d1e6221e97ef
bfe88cb97ccec5af627853d0bbc02f4799c4b8a25a995c8578365cb5a2914d6a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8626
x-amzn-requestid: c5f3e36b-87f1-4938-819c-7b1a6ec6bfeb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4BXHJ0oAMFaKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106d5-15635f9a10d25d8c1d702bbd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zQXtGXxwwTmn7gMQQj5wM69mPzAmYXRyfTbYfgUovTGsS0y048GZDg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:51:32 GMT
age: 32772
etag: "86cd1428b2fd21ccb9d80c7f6be4d1e6221e97ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3cbac0c7e45d3f33c38dbf3af4de05ba
e9106fec14ddda290951c61eda64a69ada9a244a
98d3785eb167ea6bbba3782ab3cfd8cc9c7715f493265ac6d59494c00d3b002e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: bf2f33a6-7f13-4f5b-ba9c-da33282135b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctERHFRSoAMFgYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb406-121af6ba1b7b6a3066ffa103;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:16:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yTLFIBUWHjudn2h6VKM79RUnXfuUTmQBkYSCFrRuY7_biVW5bEKZfA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 17:39:05 GMT
age: 47919
etag: "e9106fec14ddda290951c61eda64a69ada9a244a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b6cef-6b79-466f-a8bf-5f3864c9b0e7.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b6cef-6b79-466f-a8bf-5f3864c9b0e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9f7b9c77a99173619ee85d0cfa8e2f8
05ba0fab4533b9837dd8558ffa5eb168e974d2b3
17184aca15041d2770fe14397fc0ab87e5f8e9f910b557031ba7fbf1349b0b9c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b6cef-6b79-466f-a8bf-5f3864c9b0e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11464
x-amzn-requestid: 04d9e95d-563e-4258-934e-add82f95a638
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGysEDmIAMFSIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851aa-426e37fb562dc25b3449311b;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RspslnJzOcAHAL--VTgFJkFxb1PvLM6OHJmJUsdOKocI5ZPmJSLdoA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 07:16:43 GMT
age: 85261
etag: "05ba0fab4533b9837dd8558ffa5eb168e974d2b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:33:19 GMT
age: 26665
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2019d3bc-b4a4-4afc-ad84-3ab33b8036ec.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2019d3bc-b4a4-4afc-ad84-3ab33b8036ec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fbdf939d23b987fd36a86b7a1258b10d
2cad45ad8e56699db3457501cf1e488fe85d479a
285a8a3d3ec439f493ca5d586477c3e3ed3b9e5d7a0133da73c426b69e112cb1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2019d3bc-b4a4-4afc-ad84-3ab33b8036ec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10861
x-amzn-requestid: ad568a35-9eba-4c6d-a09d-97e518fbf503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4gIFN4oAMFqrw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391079a-434ca8281e48538e69e72e05;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4MrxT27cyrFqR70ofprhh4FbJAfVpKb787jT3TsH0l7BxQOf2tWh6g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:51:32 GMT
age: 32772
etag: "2cad45ad8e56699db3457501cf1e488fe85d479a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5f2493dbbc6f1de00118c8caffcf02ba
2ebd632a7369bac92e65873e2607ab15ccd6e0d1
cd686421d9640d11deb006c87f307be7072a5230901bc23e6a5bb5b802064b3b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 708
Cache-Control: max-age=166146
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:57:44 GMT
Etag: "63916e26-116"
Expires: Sat, 10 Dec 2022 05:06:50 GMT
Last-Modified: Thu, 08 Dec 2022 04:55:02 GMT
Server: ECS (amb/6B71)
X-Cache: HIT
Content-Length: 278
d26b395fwzu5fz.cloudfront.net/keen-tracking-1.0.3.min.js
54.230.245.147200 OK 9.0 kB URL HTTP/1.1 d26b395fwzu5fz.cloudfront.net/keen-tracking-1.0.3.min.js
IP 54.230.245.147:0
File type ASCII text, with very long lines (20564)
Hash a6acb97120359c326c8f7775a5514f5d
db0ba6a113b2bf753933f2b5d3451e55d7184c2d
bc1391ed0a7a70a24988c0464202bcf2f8f1a5f4d1465c8d5552471b13b90fba
GET /keen-tracking-1.0.3.min.js HTTP/1.1
Host: d26b395fwzu5fz.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 8994
Connection: keep-alive
Date: Sun, 11 Sep 2022 05:10:09 GMT
Last-Modified: Thu, 31 Mar 2016 04:24:33 GMT
ETag: "a6acb97120359c326c8f7775a5514f5d"
Cache-Control: max-age=31536000000, public
Content-Encoding: gzip
Expires: Fri, 31 Mar 2017 04:24:29 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 97z9mcLeI67tnmfSzYS6piylasOzzJ8bArzhNWbgyY7Rk93RSkg-ew==
Age: 7609656
js-agent.newrelic.com/552.2d6a2503-1220.js
151.101.130.137200 OK 5.9 kB URL HTTP/2 js-agent.newrelic.com/552.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (21423)
Hash 097ef34c5f5d635a147bca3721bd605b
3b31ef3cfb1d62d9884d631ec2467b9d6b0d46e2
3e05d4e42c1e87b516b525574b20d2570dccc50d1bd1b2956d6421699aa19914
GET /552.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PnZFPtaQ6Oa8SvsR598yLCynwQMleyjLyE8+/6kXxv1ZfRit6gnSEEKUHnQ2vqYi8syHn+Nxcq4=
x-amz-request-id: XM6WHM0J4M8X38WQ
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "777ac0df4dba632ad1b2955c88dd51ac"
x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 06:57:45 GMT
via: 1.1 varnish
x-served-by: cache-bma1661-BMA
x-cache: HIT
x-cache-hits: 2351
x-timer: S1670482665.051505,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5890
X-Firefox-Spdy: h2
hpctzpfg.clickfunnels.com/cdn-cgi/rum?
104.16.16.194204 No Content 0 B URL HTTP/2 hpctzpfg.clickfunnels.com/cdn-cgi/rum?
IP 104.16.16.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: hpctzpfg.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 8239
Origin: https://hpctzpfg.clickfunnels.com
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/optin1670391977703
Cookie: __cf_bm=maufTKbfTPIK1FNh6LaHqaIJzSDEiOVQRUGmdecIVpA-1670482663-0-AYhPKzYGPM08x3yW1IYY74WKzacBGLMsNtktknuuoKzzs3X9Yfz7jkCI02A0WggeObA+sW8Z5OfbsFt5RCgxQ9IrBXicmz2N2i61iDr4PxY2; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTc0NTI4MzQ=:visited=true; cf:visitor_id=bc5d551a-d470-43e6-8944-a5a3997fccdb; addevent_track_cookie=ae2bb9ae-0477-4a34-991b-68fedfda12d2; cf_survey_participant_57452834=participant_mkm1v
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Thu, 08 Dec 2022 06:57:45 GMT
access-control-allow-origin: https://hpctzpfg.clickfunnels.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 77639bd11d48fab8-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/all.css
172.64.133.15200 OK 16 kB URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/all.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (55782)
Hash 79db4cca493b001fbdc50bf3730c9aca
2a3323a3b0794772e36b8357cbe3cb73c1478864
914ca3076ae3b4d453c6c126dbeeb1d1c25ea5427a96ce8f53b9b50a9855c666
GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 06:57:44 GMT
content-type: text/css
x-amz-id-2: cIB7RJR8YNkOt3c5odVNIsPWGanLxokh1zS2YvTVv7QSgKdKXNOroM5eyN2MvPjoE855Z9I1sPM=
x-amz-request-id: BCPBKD6BGPB27GGJ
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1014356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jygeyPPkVjeAou3AD0w6Dg2rtiWwdRqEtvJx%2B3C%2BdhQ8QKb5Is%2FkQ%2BP%2FaaxpRYNQf8msO%2BhTm4wOnJVVuk64VKWLSeRYsXAtbHgAOyJdsUiUkmeYZ1sHXKFo3Xj9KCJ9%2B4vrUV9R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77639bcad9de0052-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=b3lqOXZrMkk4WWc1UHRwUUhJdHZzQT09LS10dmhqcmducjNsMWszOGNOTC9MQnRRPT0%3D--de13995a426b9df684890d2b782b365a042edf7a&page_id=TUgwUzdFajZVTSszNG56bFNvU1FHdz09LS1mTmg2NllBSENqNG1BbEVGVWJUUWdRPT0%3D--b17ac0f8dcd25078de2cdc20a77d3bcd4a81a89e&funnel_step_id=UXFBbXE0VEhINjVTb3QvNEFxV29DUT09LS1WSjVYbjBFVC9sRVdIdlk0di9kZXF3PT0%3D--f445cc9822ab0d0515e750db952c38bc8c772e31&user_id=MDQ4dFNJU1hobnpMajZ4OHB2OG5xUT09LS1aUXQ1eUFpQktqSm9zeFVqT1UxSXRnPT0%3D--40c20b1310ee39e4bca1a22870b576908d7f0f90&account_id=WWV2cUozOXpDMnluNGVZK3FsRm1Sdz09LS1PZERkQlF0ZDNaQU43SnhFcy9qQnpBPT0%3D--39bfbc8b48fe5984e27eb6652e528fcfdc877cc2&page_code=NTc0NTI4MzQ%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=a139c4fc-cc85-4778-8e9f-c53fce3d2991&url=https%3A%2F%2Fhpctzpfg.clickfunnels.com%2Foptin1670391977703
104.16.16.194202 Accepted 2.2 kB URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=b3lqOXZrMkk4WWc1UHRwUUhJdHZzQT09LS10dmhqcmducjNsMWszOGNOTC9MQnRRPT0%3D--de13995a426b9df684890d2b782b365a042edf7a&page_id=TUgwUzdFajZVTSszNG56bFNvU1FHdz09LS1mTmg2NllBSENqNG1BbEVGVWJUUWdRPT0%3D--b17ac0f8dcd25078de2cdc20a77d3bcd4a81a89e&funnel_step_id=UXFBbXE0VEhINjVTb3QvNEFxV29DUT09LS1WSjVYbjBFVC9sRVdIdlk0di9kZXF3PT0%3D--f445cc9822ab0d0515e750db952c38bc8c772e31&user_id=MDQ4dFNJU1hobnpMajZ4OHB2OG5xUT09LS1aUXQ1eUFpQktqSm9zeFVqT1UxSXRnPT0%3D--40c20b1310ee39e4bca1a22870b576908d7f0f90&account_id=WWV2cUozOXpDMnluNGVZK3FsRm1Sdz09LS1PZERkQlF0ZDNaQU43SnhFcy9qQnpBPT0%3D--39bfbc8b48fe5984e27eb6652e528fcfdc877cc2&page_code=NTc0NTI4MzQ%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=a139c4fc-cc85-4778-8e9f-c53fce3d2991&url=https%3A%2F%2Fhpctzpfg.clickfunnels.com%2Foptin1670391977703
IP 104.16.16.194:0
File type gzip compressed data, from Unix\012- data
Hash 98a96a3306b7723c0b8c4bff074cdd9f
e9070da7daa34fa2d8ac2e4ec00e3c499ea37516
a6079d50fa4c72b521fd865e67be080b5b21c336a71dbf7a1800a12ad42384f7
GET /userevents/?funnel_id=b3lqOXZrMkk4WWc1UHRwUUhJdHZzQT09LS10dmhqcmducjNsMWszOGNOTC9MQnRRPT0%3D--de13995a426b9df684890d2b782b365a042edf7a&page_id=TUgwUzdFajZVTSszNG56bFNvU1FHdz09LS1mTmg2NllBSENqNG1BbEVGVWJUUWdRPT0%3D--b17ac0f8dcd25078de2cdc20a77d3bcd4a81a89e&funnel_step_id=UXFBbXE0VEhINjVTb3QvNEFxV29DUT09LS1WSjVYbjBFVC9sRVdIdlk0di9kZXF3PT0%3D--f445cc9822ab0d0515e750db952c38bc8c772e31&user_id=MDQ4dFNJU1hobnpMajZ4OHB2OG5xUT09LS1aUXQ1eUFpQktqSm9zeFVqT1UxSXRnPT0%3D--40c20b1310ee39e4bca1a22870b576908d7f0f90&account_id=WWV2cUozOXpDMnluNGVZK3FsRm1Sdz09LS1PZERkQlF0ZDNaQU43SnhFcy9qQnpBPT0%3D--39bfbc8b48fe5984e27eb6652e528fcfdc877cc2&page_code=NTc0NTI4MzQ%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=a139c4fc-cc85-4778-8e9f-c53fce3d2991&url=https%3A%2F%2Fhpctzpfg.clickfunnels.com%2Foptin1670391977703 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hpctzpfg.clickfunnels.com
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 202 Accepted
date: Thu, 08 Dec 2022 06:57:44 GMT
content-type: text/html
cf-ray: 77639bcdcbc5fab8-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 9045d417c2905f8aadab8b5011c484a8
x-runtime: 0.043200
set-cookie: __cf_bm=EGJl9gELw1lHbLsrmHf1LpQRbHannQ7ckDpAx6zaJ4M-1670482664-0-ASysDWucI2auH/PWGiNTCxBbty67ZJlBdUsFXEoK+Ql4OAvbZwv4yvirem8fm253HdGmBu1XscSap3OAA2DImVpjyIhhOzQbS+5BT+PncLnY; path=/; expires=Thu, 08-Dec-22 07:27:44 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
js-agent.newrelic.com/368.2d6a2503-1220.js
151.101.130.137200 OK 1.4 kB URL HTTP/2 js-agent.newrelic.com/368.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (3382)
Hash fa50a55750d1d0978fca32be5dbc3988
a7f447621d48b3ecf7fc0192b515d506d3d1ad18
c621038fb07e536af8a1ec6d260853dfe69055dc2fb526700919c53b3b7e5f20
GET /368.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: GUwozRedGseijuU5ypA/WbbnDIf/u5E5/2u5+kb3ugz/wj5jQhWm8oFz9CQSV79o7P1yeeJAp+M=
x-amz-request-id: K9T2FMDPRF0ZCE4Q
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "16b4f3676c3859e1378a2ccdebbad675"
x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 06:57:45 GMT
via: 1.1 varnish
x-served-by: cache-bma1661-BMA
x-cache: HIT
x-cache-hits: 2345
x-timer: S1670482665.352001,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1443
X-Firefox-Spdy: h2
js-agent.newrelic.com/775.2d6a2503-1220.js
151.101.130.137200 OK 632 B URL HTTP/2 js-agent.newrelic.com/775.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (1169)
Hash 661520fd0dfebb919d68a69b60ca426f
b85ef80a0e0d95bf4904f9ce4fad56c49ae035be
ecd489671c6255fee8370fc1f8f4e99519ef8d4c4c0ab06640b0c021642e1db7
GET /775.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 7LFMHtjJh1S3I7Y2nadjyW3qD5GSEUAPkhvRiGWUqI2yNIsj2jxS1WztietgESJCTo8b+MSjBS8=
x-amz-request-id: XM6WXR7ZNKJZ7WDR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "1dfdb74c0491489bf04c6deadb56add2"
x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 06:57:45 GMT
via: 1.1 varnish
x-served-by: cache-bma1661-BMA
x-cache: HIT
x-cache-hits: 150
x-timer: S1670482665.352406,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 632
X-Firefox-Spdy: h2
www2.clickfunnels.com/favicon.ico
104.16.16.194200 OK 2.7 kB URL HTTP/2 www2.clickfunnels.com/favicon.ico
IP 104.16.16.194:0
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash fafd2a2ba061fbd6612ed8ccc5e45676
9dae7800606788efba23541fcebcbace2bea935e
3ad1973a9787c43dc0c5c037e1280564940e9cd005ba199d3f70b60eb424769e
GET /favicon.ico HTTP/1.1
Host: www2.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Cookie: __cf_bm=maufTKbfTPIK1FNh6LaHqaIJzSDEiOVQRUGmdecIVpA-1670482663-0-AYhPKzYGPM08x3yW1IYY74WKzacBGLMsNtktknuuoKzzs3X9Yfz7jkCI02A0WggeObA+sW8Z5OfbsFt5RCgxQ9IrBXicmz2N2i61iDr4PxY2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 06:57:45 GMT
content-type: image/x-icon
cf-ray: 77639bd04ceafab8-OSL
access-control-allow-origin: *
age: 5758
etag: W/"637bf173-3aee"
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=tNm7_kAAqCFCdhqmyXz673ikP747nVTt2Fu2IBD5bmY-1670482665-0-AS0HFbLTbmQ3TjlYMeV5ImZk3upIPeV8A8gJhOo8yR1-h8XNhFfFV4Dyrlt4GWaR42n4vctJb6glTNf5P62vv9CDEKbhPszNrONUcGVPefO3"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=tNm7_kAAqCFCdhqmyXz673ikP747nVTt2Fu2IBD5bmY-1670482665-0-AS0HFbLTbmQ3TjlYMeV5ImZk3upIPeV8A8gJhOo8yR1-h8XNhFfFV4Dyrlt4GWaR42n4vctJb6glTNf5P62vv9CDEKbhPszNrONUcGVPefO3; report-to cf-csp-endpoint
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1220.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3180&ck=0&s=f7ce96f8c1b196d0&ref=https://hpctzpfg.clickfunnels.com/optin1670391977703&ap=448&be=1507&fe=1102&dc=696&perf=%7B%22timing%22:%7B%22of%22:1670482661824,%22n%22:0,%22f%22:1242,%22dn%22:1244,%22dne%22:1273,%22c%22:1274,%22s%22:1276,%22ce%22:1304,%22rq%22:1305,%22rp%22:1482,%22rpe%22:1482,%22dl%22:1491,%22di%22:2182,%22ds%22:2203,%22de%22:2297,%22dc%22:2608,%22l%22:2608,%22le%22:2723%7D,%22navigation%22:%7B%7D%7D&fcp=2195&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1220.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3180&ck=0&s=f7ce96f8c1b196d0&ref=https://hpctzpfg.clickfunnels.com/optin1670391977703&ap=448&be=1507&fe=1102&dc=696&perf=%7B%22timing%22:%7B%22of%22:1670482661824,%22n%22:0,%22f%22:1242,%22dn%22:1244,%22dne%22:1273,%22c%22:1274,%22s%22:1276,%22ce%22:1304,%22rq%22:1305,%22rp%22:1482,%22rpe%22:1482,%22dl%22:1491,%22di%22:2182,%22ds%22:2203,%22de%22:2297,%22dc%22:2608,%22l%22:2608,%22le%22:2723%7D,%22navigation%22:%7B%7D%7D&fcp=2195&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1220.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3180&ck=0&s=f7ce96f8c1b196d0&ref=https://hpctzpfg.clickfunnels.com/optin1670391977703&ap=448&be=1507&fe=1102&dc=696&perf=%7B%22timing%22:%7B%22of%22:1670482661824,%22n%22:0,%22f%22:1242,%22dn%22:1244,%22dne%22:1273,%22c%22:1274,%22s%22:1276,%22ce%22:1304,%22rq%22:1305,%22rp%22:1482,%22rpe%22:1482,%22dl%22:1491,%22di%22:2182,%22ds%22:2203,%22de%22:2297,%22dc%22:2608,%22l%22:2608,%22le%22:2723%7D,%22navigation%22:%7B%7D%7D&fcp=2195&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:45 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 77639bd499f40b51-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
emiratespost.dynv6.net/Ae/emirates/info2022/STATU/dash/SF/Panel/Checkout
104.168.214.87301 Moved Permanently 162 B URL HTTP/2 emiratespost.dynv6.net/Ae/emirates/info2022/STATU/dash/SF/Panel/Checkout
IP 104.168.214.87:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /Ae/emirates/info2022/STATU/dash/SF/Panel/Checkout HTTP/1.1
Host: emiratespost.dynv6.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 08 Dec 2022 06:57:45 GMT
content-type: text/html
content-length: 162
location: https://emiratespost.dynv6.net/Ae/emirates/info2022/STATU/dash/SF/Panel/Checkout/
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
app.clickfunnels.com/assets/pushcrew.js
104.16.16.194200 OK 347 B URL HTTP/2 app.clickfunnels.com/assets/pushcrew.js
IP 104.16.16.194:0
File type ASCII text, with very long lines (637), with no line terminators
Hash 0c500871c6a4702c7637750991a447e1
28944a4263072eeca3770d0eda48d56a7c6a06d7
ab247c5f3e8445ab74d4e4fcb235a3d989f864be4f52de8d68309115e8bc6864
GET /assets/pushcrew.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Cookie: __cf_bm=maufTKbfTPIK1FNh6LaHqaIJzSDEiOVQRUGmdecIVpA-1670482663-0-AYhPKzYGPM08x3yW1IYY74WKzacBGLMsNtktknuuoKzzs3X9Yfz7jkCI02A0WggeObA+sW8Z5OfbsFt5RCgxQ9IrBXicmz2N2i61iDr4PxY2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 06:57:44 GMT
content-type: application/x-javascript
cf-ray: 77639bc9fa4bfab8-OSL
access-control-allow-origin: *
age: 39
cache-control: public, max-age=1200
etag: W/"637bf172-27d"
expires: Thu, 08 Dec 2022 07:17:44 GMT
last-modified: Mon, 21 Nov 2022 21:45:22 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
bam.nr-data.net/jserrors/1/NRJS-fc902efb332119fff33?a=367981416&v=1220.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4508&ck=0&s=f7ce96f8c1b196d0&ref=https://hpctzpfg.clickfunnels.com/optin1670391977703
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/jserrors/1/NRJS-fc902efb332119fff33?a=367981416&v=1220.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4508&ck=0&s=f7ce96f8c1b196d0&ref=https://hpctzpfg.clickfunnels.com/optin1670391977703
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /jserrors/1/NRJS-fc902efb332119fff33?a=367981416&v=1220.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4508&ck=0&s=f7ce96f8c1b196d0&ref=https://hpctzpfg.clickfunnels.com/optin1670391977703 HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 145
Origin: https://hpctzpfg.clickfunnels.com
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:47 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 77639be029df0b51-OSL
Access-Control-Allow-Origin: https://hpctzpfg.clickfunnels.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
bam.nr-data.net/events/1/NRJS-fc902efb332119fff33?a=367981416&v=1220.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4509&ck=0&s=f7ce96f8c1b196d0&ref=https://hpctzpfg.clickfunnels.com/optin1670391977703
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-fc902efb332119fff33?a=367981416&v=1220.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4509&ck=0&s=f7ce96f8c1b196d0&ref=https://hpctzpfg.clickfunnels.com/optin1670391977703
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-fc902efb332119fff33?a=367981416&v=1220.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4509&ck=0&s=f7ce96f8c1b196d0&ref=https://hpctzpfg.clickfunnels.com/optin1670391977703 HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 62
Origin: https://hpctzpfg.clickfunnels.com
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:48 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 77639be02c42b4fd-OSL
Access-Control-Allow-Origin: https://hpctzpfg.clickfunnels.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
w.sharethis.com/button/st_insights.js?publisher=eba0f3ba-f9ab-408c-bc68-c28af5afe749&product=feather
54.230.111.56301 Moved Permanently 167 B URL HTTP/1.1 w.sharethis.com/button/st_insights.js?publisher=eba0f3ba-f9ab-408c-bc68-c28af5afe749&product=feather
IP 54.230.111.56:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /button/st_insights.js?publisher=eba0f3ba-f9ab-408c-bc68-c28af5afe749&product=feather HTTP/1.1
Host: w.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Thu, 08 Dec 2022 06:57:48 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://w.sharethis.com/button/st_insights.js?publisher=eba0f3ba-f9ab-408c-bc68-c28af5afe749&product=feather
X-Cache: Redirect from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2a2WKbDhOvdNoSTZqQbZLUn_2iMOArj6Y7KS3ngTosG1RAMMBZbzlA==
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
w.sharethis.com/button/st_insights.js?publisher=eba0f3ba-f9ab-408c-bc68-c28af5afe749&product=feather
54.230.111.56200 OK 7.9 kB URL HTTP/2 w.sharethis.com/button/st_insights.js?publisher=eba0f3ba-f9ab-408c-bc68-c28af5afe749&product=feather
IP 54.230.111.56:0
File type C source, ASCII text, with very long lines (27236), with no line terminators
Hash 990365ccdf4eebf164214f992d8ddfbc
b485f83e096515d93dfec5d8dc420d571ef06254
947238672d5912dffc77bde8e413752ecd69e6062c68c09ae20274b55f37ffdd
GET /button/st_insights.js?publisher=eba0f3ba-f9ab-408c-bc68-c28af5afe749&product=feather HTTP/1.1
Host: w.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://playfmradio.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 7903
content-encoding: gzip
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
cache-control: max-age=259200
date: Wed, 07 Dec 2022 16:18:22 GMT
expires: Sat, 10 Dec 2022 16:18:22 GMT
etag: W/"634f185a-6a64"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WWQzN6Lmry6GJpIxPiiAkcDzBzqE0wsLdQIlvMXx3qdMOuH6pf_Bpw==
age: 52766
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?ver=5.2.17
172.217.21.170200 OK 54 kB URL HTTP/2 maps.googleapis.com/maps/api/js?ver=5.2.17
IP 172.217.21.170:0
File type ASCII text, with very long lines (2590)
Hash 0b5ec08ec277ab800b167cb8014eca34
5124f087f1a76f1230b3fc384c16856c6f73dada
ca037feee0111878920789ad17c57de6e50d3dade613de257082ac46ac2cae6f
GET /maps/api/js?ver=5.2.17 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://playfmradio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Thu, 08 Dec 2022 06:57:48 GMT
expires: Thu, 08 Dec 2022 07:27:48 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 53544
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=12
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cb4dd119f7430c320eac60b72355bd8c
e5694c4e08731720fa303127f2f4b2fe5ab9fba9
116e36f240390df2689f722ba0174ff342f7c6ce3a6b91853342c93def2a0825
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
playfmradio.com/
200.58.110.205200 OK 26 kB IP 200.58.110.205:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1870), with CRLF, LF line terminators
Hash 58d66d2fbb7485aa05d4217f09406142
fdb4bb97f6ea3ace5273f35dc2a94a338e24c43f
4ed70d342287ef1dbcb328c6cb40708b69b3428c4c41de9a5b338c4ac763eb7d
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:47 GMT
Server: Apache
X-Powered-By: PHP/7.4.25
Link: <http://playfmradio.com/wp-json/>; rel="https://api.w.org/", <http://playfmradio.com/>; rel=shortlink
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 26387
Keep-Alive: timeout=10, max=200
Content-Type: text/html; charset=UTF-8
www.google.com/jsapi?ver=5.2.17
142.250.74.132301 Moved Permanently 248 B URL HTTP/2 www.google.com/jsapi?ver=5.2.17
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash a3489472c936d677eb9e469df8a34472
df330f3ec7e7fec9ebc35bca1a0e0b313eb00db1
d7c8775d3b3e8a48e273cbcafae52bd993572f76518b952033b6a6a32293592a
GET /jsapi?ver=5.2.17 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://playfmradio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://www.gstatic.com/charts/loader.js?ver=5.2.17
x-content-type-options: nosniff
server: sffe
content-length: 248
x-xss-protection: 0
date: Thu, 08 Dec 2022 06:53:19 GMT
expires: Thu, 08 Dec 2022 07:23:19 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
playfmradio.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.7
200.58.110.205200 OK 2.8 kB URL HTTP/1.1 playfmradio.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.7
IP 200.58.110.205:0
File type ASCII text, with very long lines (16823), with no line terminators
Hash 10d5dabc995473322055955c8cdc016a
919778ce81e9570059fa511c1ee69246377b7f29
573fbda2062b26ee19b676717043aad9be95f52cae95d48ed521355f5a300eab
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.7 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 30 Nov 2021 00:21:29 GMT
ETag: "41b7-5d1f689e934ce-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2836
Keep-Alive: timeout=10, max=200
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b9083cdf8a3f174763927ae3e9ca3934
1d1ca843e0517b384f693ff52b55fcafc48f9ee7
0f42326e84100eb58e3ac1d2eb5e21f7f0ba3502ddea7f607627a465cc234801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/charts/loader.js?ver=5.2.17
142.250.74.99200 OK 20 kB URL HTTP/2 www.gstatic.com/charts/loader.js?ver=5.2.17
IP 142.250.74.99:0
File type ASCII text, with very long lines (2134)
Hash f3341efa0432876b1697ccec98c33b01
55044e79afbe25d119b7b87dc7b5d1b3ec0c607a
6672904faeb4f203e0109279aa99d88f9e8690d2d696d80309ef50a974f88c77
GET /charts/loader.js?ver=5.2.17 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://playfmradio.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
access-control-allow-credentials: true
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gviz"
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-length: 19937
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 06:46:57 GMT
expires: Thu, 08 Dec 2022 07:46:57 GMT
cache-control: public, max-age=3600
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
content-type: text/javascript
age: 651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
playfmradio.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.5
200.58.110.205200 OK 7.1 kB URL HTTP/1.1 playfmradio.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.5
IP 200.58.110.205:0
File type ASCII text, with very long lines (30761)
Hash a2b81218886e6bdb0760a05ba780e805
88b93d8dcc24adb742464dd5fdbfd3b854966db4
3263fecc2874b0b4a86fedb5d9fb8b36913c1736be59b62de51c041c501b68cf
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.5 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:48 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 02:02:48 GMT
ETag: "78cb-5877972b10b5e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7073
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: text/css
playfmradio.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.5.0
200.58.110.205200 OK 570 B URL HTTP/1.1 playfmradio.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.5.0
IP 200.58.110.205:0
File type ASCII text, with CRLF line terminators
Hash 98850c9586be35bb6543abd8becdc5ee
5ef32afcf3f6b50f4813a74bebac2f76fd02d3b0
d2252f686e36e0aa1b08f4430b450b32f5c5271858c22073d5178085c90bf6ce
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.5.0 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:48 GMT
Server: Apache
Last-Modified: Tue, 30 Nov 2021 00:21:35 GMT
ETag: "688-5d1f68a4356d6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 570
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: text/css
playfmradio.com/wp-content/plugins/qt-swipebox/swipebox/css/swipebox.min.css?ver=5.2.17
200.58.110.205200 OK 1.2 kB URL HTTP/1.1 playfmradio.com/wp-content/plugins/qt-swipebox/swipebox/css/swipebox.min.css?ver=5.2.17
IP 200.58.110.205:0
File type ASCII text, with very long lines (4257), with no line terminators
Hash b3604904b5c83c4af70d945dd7cb1599
df3af4aeca0725ba44dd58c37d4733b20e6cd86a
15ce19df510df91e7277034e484c8e09e5ffedd7f4d4b22141d652b2cb2eb223
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/qt-swipebox/swipebox/css/swipebox.min.css?ver=5.2.17 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 27 Apr 2019 02:21:58 GMT
ETag: "10a1-58779b738fea4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1215
Keep-Alive: timeout=10, max=200
Content-Type: text/css
playfmradio.com/wp-content/plugins/qt-videogalleries/assets/style.css?ver=5.2.17
200.58.110.205200 OK 1.1 kB URL HTTP/1.1 playfmradio.com/wp-content/plugins/qt-videogalleries/assets/style.css?ver=5.2.17
IP 200.58.110.205:0
Hash 136d1bcd85cf7335b41b6eb4ad8cf2c7
d1e7684ff98a1326ecfb9eef395e6e1d9e99cdd7
88c8ffcdeb4ef4be7936232133a94eaeb5c20ac87eaebe7c5c068a5e81eba02c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/qt-videogalleries/assets/style.css?ver=5.2.17 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 27 Apr 2019 02:22:29 GMT
ETag: "d30-58779b91b3d55-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1107
Keep-Alive: timeout=10, max=200
Content-Type: text/css
playfmradio.com/wp-content/themes/onair2/fonts/dripicons/webfont.css?ver=2.3.1
200.58.110.205200 OK 2.0 kB URL HTTP/1.1 playfmradio.com/wp-content/themes/onair2/fonts/dripicons/webfont.css?ver=2.3.1
IP 200.58.110.205:0
Hash a74085359e96982b3b2bbcab42b64056
0b04f7b3303e30ba40bda5b16d5e1124e2e2f38e
66e2a5b0264ca9ebfaff63375cc48f03b8b6e4b931128d4a185042990d86e0ca
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/onair2/fonts/dripicons/webfont.css?ver=2.3.1 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 27 Apr 2019 04:31:21 GMT
ETag: "2b5b-5877b85f064f6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1953
Keep-Alive: timeout=10, max=200
Content-Type: text/css
playfmradio.com/wp-content/themes/onair2/fonts/qticons/qticons.css?ver=2.3.1
200.58.110.205200 OK 1.6 kB URL HTTP/1.1 playfmradio.com/wp-content/themes/onair2/fonts/qticons/qticons.css?ver=2.3.1
IP 200.58.110.205:0
File type ASCII text, with very long lines (327)
Hash 5823eddbcb9652ac656f1e70aa9abcbc
94fa67116481c904770faa5c0e119e37172adeff
0e4ef420b03fb6ba12dffbd7d4126320a3f5c10c7d5fa53d2eeb41ed0f56fbf8
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/onair2/fonts/qticons/qticons.css?ver=2.3.1 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 27 Apr 2019 04:31:37 GMT
ETag: "1ebc-5877b86e9cf55-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1594
Keep-Alive: timeout=10, max=200
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
playfmradio.com/wp-content/themes/onair2/components/slick/slick.css?ver=2.3.1
200.58.110.205200 OK 557 B URL HTTP/1.1 playfmradio.com/wp-content/themes/onair2/components/slick/slick.css?ver=2.3.1
IP 200.58.110.205:0
Hash d0e230b935d3f17f3b2ae2c38a6a6d8f
b9f29063a70a9599a89bcb497d833fc758ad63ba
0c38f4e97078d023aeb69238adae19262e7054147463bfe180b00fa7d85a0b7c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/onair2/components/slick/slick.css?ver=2.3.1 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 04:29:44 GMT
ETag: "6c1-5877b802a5951-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 557
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: text/css
playfmradio.com/wp-content/themes/onair2/components/swipebox/src/css/swipebox.min.css?ver=2.3.1
200.58.110.205200 OK 1.2 kB URL HTTP/1.1 playfmradio.com/wp-content/themes/onair2/components/swipebox/src/css/swipebox.min.css?ver=2.3.1
IP 200.58.110.205:0
File type ASCII text, with very long lines (4308), with no line terminators
Hash d83aedf99d3bdc9fde5de1753c320ba1
e5d7c90b4b921e368ffc6d2cbfae2264b5b4f9fa
bfed8658f870445ed0f6f46340b6047657f8e5fd249f6b1f07c4dac36bf84e7d
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/onair2/components/swipebox/src/css/swipebox.min.css?ver=2.3.1 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 04:31:00 GMT
ETag: "10d4-5877b84b42d5a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1221
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: text/css
playfmradio.com/wp-content/themes/onair2/components/countdown/css/jquery.classycountdown.css?ver=2.3.1
200.58.110.205200 OK 311 B URL HTTP/1.1 playfmradio.com/wp-content/themes/onair2/components/countdown/css/jquery.classycountdown.css?ver=2.3.1
IP 200.58.110.205:0
File type ASCII text, with CRLF line terminators
Hash 9b9c6d8df82669ce83796020788c2c45
3fe814c90c157ad5db096d2018742503638bce87
afb30f14ab078e7f78a18bff64a61756de61348b8366f0dd81581710e0fe73b3
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/onair2/components/countdown/css/jquery.classycountdown.css?ver=2.3.1 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 04:28:57 GMT
ETag: "204-5877b7d5a123c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 311
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: text/css
playfmradio.com/wp-content/themes/onair2/components/soundmanager/templates/qtradio-player/css/flashblock.css?ver=2.3.1
200.58.110.205200 OK 511 B URL HTTP/1.1 playfmradio.com/wp-content/themes/onair2/components/soundmanager/templates/qtradio-player/css/flashblock.css?ver=2.3.1
IP 200.58.110.205:0
File type ASCII text, with CRLF line terminators
Hash 93d06b9b86e7feaa3fefd1eacf77df67
0b16143ad83ac1bbf986d757c2aed6303f710035
9e52ac71205f1704ad789e7d5e919cffc13bec17c600e85af83def55c6c4d194
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/onair2/components/soundmanager/templates/qtradio-player/css/flashblock.css?ver=2.3.1 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 04:30:31 GMT
ETag: "53f-5877b82fe1eea-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 511
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: text/css
playfmradio.com/wp-content/themes/onair2/components/soundmanager/templates/qtradio-player/css/qt-360player-volume.css?ver=2.3.1
200.58.110.205200 OK 2.2 kB URL HTTP/1.1 playfmradio.com/wp-content/themes/onair2/components/soundmanager/templates/qtradio-player/css/qt-360player-volume.css?ver=2.3.1
IP 200.58.110.205:0
Hash 30818be73d550adfeb98e1a75483ad41
51e6743c72ae5959729b7c6ed9b110ff9a6a71d0
eb96afd4921eaff4a68ead119e51f53464096d85081bb36a6bcf3fd2207bd534
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/onair2/components/soundmanager/templates/qtradio-player/css/qt-360player-volume.css?ver=2.3.1 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 04:30:32 GMT
ETag: "2190-5877b8307eaae-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2220
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: text/css
playfmradio.com/wp-content/plugins/ttg-core/inc/backend/kirki/assets/css/kirki-styles.css
200.58.110.205200 OK 0 B URL HTTP/1.1 playfmradio.com/wp-content/plugins/ttg-core/inc/backend/kirki/assets/css/kirki-styles.css
IP 200.58.110.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/ttg-core/inc/backend/kirki/assets/css/kirki-styles.css HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 02:28:53 GMT
ETag: "0-58779cff1ac94"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
Content-Type: text/css
playfmradio.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
200.58.110.205200 OK 4.0 kB URL HTTP/1.1 playfmradio.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 200.58.110.205:0
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 18:02:12 GMT
ETag: "2748-5d27e0e5ce9ed-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4014
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: application/javascript
playfmradio.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.5.0
200.58.110.205200 OK 1.4 kB URL HTTP/1.1 playfmradio.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.5.0
IP 200.58.110.205:0
File type HTML document, ASCII text, with very long lines (566), with CRLF line terminators
Hash 16d47ec5e87fe75cab115fe4e2b90df1
e75774f529c31adeb1c96ce614e5cb58623d52dd
c0cda9c2049423330c8ae2fd7e144b558855d50a7ba92c06b967f76cc64f67d2
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.5.0 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Last-Modified: Tue, 30 Nov 2021 00:21:35 GMT
ETag: "bc3-5d1f68a435ea6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1375
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: application/javascript
playfmradio.com/wp-content/themes/onair2/components/soundmanager/templates/qtradio-player/css/flashblock.css
200.58.110.205200 OK 511 B URL HTTP/1.1 playfmradio.com/wp-content/themes/onair2/components/soundmanager/templates/qtradio-player/css/flashblock.css
IP 200.58.110.205:0
File type ASCII text, with CRLF line terminators
Hash 93d06b9b86e7feaa3fefd1eacf77df67
0b16143ad83ac1bbf986d757c2aed6303f710035
9e52ac71205f1704ad789e7d5e919cffc13bec17c600e85af83def55c6c4d194
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/onair2/components/soundmanager/templates/qtradio-player/css/flashblock.css HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/wp-content/themes/onair2/components/soundmanager/templates/qtradio-player/css/qt-360player-volume.css?ver=2.3.1
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 27 Apr 2019 04:30:31 GMT
ETag: "53f-5877b82fe1eea-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 511
Keep-Alive: timeout=10, max=200
Content-Type: text/css
playfmradio.com/wp-content/themes/onair2/css/qt-main.css?ver=2.3.1
200.58.110.205200 OK 26 kB URL HTTP/1.1 playfmradio.com/wp-content/themes/onair2/css/qt-main.css?ver=2.3.1
IP 200.58.110.205:0
File type ASCII text, with very long lines (64878)
Hash 36e6969fc9465ed203e986c14c9b37a2
d815a1062a2369c4f9b848deb24fddcc806da4df
4b63540c558424d6f94d7941510a1b0a1f71ae198546835f2b14d8ea15e5678a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/onair2/css/qt-main.css?ver=2.3.1 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 04:31:07 GMT
ETag: "274e4-5877b852015d5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 25880
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: text/css
playfmradio.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
200.58.110.205200 OK 34 kB URL HTTP/1.1 playfmradio.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 200.58.110.205:0
File type ASCII text, with very long lines (31997)
Hash acf54950dfb2d6981e941d733b377591
340de686aecd9e6246a32c71e7de63ed69229ceb
d97f66caea5260bc71609f0da43ac0d937ecc09253910e5dda4c9fe4dbde20fc
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 18:02:13 GMT
ETag: "17a69-5d27e0e68fbbe-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 33776
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: application/javascript
playfmradio.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3
200.58.110.205200 OK 972 B URL HTTP/1.1 playfmradio.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3
IP 200.58.110.205:0
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Last-Modified: Tue, 30 Nov 2021 00:20:59 GMT
ETag: "aab-5d1f68826d0f6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 972
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive
Content-Type: text/css
playfmradio.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.17
200.58.110.205200 OK 4.8 kB URL HTTP/1.1 playfmradio.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.17
IP 200.58.110.205:0
File type ASCII text, with very long lines (29271), with no line terminators
Hash dd7c1726a47a6a643915b33ff7d58ff1
af1eebb836aa766817ed21c3e35d2a3eb3e1aaba
d45cf6975f3b7ec4e2f867d0e6f718b8950a0245132bda965240d0d49c7a2c65
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.2.17 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 18:01:14 GMT
ETag: "7257-5d27e0af1ef9e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4788
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
Content-Type: text/css
playfmradio.com/wp-content/plugins/qt-ajax-pageload/qt-apl-style.css?ver=5.2.17
200.58.110.205200 OK 378 B URL HTTP/1.1 playfmradio.com/wp-content/plugins/qt-ajax-pageload/qt-apl-style.css?ver=5.2.17
IP 200.58.110.205:0
Hash a094aa2111f46533bb9a526b4abdd16e
82f4c8f39703c173e2c17c5b03e3d33031f39c50
676dcc9df7ad4a92da6950212b630ee416d7e9f6a382571b440aaed3e298beb7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/qt-ajax-pageload/qt-apl-style.css?ver=5.2.17 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 02:18:59 GMT
ETag: "4e9-58779ac91faf1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 378
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
Content-Type: text/css
playfmradio.com/wp-content/plugins/qt-places/inc/frontend/assets/styles.css?ver=5.2.17
200.58.110.205200 OK 2.6 kB URL HTTP/1.1 playfmradio.com/wp-content/plugins/qt-places/inc/frontend/assets/styles.css?ver=5.2.17
IP 200.58.110.205:0
Hash 4be5c2880d9d908b4d335896394a764a
07bcf778219420bb361bcb588151fadcb6c3ce4e
e3672b6f352721cfdbe168ebe8cf1a2928a6ddfe929667b1e620995d6fbc14ab
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/qt-places/inc/frontend/assets/styles.css?ver=5.2.17 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 02:21:26 GMT
ETag: "3d69-58779b54f26ac-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2640
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: text/css
playfmradio.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.4.5
200.58.110.205200 OK 45 kB URL HTTP/1.1 playfmradio.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.4.5
IP 200.58.110.205:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 29368eed220e9313fb3d3dcdcf9b78ae
936fbea6e2afe5bd013adeed18c3dbccdf1ff441
e2bee47830e040ccdb71fedbe019d9487985fac8fb3e1db2d9f2b7118b182fb3
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.4.5 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 27 Apr 2019 00:46:38 GMT
ETag: "70d6e-58778624a4655-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 44917
Keep-Alive: timeout=10, max=200
Content-Type: text/css
playfmradio.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.0.0
200.58.110.205200 OK 33 kB URL HTTP/1.1 playfmradio.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.0.0
IP 200.58.110.205:0
File type Unicode text, UTF-8 text, with very long lines (31984), with LF, NEL line terminators
Hash a674b30ef254c3111c2177f689486671
9e34db91ba98ee06705064808190bf71af9c464f
9e912b013a34e67f48036330b85eecef4a1cfcfeca558888aa67ebb58d51768f
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.0.0 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 18:02:09 GMT
ETag: "177c1-5d27e0e2b951e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 32867
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
Content-Type: application/javascript
playfmradio.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.3
200.58.110.205200 OK 3.8 kB URL HTTP/1.1 playfmradio.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.3
IP 200.58.110.205:0
File type HTML document, ASCII text, with very long lines (11862), with no line terminators
Hash b0f435d6d85c051ac88e7f6a9c74e54c
adaceb8d3aebbddaabc3682d15cee190001026c9
be851f49d88d7b1b7c276710608c0663600a36d968af0011ae68f7c766213abb
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.3 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Last-Modified: Tue, 30 Nov 2021 00:21:00 GMT
ETag: "2e56-5d1f688285b7d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3767
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive
Content-Type: application/javascript
playfmradio.com/wp-includes/js/imagesloaded.min.js?ver=3.2.0
200.58.110.205200 OK 2.6 kB URL HTTP/1.1 playfmradio.com/wp-includes/js/imagesloaded.min.js?ver=3.2.0
IP 200.58.110.205:0
File type ASCII text, with very long lines (7996)
Hash 38b694df325f3d381d4d839d33cfb59c
82c4d20653dc93197b17e84a7b1274dac4f49588
e220e69ff51b9e853e6206a7d3204c8129e175141f5dd4e93e67a72fefdaa3b5
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/imagesloaded.min.js?ver=3.2.0 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 18:02:10 GMT
ETag: "1fb1-5d27e0e40ceab-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2551
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive
Content-Type: application/javascript
playfmradio.com/wp-includes/js/masonry.min.js?ver=3.3.2
200.58.110.205200 OK 8.5 kB URL HTTP/1.1 playfmradio.com/wp-includes/js/masonry.min.js?ver=3.3.2
IP 200.58.110.205:0
File type ASCII text, with very long lines (28817)
Hash e76ffbc29190aeddad010bc434d36230
5d0ca611203c41695823f1e05786eea71d7bb424
0c92502affb7302571dbf04db8aea83dace8c130dadfcbeed169f406e4c42f28
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-includes/js/masonry.min.js?ver=3.3.2 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 18:02:19 GMT
ETag: "7119-5d27e0ecc590a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8524
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive
Content-Type: application/javascript
playfmradio.com/wp-content/themes/onair2/js/modernizr-2.8.3-respond-1.4.2.min.js?ver=2.8.3
200.58.110.205200 OK 8.2 kB URL HTTP/1.1 playfmradio.com/wp-content/themes/onair2/js/modernizr-2.8.3-respond-1.4.2.min.js?ver=2.8.3
IP 200.58.110.205:0
File type HTML document, ASCII text, with very long lines (14856)
Hash 09a0d517f39c5f8de2f972d0f3d63227
10e81631c072c4fe540d0b8a415e8e6d316d90ce
337f3463f65fc67003b1f7299e81adf61d1cc4bdb556ac474278547c600eca33
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/onair2/js/modernizr-2.8.3-respond-1.4.2.min.js?ver=2.8.3 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:49 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 04:32:54 GMT
ETag: "4e8a-5877b8b7e885f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8179
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://playfmradio.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 216309
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://playfmradio.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:56 GMT
expires: Thu, 07 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 41034
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Hash 3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://playfmradio.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 15:42:33 GMT
expires: Wed, 06 Dec 2023 15:42:33 GMT
cache-control: public, max-age=31536000
age: 141317
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
playfmradio.com/wp-content/plugins/qt-ajax-pageload/js/min/qt-ajax-pageload-min.js?ver=1.0
200.58.110.205200 OK 1.4 kB URL HTTP/1.1 playfmradio.com/wp-content/plugins/qt-ajax-pageload/js/min/qt-ajax-pageload-min.js?ver=1.0
IP 200.58.110.205:0
File type HTML document, ASCII text, with very long lines (3668), with no line terminators
Hash 2426a321bdd90624104dc0b36f6879c5
3458ccdaff042f196af1c703dc613d93955c008a
ff9425ab6e2a906706c338cdcf61a582f6557f4969979994e61795863979b816
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/qt-ajax-pageload/js/min/qt-ajax-pageload-min.js?ver=1.0 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:50 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 02:18:51 GMT
ETag: "e54-58779ac14d47d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1358
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive
Content-Type: application/javascript
playfmradio.com/wp-content/plugins/qt-loveit/js/qt-loveit.js?ver=1.0
200.58.110.205200 OK 473 B URL HTTP/1.1 playfmradio.com/wp-content/plugins/qt-loveit/js/qt-loveit.js?ver=1.0
IP 200.58.110.205:0
Hash 81ac4563bccf50b9bfe33d6edb7c66fc
793c721b5369912c7065fc4b7fbde5e06d4abd8b
b13f4c62fa7588d9ad5e7a89b4462d5a8954d56bdc30f847ff823e104b23e340
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/qt-loveit/js/qt-loveit.js?ver=1.0 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:50 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 02:19:40 GMT
ETag: "41a-58779af084b2c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 473
Keep-Alive: timeout=10, max=194
Connection: Keep-Alive
Content-Type: application/javascript
playfmradio.com/wp-content/plugins/qt-places/inc/frontend/assets/min/script-min.js?ver=5.2.17
200.58.110.205200 OK 4.4 kB URL HTTP/1.1 playfmradio.com/wp-content/plugins/qt-places/inc/frontend/assets/min/script-min.js?ver=5.2.17
IP 200.58.110.205:0
File type ASCII text, with very long lines (17402), with no line terminators
Hash 245760675bb0d496255bd1f8de6d3c76
a9e1032aeb25e5255a128bca646fc0441baacd1a
6cc726d10af8921ba371c64378af93cad8a85ce2e070379144bcebac0809e59a
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/qt-places/inc/frontend/assets/min/script-min.js?ver=5.2.17 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:50 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 02:21:22 GMT
ETag: "43fa-58779b51b93cc-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4398
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive
Content-Type: application/javascript
playfmradio.com/wp-content/plugins/qt-swipebox/swipebox/js/jquery.swipebox.min.js?ver=5.2.17
200.58.110.205200 OK 4.2 kB URL HTTP/1.1 playfmradio.com/wp-content/plugins/qt-swipebox/swipebox/js/jquery.swipebox.min.js?ver=5.2.17
IP 200.58.110.205:0
File type ASCII text, with very long lines (12834)
Hash 4e90fb9390a7e6b548bf5d0b8deab729
783c8dce16227b1c1400d97172504b1a6e76ac72
df76bd053deac4f3f3e9209aed317a1e5dc029b8c6a3ae8a86770a66cc243e04
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/qt-swipebox/swipebox/js/jquery.swipebox.min.js?ver=5.2.17 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:50 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 02:22:05 GMT
ETag: "3475-58779b7aacae7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4163
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive
Content-Type: application/javascript
playfmradio.com/wp-content/plugins/qt-videogalleries/assets/jquery.quicksand.js?ver=1.0.0
200.58.110.205200 OK 4.5 kB URL HTTP/1.1 playfmradio.com/wp-content/plugins/qt-videogalleries/assets/jquery.quicksand.js?ver=1.0.0
IP 200.58.110.205:0
Hash aed79da2a0e599de8500db788ed08ed6
45507fe70cfe38c2064850a676c77510430104b7
3b635aaa8cb682506cf5004f3be67bf4fa621f8e0ae4063010eff3356ca768d9
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/qt-videogalleries/assets/jquery.quicksand.js?ver=1.0.0 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:50 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 02:22:24 GMT
ETag: "4a8f-58779b8c169ad-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4475
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive
Content-Type: application/javascript
playfmradio.com/wp-content/themes/onair2/js/min/qt-main-min.js?ver=2.3.1
200.58.110.205200 OK 100 kB URL HTTP/1.1 playfmradio.com/wp-content/themes/onair2/js/min/qt-main-min.js?ver=2.3.1
IP 200.58.110.205:0
File type ASCII text, with very long lines (32060), with CRLF, LF line terminators
Hash 76c493b9145e75dae9108a1b0f84154d
6be1d2273de14c0d8e4c9bca23beb1e259a723c5
117793059fc57725a2f2b881db3753c40a35a9a90d6d70fd8fe542f5cf487d5a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/onair2/js/min/qt-main-min.js?ver=2.3.1 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:50 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 04:32:49 GMT
ETag: "59f6f-5877b8b2b01f6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
playfmradio.com/wp-content/plugins/qt-videogalleries/assets/jquery.easing.1.3.js?ver=1.0.0
200.58.110.205200 OK 2.0 kB URL HTTP/1.1 playfmradio.com/wp-content/plugins/qt-videogalleries/assets/jquery.easing.1.3.js?ver=1.0.0
IP 200.58.110.205:0
Hash a6759141afcbcf0a161171becbdb51f3
77e91d639ecf18d8bb76e4f40e3d53fe2b11f787
3299718703ddc77d79ca733312395b64bf49932ea9687cf40f48c88af1d78bf8
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/qt-videogalleries/assets/jquery.easing.1.3.js?ver=1.0.0 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:50 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 02:22:23 GMT
ETag: "1fa1-58779b8b2e2ff-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1986
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive
Content-Type: application/javascript
playfmradio.com/wp-content/plugins/qt-videogalleries/assets/jquery-css-transform.js?ver=1.0.0
200.58.110.205200 OK 1.4 kB URL HTTP/1.1 playfmradio.com/wp-content/plugins/qt-videogalleries/assets/jquery-css-transform.js?ver=1.0.0
IP 200.58.110.205:0
Hash 7d45bf2f16c67ce78416e70330dcfdca
2ca77446447d7f69adcaa2f838e50755156a5465
2205a5ed9b32d63d2829fd5e32ae2f6bf4c492fc74df54262038ecf3e7149bca
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/qt-videogalleries/assets/jquery-css-transform.js?ver=1.0.0 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:50 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 02:22:21 GMT
ETag: "100e-58779b8a26853-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1436
Keep-Alive: timeout=10, max=194
Connection: Keep-Alive
Content-Type: application/javascript
playfmradio.com/wp-content/plugins/qt-videogalleries/assets/jquery-animate-css-rotate-scale.js?ver=1.0.0
200.58.110.205200 OK 1.7 kB URL HTTP/1.1 playfmradio.com/wp-content/plugins/qt-videogalleries/assets/jquery-animate-css-rotate-scale.js?ver=1.0.0
IP 200.58.110.205:0
File type ASCII text, with very long lines (945)
Hash 2d741dec4b36b328f1bed2b4fc717123
a9fea41e722d4b967b9f24c40ee72bc74d00fc7a
56905cef3edc21e3dbfe6984154c1d478a2f84633b4f032dc0f8d1a2223d62a8
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/qt-videogalleries/assets/jquery-animate-css-rotate-scale.js?ver=1.0.0 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:50 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 02:22:21 GMT
ETag: "1271-58779b8959723-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1734
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive
Content-Type: application/javascript
playfmradio.com/wp-content/themes/onair2/fonts/dripicons/fonts/dripicons-v2.woff
200.58.110.205200 OK 26 kB URL HTTP/1.1 playfmradio.com/wp-content/themes/onair2/fonts/dripicons/fonts/dripicons-v2.woff
IP 200.58.110.205:0
File type Web Open Font Format, CFF, length 26004, version 1.0\012- data
Hash 11fc83ae11617015f2fcde2065fb34d3
1574a666ba4633923d4a0f22cf1daa04455a6079
e87a09cef1a17d8c6a5a1b542521889f2f409262589d8d4fb1d9112c9e144bfb
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/onair2/fonts/dripicons/fonts/dripicons-v2.woff HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://playfmradio.com/wp-content/themes/onair2/fonts/dripicons/webfont.css?ver=2.3.1
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:50 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 27 Apr 2019 04:31:15 GMT
ETag: "6594-5877b859c3695"
Accept-Ranges: bytes
Content-Length: 26004
Keep-Alive: timeout=10, max=200
Content-Type: application/x-font-woff
playfmradio.com/wp-content/plugins/qt-videogalleries/assets/vdl-main.js?ver=1.0.0
200.58.110.205200 OK 1.4 kB URL HTTP/1.1 playfmradio.com/wp-content/plugins/qt-videogalleries/assets/vdl-main.js?ver=1.0.0
IP 200.58.110.205:0
Hash a7b608c818107aaa739d6486297f4820
738f09accbe93d4a44b0df8c68ed13585b999ac3
84de50dd6f6d5b5cb3e594328d68f9f52becbaf09867ad567dbc2c57e4795b79
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/qt-videogalleries/assets/vdl-main.js?ver=1.0.0 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:50 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 02:22:42 GMT
ETag: "f0b-58779b9da71a0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1428
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: application/javascript
playfmradio.com/wp-includes/js/wp-embed.min.js?ver=5.2.17
200.58.110.205200 OK 739 B URL HTTP/1.1 playfmradio.com/wp-includes/js/wp-embed.min.js?ver=5.2.17
IP 200.58.110.205:0
File type ASCII text, with very long lines (1391), with no line terminators
Hash 60d8829560031a011771efa2f39708af
a4689c3b70f773deb896eec78028e0902ef15097
a0176bd4cc53bd2e920b0dfd10f56d2a4a3820d671539414ef4b3e2b3e50b9b7
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-includes/js/wp-embed.min.js?ver=5.2.17 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:50 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 18:02:50 GMT
ETag: "56f-5d27e10a97899-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 739
Keep-Alive: timeout=10, max=194
Connection: Keep-Alive
Content-Type: application/javascript
playfmradio.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.4.5
200.58.110.205200 OK 5.7 kB URL HTTP/1.1 playfmradio.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.4.5
IP 200.58.110.205:0
File type ASCII text, with very long lines (19781), with no line terminators
Hash 71d4a975deba5e39fd33961e72ca819b
42a59c27b10a93488444d23b36c3907341ff0c52
6740f99dcf4d84c7867b015dd5238c7feeb02ff64dc12619e61f7adeecbc5fb0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.4.5 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:50 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 01:09:14 GMT
ETag: "4d45-58778b321bd63-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5712
Keep-Alive: timeout=10, max=193
Connection: Keep-Alive
Content-Type: application/javascript
playfmradio.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=2.9.7
200.58.110.205200 OK 7.4 kB URL HTTP/1.1 playfmradio.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=2.9.7
IP 200.58.110.205:0
File type ASCII text, with very long lines (26472), with no line terminators
Hash 005047ebd6ae0819529761f6206c1f84
03cbe43b976f88a932367e0f9b8d4ffaa1e5c9cf
f756acae9903b0ca4ee95af04f38feedf021f25f2d9203ac4a782030be78e4a8
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=2.9.7 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:50 GMT
Server: Apache
Last-Modified: Tue, 30 Nov 2021 00:21:29 GMT
ETag: "6768-5d1f689e963ae-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7371
Keep-Alive: timeout=10, max=194
Connection: Keep-Alive
Content-Type: application/javascript
playfmradio.com/wp-content/themes/onair2/fonts/qticons/qticons.woff
200.58.110.205200 OK 24 kB URL HTTP/1.1 playfmradio.com/wp-content/themes/onair2/fonts/qticons/qticons.woff
IP 200.58.110.205:0
File type Web Open Font Format, CFF, length 23980, version 1.0\012- data
Hash 2715b6d31abf2fdac8eab6466d8aa5ba
2c72822f216c334f86125fab7ecb8d107004636c
736c5e5287342c7e28a9a38111d53b38b37e4ad9457622770467c6da5c2018bd
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/onair2/fonts/qticons/qticons.woff HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://playfmradio.com/wp-content/themes/onair2/fonts/qticons/qticons.css?ver=2.3.1
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:50 GMT
Server: Apache
Last-Modified: Sat, 27 Apr 2019 04:31:41 GMT
ETag: "5dac-5877b871c6c1e"
Accept-Ranges: bytes
Content-Length: 23980
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: application/x-font-woff
playfmradio.com/wp-content/uploads/2019/04/logo-app-170x170.png
200.58.110.205200 OK 7.9 kB URL HTTP/1.1 playfmradio.com/wp-content/uploads/2019/04/logo-app-170x170.png
IP 200.58.110.205:0
File type PNG image data, 170 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 795a5c8f2a0a89f9c31c9cff29a833eb
1f879ba5b8080542b5ab518af6383eb5e905b5a6
b8894dc0165e70ca6f1db782b2abefb6f6e197a3044dae09b50b6f90ae2a6295
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2019/04/logo-app-170x170.png HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:50 GMT
Server: Apache
Last-Modified: Fri, 27 Dec 2019 17:39:38 GMT
ETag: "1edf-59ab2fa5e3637"
Accept-Ranges: bytes
Content-Length: 7903
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
Content-Type: image/png
playfmradio.com/wp-content/uploads/2021/04/Recurso-2@2x.png
200.58.110.205200 OK 27 kB URL HTTP/1.1 playfmradio.com/wp-content/uploads/2021/04/Recurso-2@2x.png
IP 200.58.110.205:0
File type PNG image data, 1125 x 562, 8-bit/color RGBA, non-interlaced\012- data
Hash 7b8be43bf22ddad969cc7fdedb758cdb
1daea62b188d1551b57e071356e80bfed7f89bb1
8193c81ce7b6134438b2641753afd7efc95c10729289cd2f7d0ea125b1725a3a
GET /wp-content/uploads/2021/04/Recurso-2@2x.png HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:50 GMT
Server: Apache
Last-Modified: Mon, 19 Apr 2021 19:11:00 GMT
ETag: "6826-5c0581712eb53"
Accept-Ranges: bytes
Content-Length: 26662
Keep-Alive: timeout=10, max=193
Connection: Keep-Alive
Content-Type: image/png
playfmradio.com/wp-content/uploads/wordpress-popular-posts/10861-featured-30x30.jpg
200.58.110.205200 OK 705 B URL HTTP/1.1 playfmradio.com/wp-content/uploads/wordpress-popular-posts/10861-featured-30x30.jpg
IP 200.58.110.205:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 30x30, components 3\012- data
Hash 7c77f4cfd16379a63567487f9616465d
fb6aaae1b3555068cc9e4bcf0b0180c75fc66580
96da247abd338b0221ca958c9dc5b805eb1734f67140a5c66c64997c239753f8
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/wordpress-popular-posts/10861-featured-30x30.jpg HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:50 GMT
Server: Apache
Last-Modified: Thu, 21 Nov 2019 04:59:27 GMT
ETag: "2c1-597d4296ee9d8"
Accept-Ranges: bytes
Content-Length: 705
Keep-Alive: timeout=10, max=192
Connection: Keep-Alive
Content-Type: image/jpeg
playfmradio.com/wp-content/uploads/wordpress-popular-posts/12599-featured-30x30.jpg
200.58.110.205200 OK 603 B URL HTTP/1.1 playfmradio.com/wp-content/uploads/wordpress-popular-posts/12599-featured-30x30.jpg
IP 200.58.110.205:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 30x30, components 3\012- data
Hash ae60f1eaab8352d0ec2a293dd7b30c14
1c4b06dc424fd286d7d76918ae1b6e1f9bb17108
915bbaafd73ce43fe4647ce3a7f66083d1acc7e31189d51f024b1450b0fc4385
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/wordpress-popular-posts/12599-featured-30x30.jpg HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:50 GMT
Server: Apache
Last-Modified: Fri, 24 Jan 2020 19:40:28 GMT
ETag: "25b-59ce7ee0f01ef"
Accept-Ranges: bytes
Content-Length: 603
Keep-Alive: timeout=10, max=193
Connection: Keep-Alive
Content-Type: image/jpeg
www.youtube.com/embed/0eKmO2U-HyE?html5=1
216.58.207.206301 Moved Permanently 0 B URL HTTP/1.1 www.youtube.com/embed/0eKmO2U-HyE?html5=1
IP 216.58.207.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/0eKmO2U-HyE?html5=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 08 Dec 2022 06:57:51 GMT
Location: https://www.youtube.com/embed/0eKmO2U-HyE?html5=1
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/Hc_kwCGNhn0?html5=1
216.58.207.206301 Moved Permanently 0 B URL HTTP/1.1 www.youtube.com/embed/Hc_kwCGNhn0?html5=1
IP 216.58.207.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/Hc_kwCGNhn0?html5=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 08 Dec 2022 06:57:51 GMT
Location: https://www.youtube.com/embed/Hc_kwCGNhn0?html5=1
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/LBBtSzBSzzo?html5=1
216.58.207.206301 Moved Permanently 0 B URL HTTP/1.1 www.youtube.com/embed/LBBtSzBSzzo?html5=1
IP 216.58.207.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/LBBtSzBSzzo?html5=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 08 Dec 2022 06:57:51 GMT
Location: https://www.youtube.com/embed/LBBtSzBSzzo?html5=1
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
playfmradio.com/wp-content/uploads/wordpress-popular-posts/10210-featured-30x30.jpg
200.58.110.205200 OK 763 B URL HTTP/1.1 playfmradio.com/wp-content/uploads/wordpress-popular-posts/10210-featured-30x30.jpg
IP 200.58.110.205:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 30x30, components 3\012- data
Hash e4887cc14976ddc140617e2969fc47c8
e1b8d0f36f812ac5295fd83a4f95554d65638172
72c22ed365d5957b3edc274c63eb1f02e7a3fdcf56039a6097ffd67aeda24349
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/wordpress-popular-posts/10210-featured-30x30.jpg HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:51 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 04:53:42 GMT
ETag: "2fb-58b0514be317a"
Accept-Ranges: bytes
Content-Length: 763
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: image/jpeg
www.youtube.com/embed/4VaqA-5aQTM?html5=1
216.58.207.206301 Moved Permanently 0 B URL HTTP/1.1 www.youtube.com/embed/4VaqA-5aQTM?html5=1
IP 216.58.207.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/4VaqA-5aQTM?html5=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 08 Dec 2022 06:57:51 GMT
Location: https://www.youtube.com/embed/4VaqA-5aQTM?html5=1
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/Th8w0u_bV6w?html5=1
216.58.207.206301 Moved Permanently 0 B URL HTTP/1.1 www.youtube.com/embed/Th8w0u_bV6w?html5=1
IP 216.58.207.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/Th8w0u_bV6w?html5=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 08 Dec 2022 06:57:51 GMT
Location: https://www.youtube.com/embed/Th8w0u_bV6w?html5=1
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
playfmradio.com/wp-content/uploads/wordpress-popular-posts/13649-featured-30x30.jpeg
200.58.110.205200 OK 698 B URL HTTP/1.1 playfmradio.com/wp-content/uploads/wordpress-popular-posts/13649-featured-30x30.jpeg
IP 200.58.110.205:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 30x30, components 3\012- data
Hash d52f2c15f3d64357b1828b1fdbbfc792
ea0265706d14f423c79bad54c5dfa2a43e788627
166f0d383e98cb87dda527de6c1f76c2f3850ec98d540d8acfc68bf1049fe883
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/uploads/wordpress-popular-posts/13649-featured-30x30.jpeg HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:51 GMT
Server: Apache
Last-Modified: Tue, 17 Nov 2020 01:56:10 GMT
ETag: "2ba-5b443cc7d26ae"
Accept-Ranges: bytes
Content-Length: 698
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive
Content-Type: image/jpeg
www.youtube.com/embed/pbvTRkDSTPQ?html5=1
216.58.207.206301 Moved Permanently 0 B URL HTTP/1.1 www.youtube.com/embed/pbvTRkDSTPQ?html5=1
IP 216.58.207.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/pbvTRkDSTPQ?html5=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 08 Dec 2022 06:57:51 GMT
Location: https://www.youtube.com/embed/pbvTRkDSTPQ?html5=1
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/SuU0999Seaw?html5=1
216.58.207.206301 Moved Permanently 0 B URL HTTP/1.1 www.youtube.com/embed/SuU0999Seaw?html5=1
IP 216.58.207.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/SuU0999Seaw?html5=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 08 Dec 2022 06:57:51 GMT
Location: https://www.youtube.com/embed/SuU0999Seaw?html5=1
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
playfmradio.com/wp-content/uploads/wordpress-popular-posts/596-featured-30x30.jpg
200.58.110.205200 OK 1.1 kB URL HTTP/1.1 playfmradio.com/wp-content/uploads/wordpress-popular-posts/596-featured-30x30.jpg
IP 200.58.110.205:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 30x30, components 3\012- data
Hash 22a0f09863a09eb74349f0c70bcb46e0
90b7f66a79dca071e1b54c0991a42faccccf6c4d
dfd97f19a1c0db31e10697fbdf9fcf4ba53b28dfbe50e0d3615e897819d68268
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/wordpress-popular-posts/596-featured-30x30.jpg HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:51 GMT
Server: Apache
Last-Modified: Fri, 25 Oct 2019 07:20:44 GMT
ETag: "465-595b6fd030293"
Accept-Ranges: bytes
Content-Length: 1125
Keep-Alive: timeout=10, max=192
Connection: Keep-Alive
Content-Type: image/jpeg
www.youtube.com/embed/cHsKzdyXDH0?html5=1
216.58.207.206301 Moved Permanently 0 B URL HTTP/1.1 www.youtube.com/embed/cHsKzdyXDH0?html5=1
IP 216.58.207.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/cHsKzdyXDH0?html5=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 08 Dec 2022 06:57:51 GMT
Location: https://www.youtube.com/embed/cHsKzdyXDH0?html5=1
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
playfmradio.com/wp-content/uploads/2022/08/WhatsApp-Image-2022-08-01-at-9.54.49-AM-225x300.jpeg
200.58.110.205200 OK 12 kB URL HTTP/1.1 playfmradio.com/wp-content/uploads/2022/08/WhatsApp-Image-2022-08-01-at-9.54.49-AM-225x300.jpeg
IP 200.58.110.205:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x300, components 3\012- data
Hash 4ee52bdcb2427e735781ee59f02da00f
0411db8fc6d87f43adf85cd1c387d6b933174b60
3ebb267797c7b08461381cbf0201754ae1cbf8ee199a820f6b270283de07b442
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/uploads/2022/08/WhatsApp-Image-2022-08-01-at-9.54.49-AM-225x300.jpeg HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:51 GMT
Server: Apache
Last-Modified: Mon, 01 Aug 2022 13:04:08 GMT
ETag: "2e92-5e52da2a08c78"
Accept-Ranges: bytes
Content-Length: 11922
Keep-Alive: timeout=10, max=193
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b9083cdf8a3f174763927ae3e9ca3934
1d1ca843e0517b384f693ff52b55fcafc48f9ee7
0f42326e84100eb58e3ac1d2eb5e21f7f0ba3502ddea7f607627a465cc234801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:57:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/pHklWLaED60?html5=1
216.58.207.206301 Moved Permanently 0 B URL HTTP/1.1 www.youtube.com/embed/pHklWLaED60?html5=1
IP 216.58.207.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/pHklWLaED60?html5=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 08 Dec 2022 06:57:51 GMT
Location: https://www.youtube.com/embed/pHklWLaED60?html5=1
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b9083cdf8a3f174763927ae3e9ca3934
1d1ca843e0517b384f693ff52b55fcafc48f9ee7
0f42326e84100eb58e3ac1d2eb5e21f7f0ba3502ddea7f607627a465cc234801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:57:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
playfmradio.com/wp-content/uploads/2019/12/fondo-web.jpg?id=12465
200.58.110.205200 OK 330 kB URL HTTP/1.1 playfmradio.com/wp-content/uploads/2019/12/fondo-web.jpg?id=12465
IP 200.58.110.205:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1920, components 3\012- data
Size 330 kB (330449 bytes)
Hash cb89e8550076a9a432c598d66c36cf49
e9e7ef088532008fc3f0bfe607067301038290ec
344c0167f89033128ad1cdda7d540958e278f052c165b1b788b0debfc91b705b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2019/12/fondo-web.jpg?id=12465 HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:50 GMT
Server: Apache
Last-Modified: Fri, 27 Dec 2019 17:42:30 GMT
ETag: "50ad1-59ab304942fc5"
Accept-Ranges: bytes
Content-Length: 330449
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b9083cdf8a3f174763927ae3e9ca3934
1d1ca843e0517b384f693ff52b55fcafc48f9ee7
0f42326e84100eb58e3ac1d2eb5e21f7f0ba3502ddea7f607627a465cc234801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:57:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b9083cdf8a3f174763927ae3e9ca3934
1d1ca843e0517b384f693ff52b55fcafc48f9ee7
0f42326e84100eb58e3ac1d2eb5e21f7f0ba3502ddea7f607627a465cc234801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:57:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b9083cdf8a3f174763927ae3e9ca3934
1d1ca843e0517b384f693ff52b55fcafc48f9ee7
0f42326e84100eb58e3ac1d2eb5e21f7f0ba3502ddea7f607627a465cc234801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:57:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
playfmradio.com/wp-content/uploads/2019/04/506-170x170.jpg
200.58.110.205200 OK 6.5 kB URL HTTP/1.1 playfmradio.com/wp-content/uploads/2019/04/506-170x170.jpg
IP 200.58.110.205:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 170x170, components 3\012- data
Hash 7c595f0eb77b529045f73cd44b5597b6
ba50105527cccbac3122b5ee1743a6a8b04b53d8
608d8e67b78c946059fa2ee73da13343462c9c68b703b5def46973a910303717
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2019/04/506-170x170.jpg HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:51 GMT
Server: Apache
Last-Modified: Wed, 12 Oct 2022 13:51:25 GMT
ETag: "1936-5ead6b0565db0"
Accept-Ranges: bytes
Content-Length: 6454
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive
Content-Type: image/jpeg
www.youtube.com/embed/Hc_kwCGNhn0?html5=1
216.58.207.206200 OK 79 kB URL HTTP/2 www.youtube.com/embed/Hc_kwCGNhn0?html5=1
IP 216.58.207.206:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash 8c048ab33672bc990479030b1e7a2e84
5731d90835d81bbfe58b0b78171751dec8cfb063
78658f1f92fff4a86123808827acdfc4a073caabe5f6897e3764e4bb0d62e350
GET /embed/Hc_kwCGNhn0?html5=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://playfmradio.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Dec 2022 06:57:51 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=nAdk2CnfPh8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=_pqCrTCyeXA; Domain=.youtube.com; Expires=Tue, 06-Jun-2023 06:57:51 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+661; expires=Sat, 07-Dec-2024 06:57:51 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
playfmradio.com/wp-content/uploads/2021/11/400x300-1.gif
200.58.110.205200 OK 41 kB URL HTTP/1.1 playfmradio.com/wp-content/uploads/2021/11/400x300-1.gif
IP 200.58.110.205:0
File type GIF image data, version 89a, 400 x 300\012- data
Hash 3537c6ef79ed4438719f7510e50dd644
e1a802d01e2a937e68270449bd05c9b75ddfc262
a9e52de154223ca7a962da4933d9bd288aa4120ea7710f74e73b27cf2531b7ea
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/11/400x300-1.gif HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:51 GMT
Server: Apache
Last-Modified: Mon, 01 Nov 2021 18:17:49 GMT
ETag: "a1ab-5cfbe31c398cd"
Accept-Ranges: bytes
Content-Length: 41387
Keep-Alive: timeout=10, max=191
Connection: Keep-Alive
Content-Type: image/gif
www.youtube.com/embed/Th8w0u_bV6w?html5=1
216.58.207.206200 OK 30 kB URL HTTP/2 www.youtube.com/embed/Th8w0u_bV6w?html5=1
IP 216.58.207.206:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash 48757286270ce5f52cef4ada9a918d16
648ede49767bbf940dc4d666c3b9398b219548b6
8c28a70f6ffddcd2da5532d60021979db3e1f0411d69e3b87a0f23a43da7984b
GET /embed/Th8w0u_bV6w?html5=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://playfmradio.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Dec 2022 06:57:51 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=WBmre2pGZVw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=ltrjnhgHkLU; Domain=.youtube.com; Expires=Tue, 06-Jun-2023 06:57:51 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+439; expires=Sat, 07-Dec-2024 06:57:51 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
playfmradio.com/wp-content/uploads/2021/02/vys-amoblamientos.jpg
200.58.110.205200 OK 38 kB URL HTTP/1.1 playfmradio.com/wp-content/uploads/2021/02/vys-amoblamientos.jpg
IP 200.58.110.205:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop CS6 (Windows), datetime=2021:02:13 18:31:49], progressive, precision 8, 283x283, components 3\012- data
Hash e7f6b43f297b2fefa5152c8b08acdc5e
6428d1a37399e816e13fcbd7c80b78d252d2d160
64c18baef4ad2bedef0ed567844af89ea217e657d3d7d0161ed1c82946d1222a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/02/vys-amoblamientos.jpg HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:51 GMT
Server: Apache
Last-Modified: Sat, 13 Feb 2021 21:32:20 GMT
ETag: "92f7-5bb3e7cd1b66d"
Accept-Ranges: bytes
Content-Length: 37623
Keep-Alive: timeout=10, max=191
Connection: Keep-Alive
Content-Type: image/jpeg
www.youtube.com/embed/SuU0999Seaw?html5=1
216.58.207.206200 OK 622 kB URL HTTP/2 www.youtube.com/embed/SuU0999Seaw?html5=1
IP 216.58.207.206:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Size 622 kB (621830 bytes)
Hash 93bd53f3c88764d9783c9cceec663d9e
0a110591538e3e999da77b81a873e926442d764f
7e09cbb580960865f6ac250bd6dee8a52c3e60d86735c37be712d7b944075741
GET /embed/SuU0999Seaw?html5=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://playfmradio.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Dec 2022 06:57:51 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=jukJeLIeQYg; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=d1AUmuWSY-M; Domain=.youtube.com; Expires=Tue, 06-Jun-2023 06:57:51 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+611; expires=Sat, 07-Dec-2024 06:57:51 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
playfmradio.com/wp-content/uploads/2021/04/Recurso-6@2x.png
200.58.110.205200 OK 37 kB URL HTTP/1.1 playfmradio.com/wp-content/uploads/2021/04/Recurso-6@2x.png
IP 200.58.110.205:0
File type PNG image data, 1125 x 712, 8-bit/color RGBA, non-interlaced\012- data
Hash c7e2c3aeadd6b0ebf5eba270904fc778
afdb2695786766d59da9deb89f80ca1399c24537
fe28e3c47a7ecc57d340132e6a7ac4e0b7a7107d9dcf42d224e621629ea5df20
GET /wp-content/uploads/2021/04/Recurso-6@2x.png HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:51 GMT
Server: Apache
Last-Modified: Mon, 19 Apr 2021 19:12:49 GMT
ETag: "919b-5c0581d98d5f1"
Accept-Ranges: bytes
Content-Length: 37275
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: image/png
playfmradio.com/wp-content/uploads/2022/08/710x80-5.gif
200.58.110.205200 OK 17 kB URL HTTP/1.1 playfmradio.com/wp-content/uploads/2022/08/710x80-5.gif
IP 200.58.110.205:0
File type GIF image data, version 89a, 710 x 80\012- data
Hash fa19a322f36bd492b0c0a10f37966d33
a5fadb5c0136d3fb9e9f64dcaa47fc2f1e9d8b19
b1358f5d45465c523388f884d0b45c7ce1621f060dc77097a13f2558c3630764
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/08/710x80-5.gif HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:51 GMT
Server: Apache
Last-Modified: Thu, 11 Aug 2022 18:47:09 GMT
ETag: "41e2-5e5fb97cb3bd8"
Accept-Ranges: bytes
Content-Length: 16866
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
Content-Type: image/gif
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce35df4fe4f77c950e40dc44b311bab4
aadf97d040e3577599581e892ee20f88d191bf91
f9c4cfc384213f77c0bbb252f3d6fbc22be60e1ecc158eece857d5050c8ced3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5620
x-amzn-requestid: fadda084-c7fc-4ec0-bad0-27e97b8349d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4gHGIMIAMFy_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391079a-5dc824963fe82ab927205128;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ITQgs0jVosYx5zvT7j4YLqGZ1HEmsNgartV3g8uaNuJHs4VqVs50OQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:47:24 GMT
age: 33027
etag: "aadf97d040e3577599581e892ee20f88d191bf91"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
playfmradio.com/wp-content/uploads/2022/06/1021x90-5.gif
200.58.110.205200 OK 83 kB URL HTTP/1.1 playfmradio.com/wp-content/uploads/2022/06/1021x90-5.gif
IP 200.58.110.205:0
File type GIF image data, version 89a, 1021 x 90\012- data
Hash fed91bcdf04079bea220861f286b71c2
dfa855fc8c1796cd93b8ceff3a6f2d8c692ad9db
4df6fd71aeff9135d8c72ff6746515e7324b3ba05bf084fbe6da8f8460610825
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/06/1021x90-5.gif HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:51 GMT
Server: Apache
Last-Modified: Mon, 27 Jun 2022 13:05:27 GMT
ETag: "1454b-5e26d92e908f5"
Accept-Ranges: bytes
Content-Length: 83275
Keep-Alive: timeout=10, max=194
Connection: Keep-Alive
Content-Type: image/gif
www.youtube.com/embed/4VaqA-5aQTM?html5=1
216.58.207.206200 OK 0 B URL HTTP/2 www.youtube.com/embed/4VaqA-5aQTM?html5=1
IP 216.58.207.206:0
GET /embed/4VaqA-5aQTM?html5=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://playfmradio.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Dec 2022 06:57:51 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=wtOsgZRa02M; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=C0ANPwZXpeA; Domain=.youtube.com; Expires=Tue, 06-Jun-2023 06:57:51 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+771; expires=Sat, 07-Dec-2024 06:57:51 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3Aregular%2C700%7CRoboto%3A500%7CRoboto+Condensed%3Aregular&subset=latin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext
172.217.21.170200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3Aregular%2C700%7CRoboto%3A500%7CRoboto+Condensed%3Aregular&subset=latin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext
IP 172.217.21.170:0
GET /css?family=Open+Sans%3Aregular%2C700%7CRoboto%3A500%7CRoboto+Condensed%3Aregular&subset=latin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://playfmradio.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 06:57:48 GMT
date: Thu, 08 Dec 2022 06:57:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
app.clickfunnels.com/mailcheck.min.js
104.16.16.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/mailcheck.min.js
IP 104.16.16.194:0
GET /mailcheck.min.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Cookie: __cf_bm=maufTKbfTPIK1FNh6LaHqaIJzSDEiOVQRUGmdecIVpA-1670482663-0-AYhPKzYGPM08x3yW1IYY74WKzacBGLMsNtktknuuoKzzs3X9Yfz7jkCI02A0WggeObA+sW8Z5OfbsFt5RCgxQ9IrBXicmz2N2i61iDr4PxY2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 06:57:44 GMT
content-type: application/x-javascript
cf-ray: 77639bc9fa49fab8-OSL
access-control-allow-origin: *
age: 5499
etag: W/"637bf173-a8d"
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
playfmradio.com/wp-content/uploads/2021/01/DSC_9992-2560x1440.jpg
200.58.110.205200 OK 0 B URL HTTP/1.1 playfmradio.com/wp-content/uploads/2021/01/DSC_9992-2560x1440.jpg
IP 200.58.110.205:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/01/DSC_9992-2560x1440.jpg HTTP/1.1
Host: playfmradio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://playfmradio.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:57:51 GMT
Server: Apache
Last-Modified: Sat, 02 Jan 2021 18:35:50 GMT
ETag: "8efaa-5b7ef20513c2d"
Accept-Ranges: bytes
Content-Length: 585642
Keep-Alive: timeout=10, max=194
Connection: Keep-Alive
Content-Type: image/jpeg
classic.clickfunnels.com/cf.js
104.16.16.194200 OK 0 B URL HTTP/2 classic.clickfunnels.com/cf.js
IP 104.16.16.194:0
GET /cf.js HTTP/1.1
Host: classic.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hpctzpfg.clickfunnels.com/
Connection: keep-alive
Cookie: __cf_bm=maufTKbfTPIK1FNh6LaHqaIJzSDEiOVQRUGmdecIVpA-1670482663-0-AYhPKzYGPM08x3yW1IYY74WKzacBGLMsNtktknuuoKzzs3X9Yfz7jkCI02A0WggeObA+sW8Z5OfbsFt5RCgxQ9IrBXicmz2N2i61iDr4PxY2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 06:57:44 GMT
content-type: application/x-javascript
cf-ray: 77639bcfbcabfab8-OSL
access-control-allow-origin: *
age: 81
etag: W/"637bf173-476a"
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.youtube.com/embed/pHklWLaED60?html5=1
216.58.207.206200 OK 0 B URL HTTP/2 www.youtube.com/embed/pHklWLaED60?html5=1
IP 216.58.207.206:0
GET /embed/pHklWLaED60?html5=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://playfmradio.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Dec 2022 06:57:51 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=VCxHI-gAqO4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=Li5AP4e9PIU; Domain=.youtube.com; Expires=Tue, 06-Jun-2023 06:57:51 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+256; expires=Sat, 07-Dec-2024 06:57:51 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/pbvTRkDSTPQ?html5=1
216.58.207.206200 OK 0 B URL HTTP/2 www.youtube.com/embed/pbvTRkDSTPQ?html5=1
IP 216.58.207.206:0
GET /embed/pbvTRkDSTPQ?html5=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://playfmradio.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Dec 2022 06:57:51 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=QX9A4Yc3hTs; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=_sZSplgaTIs; Domain=.youtube.com; Expires=Tue, 06-Jun-2023 06:57:51 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+757; expires=Sat, 07-Dec-2024 06:57:51 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.57.101200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.57.101:0
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hpctzpfg.clickfunnels.com
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 06:57:44 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 77639bca48e50b3d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%7Csans-serif%7CMontserrat%7Csans-serif%7CMontserrat%7Csans-serif%7C%7C
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%7Csans-serif%7CMontserrat%7Csans-serif%7CMontserrat%7Csans-serif%7C%7C
IP 142.250.74.106:0
GET /css?family=Montserrat%7Csans-serif%7CMontserrat%7Csans-serif%7CMontserrat%7Csans-serif%7C%7C HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 06:57:44 GMT
date: Thu, 08 Dec 2022 06:57:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hpctzpfg.clickfunnels.com/optin1670391977703
104.16.16.194200 OK 0 B URL HTTP/2 hpctzpfg.clickfunnels.com/optin1670391977703
IP 104.16.16.194:0
GET /optin1670391977703 HTTP/1.1
Host: hpctzpfg.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 08 Dec 2022 06:57:43 GMT
content-type: text/html; charset=utf-8
cf-ray: 77639bc81955fab8-OSL
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Wed, 07 Dec 2022 15:26:57 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 1516904cbd4e56b9e96c91e69662d89f140b0cb1
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: 96250a6121be761b59fb4af3d9218073
x-runtime: 0.441993
set-cookie: __cf_bm=maufTKbfTPIK1FNh6LaHqaIJzSDEiOVQRUGmdecIVpA-1670482663-0-AYhPKzYGPM08x3yW1IYY74WKzacBGLMsNtktknuuoKzzs3X9Yfz7jkCI02A0WggeObA+sW8Z5OfbsFt5RCgxQ9IrBXicmz2N2i61iDr4PxY2; path=/; expires=Thu, 08-Dec-22 07:27:43 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
app.clickfunnels.com/assets/lander.js
104.16.16.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/assets/lander.js
IP 104.16.16.194:0
GET /assets/lander.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Cookie: __cf_bm=maufTKbfTPIK1FNh6LaHqaIJzSDEiOVQRUGmdecIVpA-1670482663-0-AYhPKzYGPM08x3yW1IYY74WKzacBGLMsNtktknuuoKzzs3X9Yfz7jkCI02A0WggeObA+sW8Z5OfbsFt5RCgxQ9IrBXicmz2N2i61iDr4PxY2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 06:57:44 GMT
content-type: application/x-javascript
cf-ray: 77639bc9fa48fab8-OSL
access-control-allow-origin: *
age: 520
cache-control: public, max-age=1200
etag: W/"637bf1b5-2391a3"
expires: Thu, 08 Dec 2022 07:17:44 GMT
last-modified: Mon, 21 Nov 2022 21:46:29 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.youtube.com/embed/LBBtSzBSzzo?html5=1
216.58.207.206200 OK 0 B URL HTTP/2 www.youtube.com/embed/LBBtSzBSzzo?html5=1
IP 216.58.207.206:0
GET /embed/LBBtSzBSzzo?html5=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://playfmradio.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Dec 2022 06:57:51 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Ac7LZJSVuSU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=uCqHDyG-1og; Domain=.youtube.com; Expires=Tue, 06-Jun-2023 06:57:51 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+499; expires=Sat, 07-Dec-2024 06:57:51 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
emiratespost.dynv6.net/Ae/emirates/info2022/STATU/dash/SF/Panel/Checkout/
104.168.214.87200 OK 0 B URL HTTP/2 emiratespost.dynv6.net/Ae/emirates/info2022/STATU/dash/SF/Panel/Checkout/
IP 104.168.214.87:0
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /Ae/emirates/info2022/STATU/dash/SF/Panel/Checkout/ HTTP/1.1
Host: emiratespost.dynv6.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 06:57:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=kbdos78l37tdk6t4l3rmhicgnu; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=b3lqOXZrMkk4WWc1UHRwUUhJdHZzQT09LS10dmhqcmducjNsMWszOGNOTC9MQnRRPT0%3D--de13995a426b9df684890d2b782b365a042edf7a&page_id=TUgwUzdFajZVTSszNG56bFNvU1FHdz09LS1mTmg2NllBSENqNG1BbEVGVWJUUWdRPT0%3D--b17ac0f8dcd25078de2cdc20a77d3bcd4a81a89e&funnel_step_id=UXFBbXE0VEhINjVTb3QvNEFxV29DUT09LS1WSjVYbjBFVC9sRVdIdlk0di9kZXF3PT0%3D--f445cc9822ab0d0515e750db952c38bc8c772e31&user_id=MDQ4dFNJU1hobnpMajZ4OHB2OG5xUT09LS1aUXQ1eUFpQktqSm9zeFVqT1UxSXRnPT0%3D--40c20b1310ee39e4bca1a22870b576908d7f0f90&account_id=WWV2cUozOXpDMnluNGVZK3FsRm1Sdz09LS1PZERkQlF0ZDNaQU43SnhFcy9qQnpBPT0%3D--39bfbc8b48fe5984e27eb6652e528fcfdc877cc2&page_code=NTc0NTI4MzQ%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniqueVisitorsCreatedSummary&nonce=1696b38a-e1d4-4676-8fb0-83b6d0175f5a&url=https%3A%2F%2Fhpctzpfg.clickfunnels.com%2Foptin1670391977703
104.16.16.194202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=b3lqOXZrMkk4WWc1UHRwUUhJdHZzQT09LS10dmhqcmducjNsMWszOGNOTC9MQnRRPT0%3D--de13995a426b9df684890d2b782b365a042edf7a&page_id=TUgwUzdFajZVTSszNG56bFNvU1FHdz09LS1mTmg2NllBSENqNG1BbEVGVWJUUWdRPT0%3D--b17ac0f8dcd25078de2cdc20a77d3bcd4a81a89e&funnel_step_id=UXFBbXE0VEhINjVTb3QvNEFxV29DUT09LS1WSjVYbjBFVC9sRVdIdlk0di9kZXF3PT0%3D--f445cc9822ab0d0515e750db952c38bc8c772e31&user_id=MDQ4dFNJU1hobnpMajZ4OHB2OG5xUT09LS1aUXQ1eUFpQktqSm9zeFVqT1UxSXRnPT0%3D--40c20b1310ee39e4bca1a22870b576908d7f0f90&account_id=WWV2cUozOXpDMnluNGVZK3FsRm1Sdz09LS1PZERkQlF0ZDNaQU43SnhFcy9qQnpBPT0%3D--39bfbc8b48fe5984e27eb6652e528fcfdc877cc2&page_code=NTc0NTI4MzQ%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniqueVisitorsCreatedSummary&nonce=1696b38a-e1d4-4676-8fb0-83b6d0175f5a&url=https%3A%2F%2Fhpctzpfg.clickfunnels.com%2Foptin1670391977703
IP 104.16.16.194:0
GET /userevents/?funnel_id=b3lqOXZrMkk4WWc1UHRwUUhJdHZzQT09LS10dmhqcmducjNsMWszOGNOTC9MQnRRPT0%3D--de13995a426b9df684890d2b782b365a042edf7a&page_id=TUgwUzdFajZVTSszNG56bFNvU1FHdz09LS1mTmg2NllBSENqNG1BbEVGVWJUUWdRPT0%3D--b17ac0f8dcd25078de2cdc20a77d3bcd4a81a89e&funnel_step_id=UXFBbXE0VEhINjVTb3QvNEFxV29DUT09LS1WSjVYbjBFVC9sRVdIdlk0di9kZXF3PT0%3D--f445cc9822ab0d0515e750db952c38bc8c772e31&user_id=MDQ4dFNJU1hobnpMajZ4OHB2OG5xUT09LS1aUXQ1eUFpQktqSm9zeFVqT1UxSXRnPT0%3D--40c20b1310ee39e4bca1a22870b576908d7f0f90&account_id=WWV2cUozOXpDMnluNGVZK3FsRm1Sdz09LS1PZERkQlF0ZDNaQU43SnhFcy9qQnpBPT0%3D--39bfbc8b48fe5984e27eb6652e528fcfdc877cc2&page_code=NTc0NTI4MzQ%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniqueVisitorsCreatedSummary&nonce=1696b38a-e1d4-4676-8fb0-83b6d0175f5a&url=https%3A%2F%2Fhpctzpfg.clickfunnels.com%2Foptin1670391977703 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hpctzpfg.clickfunnels.com
Connection: keep-alive
Referer: https://hpctzpfg.clickfunnels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 202 Accepted
date: Thu, 08 Dec 2022 06:57:44 GMT
content-type: text/html
cf-ray: 77639bcddbc6fab8-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 49c8e3b4c623735db968c50f217076ec
x-runtime: 0.040184
set-cookie: __cf_bm=5EAYlLH5ZaybjGXc74_.N029E.bCs4MmJqHhoJU6XBI-1670482664-0-AajnENhVqhbMOH7dOmERwXzNGsErmtTQU1jGqRViX37DslUQ7vYw2NxtozJ+6MRwEY/6PehA51Nkugv/YKr4IXj8ATWqUl8Psg/M1aKSiGEW; path=/; expires=Thu, 08-Dec-22 07:27:44 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
www.youtube.com/embed/cHsKzdyXDH0?html5=1
216.58.207.206200 OK 0 B URL HTTP/2 www.youtube.com/embed/cHsKzdyXDH0?html5=1
IP 216.58.207.206:0
GET /embed/cHsKzdyXDH0?html5=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://playfmradio.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Dec 2022 06:57:51 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=FWWvG2TRiXg; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=6RaPQvPHmto; Domain=.youtube.com; Expires=Tue, 06-Jun-2023 06:57:51 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+008; expires=Sat, 07-Dec-2024 06:57:51 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2