f-trk.widzewska.pl/ga/click/2-33559858-2212-16126-31975-17436-400b0cbb48-e8194bfe09
172.67.152.100301 Moved Permanently 0 B URL HTTP/1.1 f-trk.widzewska.pl/ga/click/2-33559858-2212-16126-31975-17436-400b0cbb48-e8194bfe09
IP 172.67.152.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /ga/click/2-33559858-2212-16126-31975-17436-400b0cbb48-e8194bfe09 HTTP/1.1
Host: f-trk.widzewska.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Sep 2022 06:18:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 07:18:29 GMT
Location: https://f-trk.widzewska.pl/ga/click/2-33559858-2212-16126-31975-17436-400b0cbb48-e8194bfe09
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znXuPq1NrC6o3zo%2FoLKeAbsudWw5m2bnq2oOr7hHeZH2SQaageKFUUoegMnurDwxUg30DQ%2Bc8hpZ1%2BtbEb3pqg1H0vDQUjGM4aWpTpYHMGOeuKQEo9RrOzN225f3J7NIrXT9yyY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7465166d684a0b31-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 05:37:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AHXsDiz9MdmizujcxRYbchx6yXdY9wmd_WQ95rY_PCe7kOxzHFAMRA==
Age: 2430
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AgvuIKIC9uEQh4Op8OmNuinykajd1OKDICIkBg2CqYLgQS7mVrXjTg==
age: 18192
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3705
Expires: Tue, 06 Sep 2022 07:20:14 GMT
Date: Tue, 06 Sep 2022 06:18:29 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b750dbf0ecb765fc2f913f7800d8a180
2aeacd7bcec2a43cc79b4d8d1d81cc361060e277
c803dc81293f27615e93740230448288e8c6bc01b525525fff69ab2c409fdd3a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "C803DC81293F27615E93740230448288E8C6BC01B525525FFF69AB2C409FDD3A"
Last-Modified: Mon, 05 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19927
Expires: Tue, 06 Sep 2022 11:50:36 GMT
Date: Tue, 06 Sep 2022 06:18:29 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 06:18:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 06 Sep 2022 05:38:18 GMT
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 06:35:12 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ABQ0ccCMc3mD7mORoxu28R_1_yYUXd1M2q7Yp5aoehUBu39k2b374Q==
Age: 2412
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b57a9dd04797bf34612c80361f1dffb3
56573166d8b9cd9b8dae19fd905e4f3293af306b
b03552109f1e7d1e482aa14614ffb1e38fb53ae4951152aab307b927674dad98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5539
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:18:30 GMT
Last-Modified: Tue, 06 Sep 2022 04:46:11 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.189.157.130101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.157.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: foRC6BvHjpuPkqU//EmHMg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qlba/dmrR5WEqlZ0qGhTcO/9bts=
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b750dbf0ecb765fc2f913f7800d8a180
2aeacd7bcec2a43cc79b4d8d1d81cc361060e277
c803dc81293f27615e93740230448288e8c6bc01b525525fff69ab2c409fdd3a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "C803DC81293F27615E93740230448288E8C6BC01B525525FFF69AB2C409FDD3A"
Last-Modified: Mon, 05 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19926
Expires: Tue, 06 Sep 2022 11:50:36 GMT
Date: Tue, 06 Sep 2022 06:18:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7650
Expires: Tue, 06 Sep 2022 08:26:01 GMT
Date: Tue, 06 Sep 2022 06:18:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7650
Expires: Tue, 06 Sep 2022 08:26:01 GMT
Date: Tue, 06 Sep 2022 06:18:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7650
Expires: Tue, 06 Sep 2022 08:26:01 GMT
Date: Tue, 06 Sep 2022 06:18:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7650
Expires: Tue, 06 Sep 2022 08:26:01 GMT
Date: Tue, 06 Sep 2022 06:18:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41c7f9a9-3c6b-4941-9798-9ec7dacff0e6.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41c7f9a9-3c6b-4941-9798-9ec7dacff0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fba6ee2bc4b89cbba972478520565d2
204faf6513d9145bc8412b8b6bcedd7c70a1ba2c
9a2b97e196232b9ee8d36045ec97bb7d573609f1ae18c56cb158c7c1ab2ed9a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41c7f9a9-3c6b-4941-9798-9ec7dacff0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8146
x-amzn-requestid: 41398033-67f0-4a17-863d-db69747514ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYIYG8GoAMFhWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d68-09abc90f73f3cc2a1a629840;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:43:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: iocOBWse_L_nfOvUKE11ocxHZxLEgcjWV_CIbvAjAxt9IEl0eoTKjg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:32:33 GMT
etag: "204faf6513d9145bc8412b8b6bcedd7c70a1ba2c"
content-type: image/jpeg
age: 27958
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa78f3c06-9254-405a-8dbf-2fa65b66376b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa78f3c06-9254-405a-8dbf-2fa65b66376b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 022be15c9cc450f4af703fe8b9fcc702
82342473945f187bbf9b4455c440a01f9269c12b
df07001b8e2b79632e1a3100d957a215fcec7550a9802df87d6d3bee42c14696
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa78f3c06-9254-405a-8dbf-2fa65b66376b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8322
x-amzn-requestid: 41a96288-8c1d-4f24-b33b-87d82c5a026f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYfvELHoAMFqjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166dfe-3298d1a17d6a480e6558f814;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Fgfyi07cvDw1iUpod2scAJvEucVHroM6f7V26E1tiTh2QGXaOOcwKg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:00:01 GMT
age: 29910
etag: "82342473945f187bbf9b4455c440a01f9269c12b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 983e705542fa78b4d5c876e0c1eada7e
5fc951e5236edd282d4975853ca35dab2e55fb17
fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:45:42 GMT
age: 30769
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31f372dd-03b1-4e12-91bc-08ff7d47b9ff.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31f372dd-03b1-4e12-91bc-08ff7d47b9ff.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f9d13dec6194417882e71afdc1bd9b9a
156bafa4c7c089cf26639feacc9a25db6ef3870e
7e4f2932cd41776d120ac1e14b322c3b94c07449adc7904f222f46ed35570fd0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31f372dd-03b1-4e12-91bc-08ff7d47b9ff.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10985
x-amzn-requestid: 97f3ea4d-135f-4e76-a2db-05bad96e01eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWsgHMdIAMFbXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-1a8b9af405cd8e6b1e3c0e1d;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: wjawu8nRjwWvl-Eldm4No6GY6gKO-PFbJNkv9FkpOCSDW14Mfx67Sg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:02:16 GMT
etag: "156bafa4c7c089cf26639feacc9a25db6ef3870e"
content-type: image/jpeg
age: 29775
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
f-trk.widzewska.pl/ga/click/2-33559858-2212-16126-31975-17436-400b0cbb48-e8194bfe09
104.21.32.144302 Found 7.2 kB URL HTTP/2 f-trk.widzewska.pl/ga/click/2-33559858-2212-16126-31975-17436-400b0cbb48-e8194bfe09
IP 104.21.32.144:0
Hash 409644c44dd54c50c2e56aa2cfc32197
623d55ef9b0f1c76eab9d9238d213529c0726360
d2b8cd20d34e26d896d34947b31a4f5287b4c16f4fab6db366c15ab873b94b12
Analyzer Verdict Alert fortinet Phishing
GET /ga/click/2-33559858-2212-16126-31975-17436-400b0cbb48-e8194bfe09 HTTP/1.1
Host: f-trk.widzewska.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 06 Sep 2022 06:18:30 GMT
content-type: text/html; charset=utf-8
location: https://mars.monocronia.com/nSnT_xQ?vyU_Wt=a4JwmG1qcWKclbJyl3JpaIN8YKCDomZlZp-ZYsBxj2pha2NfgaA/gerald.hamerston%40britishmarine.com&s3=&s4=
status: 302 Found
x-rack-cache: miss
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-request-id: 466c4ecfe70f762c33da1c303d01b691
x-ua-compatible: IE=Edge,chrome=1
x-runtime: 0.018302
expires: Mon, 01 Jan 1990 00:00:00 GMT
x-powered-by: Phusion Passenger 6.0.4
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=il0BiR3J5SnRyaeypMDOYfXxbImJETFwECsxRs4DVJhjCErJsws454a1zf1MsJk4TziYpjL2aeW%2FSB1opt4oKMLj6JlJCzaKVQqGVL9J7VpETjvCB7za9s507KopGEc%2FVk1VkwQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7465166f99c30b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d13129-50cd-414b-b7d2-918afd9144b6.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d13129-50cd-414b-b7d2-918afd9144b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bf0314072a1c7cc981f0640ee708c25
47109d3c10438ee4a598d60e43c6f92645eaf0c9
31cc505951d7d9ced676d6b4c600e986bdd835e44ff67a65d1138552291abcbf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d13129-50cd-414b-b7d2-918afd9144b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7677
x-amzn-requestid: 5e9a9884-808b-4b77-bb9c-677eb6aca395
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWt_EFloAMF0tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b26-68ed4e6e43d334694c6e63df;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 69RYoY1_mVSXmvKksTX3e9697y4nHeJ5aW4jXnmuCk0-Y5-74SBu7g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:00:01 GMT
age: 29910
etag: "47109d3c10438ee4a598d60e43c6f92645eaf0c9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css
104.17.25.14200 OK 5.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (27303)
Hash fb68fcb5e0519fb76559c9ab267f8f3f
b96c07f9ef44dbecb4ec4d1cb4a0b30a210f9825
8d0f29c4b3a8b511e6a46bc29ab3d96566fb244fdca5003156c04ea6b65cdd71
GET /ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:18:32 GMT
content-type: text/css; charset=utf-8
content-length: 4972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-6b4a"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7730707
expires: Sun, 27 Aug 2023 06:18:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgnVkN%2BXJa0vRQPId%2BTmAoYLHwleDNxaTPrTHtixXGkvKvWzqsYRHmNZXd6n%2BSd0fBeUIG47QokeQvXWtgRbv7UPSK0fJxwuAxQaWEZ1JAYA%2FMcEY6r9NjD1AIEu%2FZvyN2VVkytm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7465167f1870b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
104.18.19.183200 OK 695 B URL HTTP/2 cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
IP 104.18.19.183:0
File type ASCII text, with very long lines (1336), with no line terminators
Hash d7d41cd083dc3fb3f21fd97e9b6a860b
d323d9f0ed9af3bf751d0cf960a9202181975091
8ae1562a56317b63473e8ee5307e99428b74b471c021bad88ceb4502faca4dcb
GET /sdk/1.1/wonderpush-loader.min.js HTTP/1.1
Host: cdn.by.wonderpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:18:32 GMT
content-type: application/javascript
content-length: 695
last-modified: Wed, 31 Aug 2022 13:11:43 GMT
cache-control: public,max-age=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET
access-control-max-age: 86400
etag: "d7d41cd083dc3fb3f21fd97e9b6a860bed6e"
x-cache: Miss from cloudfront
via: 1.1 1be9b204bafba40c329df0fd4961700e.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: Z1ioc8MGNBHBI53VUaMb1T6l-oAHkkOyE66c-SjXwRxNJ9SOtRs_eQ==
cf-cache-status: HIT
age: 61560
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7465167f5d19b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6ee717445442d2dd4cf8373873674ad
e31513c926f970d8f62b97fc7bc5c265bccec296
cadba5fa60340e4898328656904e3941d8168e1bd4c97f6fcfffefdb4de2101e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CADBA5FA60340E4898328656904E3941D8168E1BD4C97F6FCFFFEFDB4DE2101E"
Last-Modified: Mon, 05 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9073
Expires: Tue, 06 Sep 2022 08:49:45 GMT
Date: Tue, 06 Sep 2022 06:18:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6ee717445442d2dd4cf8373873674ad
e31513c926f970d8f62b97fc7bc5c265bccec296
cadba5fa60340e4898328656904e3941d8168e1bd4c97f6fcfffefdb4de2101e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CADBA5FA60340E4898328656904E3941D8168E1BD4C97F6FCFFFEFDB4DE2101E"
Last-Modified: Mon, 05 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9073
Expires: Tue, 06 Sep 2022 08:49:45 GMT
Date: Tue, 06 Sep 2022 06:18:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6ee717445442d2dd4cf8373873674ad
e31513c926f970d8f62b97fc7bc5c265bccec296
cadba5fa60340e4898328656904e3941d8168e1bd4c97f6fcfffefdb4de2101e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CADBA5FA60340E4898328656904E3941D8168E1BD4C97F6FCFFFEFDB4DE2101E"
Last-Modified: Mon, 05 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9185
Expires: Tue, 06 Sep 2022 08:51:37 GMT
Date: Tue, 06 Sep 2022 06:18:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6ee717445442d2dd4cf8373873674ad
e31513c926f970d8f62b97fc7bc5c265bccec296
cadba5fa60340e4898328656904e3941d8168e1bd4c97f6fcfffefdb4de2101e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CADBA5FA60340E4898328656904E3941D8168E1BD4C97F6FCFFFEFDB4DE2101E"
Last-Modified: Mon, 05 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 06 Sep 2022 12:18:32 GMT
Date: Tue, 06 Sep 2022 06:18:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6ee717445442d2dd4cf8373873674ad
e31513c926f970d8f62b97fc7bc5c265bccec296
cadba5fa60340e4898328656904e3941d8168e1bd4c97f6fcfffefdb4de2101e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CADBA5FA60340E4898328656904E3941D8168E1BD4C97F6FCFFFEFDB4DE2101E"
Last-Modified: Mon, 05 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21582
Expires: Tue, 06 Sep 2022 12:18:14 GMT
Date: Tue, 06 Sep 2022 06:18:32 GMT
Connection: keep-alive
roadssign.com/eml/PL-TT-Fedex-Julys222/js/jquery.min.js
97.107.133.178200 OK 87 kB URL HTTP/1.1 roadssign.com/eml/PL-TT-Fedex-Julys222/js/jquery.min.js
IP 97.107.133.178:0
File type ASCII text, with very long lines (65451)
Hash 4b57cf46dc8cb95c4cca54afc85e9540
05e1ad0cc600a057886deaf237ab6e3d4fcdb5ac
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
GET /eml/PL-TT-Fedex-Julys222/js/jquery.min.js HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:18:32 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Mon, 25 Jul 2022 06:51:44 GMT
ETag: "1538e-5e49b9dee56d5"
Accept-Ranges: bytes
Content-Length: 86926
Content-Type: application/javascript
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
roadssign.com/eml/PL-TT-Fedex-Julys222/js/bootstrap.min.js
97.107.133.178200 OK 37 kB URL HTTP/1.1 roadssign.com/eml/PL-TT-Fedex-Julys222/js/bootstrap.min.js
IP 97.107.133.178:0
File type ASCII text, with very long lines (32033)
Hash 5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
GET /eml/PL-TT-Fedex-Julys222/js/bootstrap.min.js HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:18:32 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Mon, 25 Jul 2022 06:51:43 GMT
ETag: "90b5-5e49b9de7cefc"
Accept-Ranges: bytes
Content-Length: 37045
Content-Type: application/javascript
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
roadssign.com/eml/PL-TT-Fedex-Julys222/css/custom.css
97.107.133.178200 OK 47 kB URL HTTP/1.1 roadssign.com/eml/PL-TT-Fedex-Julys222/css/custom.css
IP 97.107.133.178:0
File type ASCII text, with CRLF line terminators
Hash 5bb859ecf05ddd390e2638eabf5bc1b7
00122786abc2ff857a3c46a14d94dc730cd08eb2
fbe38548fc848073818c5f0bdb17641ad9c0bbe84d4ca0f5f048f34bf11e595f
GET /eml/PL-TT-Fedex-Julys222/css/custom.css HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:18:32 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Mon, 25 Jul 2022 06:51:12 GMT
ETag: "b940-5e49b9c063433"
Accept-Ranges: bytes
Content-Length: 47424
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8b3fc7b78a1c498440023dbb6004e984
688d8686e183a4e84577e0f70550350622796e2e
ac1f7b3d1c5bfc1888f50aa3a8e0498c11f7cce672e6de5c048bf31d4d3370c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:18:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8b3fc7b78a1c498440023dbb6004e984
688d8686e183a4e84577e0f70550350622796e2e
ac1f7b3d1c5bfc1888f50aa3a8e0498c11f7cce672e6de5c048bf31d4d3370c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:18:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Poppins:ital,wght@0,200;0,300;0,400;1,100;1,200;1,300&display=swap
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css2?family=Poppins:ital,wght@0,200;0,300;0,400;1,100;1,200;1,300&display=swap
IP 142.250.74.10:0
Hash e167f67e1353c0b52a9befd7bbcfe62e
4aee538dfa8b78a16f1bd9fb1d170c534d510243
edb55eb12443c27c5a3e2ef0043b2ba430f4aeb70a33a93cdaaf1b66619b80a8
GET /css2?family=Poppins:ital,wght@0,200;0,300;0,400;1,100;1,200;1,300&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roadssign.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 06:18:32 GMT
date: Tue, 06 Sep 2022 06:18:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
roadssign.com/eml/PL-TT-Fedex-Julys222/css/bootstrap.min.css
97.107.133.178200 OK 44 kB URL HTTP/1.1 roadssign.com/eml/PL-TT-Fedex-Julys222/css/bootstrap.min.css
IP 97.107.133.178:0
File type ASCII text, with CRLF line terminators
Hash afab5504906f2fb512511ca094e0d5ed
f983c79cce4d35e9e4f9ba03f6f8fbc12c61965d
61fc2c1211768e7c43c5293951e506aea265c8ca6e8d0142da37ddfd814b7298
GET /eml/PL-TT-Fedex-Julys222/css/bootstrap.min.css HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:18:32 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Mon, 25 Jul 2022 06:51:12 GMT
ETag: "abb5-5e49b9c0614f3"
Accept-Ranges: bytes
Content-Length: 43957
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:18:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:18:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mars.monocronia.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:32:09 GMT
expires: Thu, 31 Aug 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 470784
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
142.250.74.163200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 5544, version 1.0\012- data
Hash 0ed299a4bb5262e17e2145783b2c18f1
65af2a037a5ef8a8d383d518377ea1f9f6837631
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mars.monocronia.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:37:45 GMT
expires: Thu, 31 Aug 2023 19:37:45 GMT
cache-control: public, max-age=31536000
age: 470448
last-modified: Wed, 27 Apr 2022 17:03:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:18:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
roadssign.com/eml/PL-TT-Fedex-Julys222/img/3.png
97.107.133.178200 OK 2.7 kB URL HTTP/1.1 roadssign.com/eml/PL-TT-Fedex-Julys222/img/3.png
IP 97.107.133.178:0
File type PNG image data, 128 x 129, 8-bit/color RGBA, non-interlaced\012- data
Hash 033f4207051289fe2e2411580d666b8c
9180e04e5b431c686c339e16fb99e8a60ac01d2d
cd339d543f8022a6604228c8e3437e4ccc4efe6d9a78681233edba340b95969e
GET /eml/PL-TT-Fedex-Julys222/img/3.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:18:32 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Mon, 25 Jul 2022 06:51:21 GMT
ETag: "a67-5e49b9c95aa1c"
Accept-Ranges: bytes
Content-Length: 2663
Content-Type: image/png
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
roadssign.com/eml/PL-TT-Fedex-Julys222/img/1.png
97.107.133.178200 OK 3.3 kB URL HTTP/1.1 roadssign.com/eml/PL-TT-Fedex-Julys222/img/1.png
IP 97.107.133.178:0
File type PNG image data, 128 x 129, 8-bit/color RGBA, non-interlaced\012- data
Hash e6c3ef60d60b65c0ed6c4e7e2a67ae3b
e6bf23bad6b94121afc9ce3ff2cfde7a2c2bf301
f1308c3ad970ccae3599ea3791b2c70c12335ecfe6bfde2e2e2ecb98d5efc547
GET /eml/PL-TT-Fedex-Julys222/img/1.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:18:32 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Mon, 25 Jul 2022 06:51:20 GMT
ETag: "ce3-5e49b9c86313e"
Accept-Ranges: bytes
Content-Length: 3299
Content-Type: image/png
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
roadssign.com/eml/PL-TT-Fedex-Julys222/img/pl.jpg
97.107.133.178200 OK 65 kB URL HTTP/1.1 roadssign.com/eml/PL-TT-Fedex-Julys222/img/pl.jpg
IP 97.107.133.178:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x350, components 3\012- data
Hash 3058434996adb1f585f5b69b9eb5e3e8
b8d1746eb08dc89dc745547c14f426fe2fd75b82
973daceaa97c107d950e3a5484b438d3f988236878b3506d0afdd76b46886d44
GET /eml/PL-TT-Fedex-Julys222/img/pl.jpg HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:18:32 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Mon, 25 Jul 2022 06:52:39 GMT
ETag: "fe09-5e49ba13cbaaf"
Accept-Ranges: bytes
Content-Length: 65033
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
roadssign.com/eml/PL-TT-Fedex-Julys222/img/logo.png
97.107.133.178200 OK 18 kB URL HTTP/1.1 roadssign.com/eml/PL-TT-Fedex-Julys222/img/logo.png
IP 97.107.133.178:0
File type PNG image data, 176 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash f9f3a4bf508eec8270bf7c8fe4397384
8b47c45b41e159b9dc2d6fe563b1197bd2a3ec16
99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90
GET /eml/PL-TT-Fedex-Julys222/img/logo.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:18:33 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Mon, 25 Jul 2022 06:51:33 GMT
ETag: "462c-5e49b9d4ae3d2"
Accept-Ranges: bytes
Content-Length: 17964
Content-Type: image/png
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
roadssign.com/eml/PL-TT-Fedex-Julys222/img/loader.gif
97.107.133.178200 OK 252 kB URL HTTP/1.1 roadssign.com/eml/PL-TT-Fedex-Julys222/img/loader.gif
IP 97.107.133.178:0
File type GIF image data, version 89a, 250 x 255\012- data
Size 252 kB (251954 bytes)
Hash 5635e3ecf85bb55f82b54aef3b8e3399
4247118fbcd9ba3f1078d33baf4c8c85056e1ba7
5c4371c196b57bf10563225aedb0572c04f56ae6498d12185f89efc38241be21
GET /eml/PL-TT-Fedex-Julys222/img/loader.gif HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:18:32 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Mon, 25 Jul 2022 06:51:31 GMT
ETag: "3d832-5e49b9d2f0b0b"
Accept-Ranges: bytes
Content-Length: 251954
Content-Type: image/gif
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
roadssign.com/eml/PL-TT-Fedex-Julys222/img/scl.png
97.107.133.178200 OK 2.9 kB URL HTTP/1.1 roadssign.com/eml/PL-TT-Fedex-Julys222/img/scl.png
IP 97.107.133.178:0
File type PNG image data, 294 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash 772eae5472a79dfe3221cfbb20df7308
b53cc972fb004918e421a9f681568057f574af25
56c7c540e0939ba930de570f1e66c755bf4a220d297af85145befbd71fc20a8a
GET /eml/PL-TT-Fedex-Julys222/img/scl.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:18:33 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Mon, 25 Jul 2022 06:51:35 GMT
ETag: "b72-5e49b9d6daa02"
Accept-Ranges: bytes
Content-Length: 2930
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
roadssign.com/eml/PL-TT-Fedex-Julys222/img/last.jpg
97.107.133.178200 OK 60 kB URL HTTP/1.1 roadssign.com/eml/PL-TT-Fedex-Julys222/img/last.jpg
IP 97.107.133.178:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Adobe Photoshop CC 2019 (Windows), datetime=2019:02:27 17:05:03], baseline, precision 8, 727x485, components 3\012- data
Hash 5a98a4a8ec979f87a401a41235d0e7b3
0dbbfbda0cdc92e87d2a57ac5f969c212b661984
d3c713646e90fdf69931ec50c650f78b3e36946b1a575e7ae9c846a5cea19a3b
GET /eml/PL-TT-Fedex-Julys222/img/last.jpg HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:18:32 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Mon, 25 Jul 2022 06:51:30 GMT
ETag: "eb11-5e49b9d223209"
Accept-Ranges: bytes
Content-Length: 60177
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
roadssign.com/eml/PL-TT-Fedex-Julys222/img/2.png
97.107.133.178200 OK 3.4 kB URL HTTP/1.1 roadssign.com/eml/PL-TT-Fedex-Julys222/img/2.png
IP 97.107.133.178:0
File type PNG image data, 128 x 129, 8-bit/color RGBA, non-interlaced\012- data
Hash b4542269430db91066cf942a5c671389
6d4147dd709877cabdd13c133e911f0dfc863df4
d948a2fe7766724a00ead1aa837dc4b03772858a756cbd6f9ad6a649130687b9
GET /eml/PL-TT-Fedex-Julys222/img/2.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:18:33 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Mon, 25 Jul 2022 06:51:20 GMT
ETag: "d2d-5e49b9c7cf219"
Accept-Ranges: bytes
Content-Length: 3373
Content-Type: image/png
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
roadssign.com/eml/PL-TT-Fedex-Julys222/img/box.jpg
97.107.133.178200 OK 58 kB URL HTTP/1.1 roadssign.com/eml/PL-TT-Fedex-Julys222/img/box.jpg
IP 97.107.133.178:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Macintosh), datetime=2015:07:08 13:33:50], baseline, precision 8, 312x246, components 3\012- data
Hash 76b511d4a0c7b6a77f28d0c12f465ece
712d13c804bd9588817531a334f02900bd440a8c
cebe44eeb094fd2237b7651f29b62e28a571c2036186e672fa97c3475ff96b37
GET /eml/PL-TT-Fedex-Julys222/img/box.jpg HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:18:33 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Mon, 25 Jul 2022 06:51:26 GMT
ETag: "e1cf-5e49b9cde62f8"
Accept-Ranges: bytes
Content-Length: 57807
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 1455c650b3ee3b58f427eaa875c159d6
d54efdbc34bf165d6107edf776bb88cc6fddce50
83c98baa5c56ebb5ebadcebf21b7b4ea71dffc2f48f885f92791188e627393a8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:18:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 00:18:32 GMT
Expires: Mon, 12 Sep 2022 00:18:31 GMT
Etag: "d54efdbc34bf165d6107edf776bb88cc6fddce50"
Cache-Control: max-age=496194,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746516971983b506-OSL
app.sportsbetsnow.com/wonderpush.min.html
139.59.132.145200 OK 594 B URL HTTP/1.1 app.sportsbetsnow.com/wonderpush.min.html
IP 139.59.132.145:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6ae553d5c039ef390f36e852d0b902fd
5c2375fec4571f3a46650595ccf15f01d8fc47d7
218893b02d5b5276f0a1789f8adf50971a2c12f7d7b61f730f0419f520a86d46
GET /wonderpush.min.html HTTP/1.1
Host: app.sportsbetsnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 06:18:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.14
Last-Modified: Fri, 27 Mar 2020 05:50:23 GMT
ETag: "252-5a1cfad6605c0"
Accept-Ranges: bytes
Content-Length: 594
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/s/gts1d4/ja-fpm3mQio
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/ja-fpm3mQio
IP 142.250.74.3:0
Hash 49a724b9d49289ca166a05e8f8014a43
348f5ee4039f56906f0b216a279be0275b5b1534
07812eb25f7c8578b0a973147327f11780d8b5ad953b4f7fea525e1ad09f56da
POST /s/gts1d4/ja-fpm3mQio HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 06:18:36 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
measurements-api.wonderpush.com/v1/events
216.239.32.21202 Accepted 93 B URL HTTP/2 measurements-api.wonderpush.com/v1/events
IP 216.239.32.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c49dc9624ea33e500fdcd79adcbf8626
6d4a7e84b000640583e0e76b553f3f9224ecf346
e58bf0d46edf2081400832c416791bf2c40c491e071861f54771f6ef1284f615
POST /v1/events HTTP/1.1
Host: measurements-api.wonderpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 579
Origin: https://app.sportsbetsnow.com
Connection: keep-alive
Referer: https://app.sportsbetsnow.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://app.sportsbetsnow.com
x-cloud-trace-context: 7274c80743321f3fb435970846cb78c7
date: Tue, 06 Sep 2022 06:18:36 GMT
server: Google Frontend
content-length: 93
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
IP 142.250.74.10:0
GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roadssign.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 06:18:32 GMT
date: Tue, 06 Sep 2022 06:18:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mars.monocronia.com/nSnT_xQ?vyU_Wt=a4JwmG1qcWKclbJyl3JpaIN8YKCDomZlZp-ZYsBxj2pha2NfgaA/gerald.hamerston%40britishmarine.com&s3=&s4=
104.21.90.68200 OK 0 B URL HTTP/2 mars.monocronia.com/nSnT_xQ?vyU_Wt=a4JwmG1qcWKclbJyl3JpaIN8YKCDomZlZp-ZYsBxj2pha2NfgaA/gerald.hamerston%40britishmarine.com&s3=&s4=
IP 104.21.90.68:0
GET /nSnT_xQ?vyU_Wt=a4JwmG1qcWKclbJyl3JpaIN8YKCDomZlZp-ZYsBxj2pha2NfgaA/gerald.hamerston%40britishmarine.com&s3=&s4= HTTP/1.1
Host: mars.monocronia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:18:32 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.14
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gsT%2B25d0HSn%2B3IlIUVdPTWdEophVpIh8T%2BsF%2Fm75jveuqOFMEgmiNZJRpRNihefeAECnY3cyEdvjI4w0z5LpoqPxK0OE9K274PNJNcDQyd8vMoKbtDmY4%2FAd0DOXZtR9DCuAqEgV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74651676fb0db509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
get.geojs.io/v1/ip/geo.json
172.67.70.233200 OK 0 B URL HTTP/2 get.geojs.io/v1/ip/geo.json
IP 172.67.70.233:0
GET /v1/ip/geo.json HTTP/1.1
Host: get.geojs.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mars.monocronia.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 06:18:36 GMT
content-type: application/json
x-request-id: 486465da41ea191fca4966e16c4045c1-AMS
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
access-control-allow-methods: GET
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
x-geojs-location: AMS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQIJ87D1x0gqVGprLd1BrEiaQmbcULMzp5LVGJnG115mTh8OGp%2FPNtaohTTeQM7xm4zHSto0rRWHiF4aWH7SUgl%2BKOVyZZbMQoe8VKIcdfvZpFKhJ36rIW8XqwbDQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7465169a1a2e0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2