r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6414
Expires: Sun, 27 Nov 2022 00:11:57 GMT
Date: Sat, 26 Nov 2022 22:25:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3354
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:25:03 GMT
Last-Modified: Sat, 26 Nov 2022 21:29:09 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 22:17:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 450
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7335
Expires: Sun, 27 Nov 2022 00:27:18 GMT
Date: Sat, 26 Nov 2022 22:25:03 GMT
Connection: keep-alive
jobs.vrdgov.org/
51.195.157.25200 OK 6.4 kB IP 51.195.157.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381)
Hash 7b552d20e387cd42d03851cdef3506c2
1eefd03282bf529b6abaea3266f7d4690064660c
4e402ea1ec6d179f5b4b50f773dc0176ba46066005a49bc359cee246d0cac311
GET / HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6404
Connection: keep-alive
X-Powered-By: PHP/7.4.32
Link: <http://jobs.vrdgov.org/wp-json/>; rel="https://api.w.org/", <http://jobs.vrdgov.org/wp-json/wp/v2/pages/17>; rel="alternate"; type="application/json", <http://jobs.vrdgov.org/>; rel=shortlink
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Xi0yQfO5V2Mx58yrfIjsvdOYWKZY/m+NfpjnRi4v2WLPAXcIGwNRHaw/lMTU781j300q9wMZEOI=
x-amz-request-id: HCHZJDVZ6JJVQDAQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 21:41:22 GMT
age: 2621
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 22:25:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
jobs.vrdgov.org/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
51.195.157.25200 OK 16 kB URL HTTP/1.1 jobs.vrdgov.org/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 51.195.157.25:0
File type ASCII text, with very long lines (47826)
Hash 96c22528091b782abd39cef4c9749e52
fa8eef2e605ccb20adce4ea4faffb4442b7133e7
d2b99764aef94d6ac8450097e100a213ea3b7470cad3a940fcc631c1f21b94b1
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: text/css
Last-Modified: Wed, 23 Nov 2022 01:41:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"637d7a45-172a9"
Content-Encoding: gzip
jobs.vrdgov.org/wp-content/plugins/job-manager-career/assets/css/thjmf-public.css?ver=6.1.1
51.195.157.25200 OK 2.8 kB URL HTTP/1.1 jobs.vrdgov.org/wp-content/plugins/job-manager-career/assets/css/thjmf-public.css?ver=6.1.1
IP 51.195.157.25:0
Hash 66eb3cba03f92e35e7680617e72a2d19
9eb876e6363809dc470fe07b333e319ec676992c
5684bc06b7db587d4ed9621320da994c2926affbec651d8d8f1c34ea88c7e8fc
GET /wp-content/plugins/job-manager-career/assets/css/thjmf-public.css?ver=6.1.1 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: text/css
Last-Modified: Sat, 26 Mar 2022 01:08:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623e679e-30eb"
Content-Encoding: gzip
jobs.vrdgov.org/wp-includes/css/classic-themes.min.css?ver=1
51.195.157.25200 OK 189 B URL HTTP/1.1 jobs.vrdgov.org/wp-includes/css/classic-themes.min.css?ver=1
IP 51.195.157.25:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: text/css
Content-Length: 189
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Wed, 02 Nov 2022 08:42:45 GMT
ETag: "d9-5ec78d312ab40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
jobs.vrdgov.org/wp-content/themes/hello-elementor/theme.min.css?ver=2.5.0
51.195.157.25200 OK 3.2 kB URL HTTP/1.1 jobs.vrdgov.org/wp-content/themes/hello-elementor/theme.min.css?ver=2.5.0
IP 51.195.157.25:0
File type ASCII text, with very long lines (15346), with no line terminators
Hash 0d7c33890951d1171022aa41a1f6f322
4ffc7769ea39bc7f5395952fa1e9c32e18e1d67b
0649f7942439d70b07178f7028a9231cb3e6eb210a1f2f6704d10c5b3987dbeb
GET /wp-content/themes/hello-elementor/theme.min.css?ver=2.5.0 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: text/css
Last-Modified: Sat, 26 Mar 2022 00:57:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623e64e0-3bf2"
Content-Encoding: gzip
jobs.vrdgov.org/wp-content/themes/hello-elementor/style.min.css?ver=2.5.0
51.195.157.25200 OK 2.0 kB URL HTTP/1.1 jobs.vrdgov.org/wp-content/themes/hello-elementor/style.min.css?ver=2.5.0
IP 51.195.157.25:0
File type ASCII text, with very long lines (5839), with no line terminators
Hash 0193f98c54dfd0a54a56e14170173be7
cf15290b85e32e18b0727c3e4e96255e0a8b69a0
581d89ff40f546ab4531e6854f778bfdb797abc9d74c650bb85fedf2e1e7647e
GET /wp-content/themes/hello-elementor/style.min.css?ver=2.5.0 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: text/css
Last-Modified: Sat, 26 Mar 2022 00:57:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623e64e0-16cf"
Content-Encoding: gzip
jobs.vrdgov.org/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.1
51.195.157.25200 OK 18 kB URL HTTP/1.1 jobs.vrdgov.org/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.1
IP 51.195.157.25:0
File type ASCII text, with very long lines (65497)
Hash 94d27a8909b25307dcd224d90749e147
d31519f72dce2c01741f8c9bf714953cd2b88e4d
d960cf8c3d6809be15586209c713fcd5450268243e3daf3212e12537e23c16b9
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.1 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: text/css
Last-Modified: Sat, 26 Mar 2022 01:03:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623e6661-1a564"
Content-Encoding: gzip
jobs.vrdgov.org/wp-content/uploads/elementor/css/post-5.css?ver=1648256650
51.195.157.25200 OK 391 B URL HTTP/1.1 jobs.vrdgov.org/wp-content/uploads/elementor/css/post-5.css?ver=1648256650
IP 51.195.157.25:0
File type ASCII text, with very long lines (1166), with no line terminators
Hash 2bb5b99ab857698d4bbf1282f123ef48
2c2a292605fb2cbb7d518a904704faaabb9def0e
2d3e140daf0dc26c7520119f4dde07e5529bb2f553ea475d34ad3b5b032551e0
GET /wp-content/uploads/elementor/css/post-5.css?ver=1648256650 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: text/css
Last-Modified: Sat, 26 Mar 2022 01:04:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623e668a-48e"
Content-Encoding: gzip
jobs.vrdgov.org/wp-includes/css/dashicons.min.css?ver=6.1.1
51.195.157.25200 OK 37 kB URL HTTP/1.1 jobs.vrdgov.org/wp-includes/css/dashicons.min.css?ver=6.1.1
IP 51.195.157.25:0
File type ASCII text, with very long lines (58981)
Hash 09d132ca24170faac3b1afe1507abefa
1668f2b9b9343b859d4163992728417a8a3b9c82
a4c7898050d2bdf0254d86d500fed008411d679729910ab335e8fd73d20f10ee
GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: text/css
Last-Modified: Thu, 04 Mar 2021 07:46:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6040904e-e688"
Content-Encoding: gzip
jobs.vrdgov.org/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
51.195.157.25200 OK 4.3 kB URL HTTP/1.1 jobs.vrdgov.org/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
IP 51.195.157.25:0
File type ASCII text, with very long lines (19082)
Hash cf8c246966be8c5889a1137b7f6726c4
f4e4146f07ad0d714c71a15b7a04131cc8b9b864
0b635a404ff1db57468f72b00baa293a9cce2dcaefa302c5fec7cac8054e59f4
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: text/css
Last-Modified: Sat, 26 Mar 2022 01:03:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623e6661-4ab8"
Content-Encoding: gzip
jobs.vrdgov.org/wp-content/uploads/elementor/css/post-17.css?ver=1648260083
51.195.157.25200 OK 290 B URL HTTP/1.1 jobs.vrdgov.org/wp-content/uploads/elementor/css/post-17.css?ver=1648260083
IP 51.195.157.25:0
File type ASCII text, with very long lines (809), with no line terminators
Hash 976f1bc59cc05a1a7eb1e4538bcdd1e9
26bc370f789875d3699964a8bd54fceebd1e736d
7f15ec907267200aeb885e5d0e76b1ccb5bf348e60a417f0debcd18f7ce5fd87
GET /wp-content/uploads/elementor/css/post-17.css?ver=1648260083 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: text/css
Content-Length: 290
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sat, 26 Mar 2022 02:01:23 GMT
ETag: "329-5db1574bea2c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
jobs.vrdgov.org/wp-content/uploads/elementor/css/global.css?ver=1648256944
51.195.157.25200 OK 1.1 kB URL HTTP/1.1 jobs.vrdgov.org/wp-content/uploads/elementor/css/global.css?ver=1648256944
IP 51.195.157.25:0
File type ASCII text, with very long lines (6697)
Hash d77917dc97e36f756dc34b6130855909
7a9331c937f7a0bb7d93af5781c8faa9a57f3d7d
cb393f1d8d857f31104bc15e3203dc0d7e1caa604980fd201fbe84d669eb996a
GET /wp-content/uploads/elementor/css/global.css?ver=1648256944 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: text/css
Last-Modified: Sat, 26 Mar 2022 01:09:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623e67b0-2503"
Content-Encoding: gzip
jobs.vrdgov.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
51.195.157.25200 OK 36 kB URL HTTP/1.1 jobs.vrdgov.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 51.195.157.25:0
File type ASCII text, with very long lines (65447)
Hash 3799a6be94d7facfc78f066e18773e22
5d97b0e2565712331b1d73be1581159bf282cd4f
e208eb0b972a9d1bdd741669ae120b4555f33ea138d69d012f99de9aaec1c9be
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: application/javascript
Last-Modified: Wed, 02 Nov 2022 08:42:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63622d86-15e54"
Content-Encoding: gzip
jobs.vrdgov.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
51.195.157.25200 OK 4.6 kB URL HTTP/1.1 jobs.vrdgov.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 51.195.157.25:0
File type ASCII text, with very long lines (11126)
Hash 413654fdfa9b24fbd3d747482e3971c9
c23c501d5f668cd83443a4847197717536d55ab8
48470f972b6a6afef4cdb0177dae59d5c891353d995e76c47c9cb142fe45766e
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: application/javascript
Last-Modified: Wed, 18 Nov 2020 19:36:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fb577a6-2bd8"
Content-Encoding: gzip
jobs.vrdgov.org/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
51.195.157.25200 OK 5.8 kB URL HTTP/1.1 jobs.vrdgov.org/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 51.195.157.25:0
File type ASCII text, with very long lines (15660)
Hash 9821563af79d0fbd798c5a96f11cb775
d7ad769f21b6cdbd3602ba2512449e5febe7a2ee
3a372dc0de21ae3d1a2e8d08c2d38599823eb332d06f35ec1eefd1afbbbe9f12
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: application/javascript
Last-Modified: Wed, 25 May 2022 07:51:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"628de018-48b9"
Content-Encoding: gzip
jobs.vrdgov.org/wp-content/plugins/job-manager-career/assets/js/thjmf-public.js?ver=1.2.3
51.195.157.25200 OK 2.3 kB URL HTTP/1.1 jobs.vrdgov.org/wp-content/plugins/job-manager-career/assets/js/thjmf-public.js?ver=1.2.3
IP 51.195.157.25:0
Hash 52d5462e210d7080e1ae7d5d82adcf30
6dcb6ae9f3bb6508b4940286294b37ff2ac5ce8b
7a16b410fc71cc5756f5326cf8c3a6f66ef5eb91bf7a51c62000ce4e25332209
GET /wp-content/plugins/job-manager-career/assets/js/thjmf-public.js?ver=1.2.3 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: application/javascript
Last-Modified: Sat, 26 Mar 2022 01:08:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623e679e-1cd7"
Content-Encoding: gzip
jobs.vrdgov.org/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
51.195.157.25200 OK 1.1 kB URL HTTP/1.1 jobs.vrdgov.org/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
IP 51.195.157.25:0
File type ASCII text, with very long lines (3113), with no line terminators
Hash f893ec1241d4ef05e246321e20f9cbea
50ff5df52e12efd0f538995bd889f509b32ee834
1e5f20d6ac141e8bf0075a947931b4ef0f08912240dbe691bf0024d41f2f672e
GET /wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: application/javascript
Last-Modified: Sat, 26 Mar 2022 00:57:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623e64e0-c29"
Content-Encoding: gzip
jobs.vrdgov.org/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.1
51.195.157.25200 OK 2.3 kB URL HTTP/1.1 jobs.vrdgov.org/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.1
IP 51.195.157.25:0
File type ASCII text, with very long lines (4921)
Hash 0c803c26f9e807be24242548648a09c5
0bb648ea5fbcbdf51d158135377a15abd39ba6e6
631b3e766640a12f6164fac0e156ceaa492b05943ff27771a6027f0decc85400
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.1 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: application/javascript
Last-Modified: Sat, 26 Mar 2022 01:03:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623e6661-1360"
Content-Encoding: gzip
jobs.vrdgov.org/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.1
51.195.157.25200 OK 5.2 kB URL HTTP/1.1 jobs.vrdgov.org/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.1
IP 51.195.157.25:0
File type ASCII text, with very long lines (14238)
Hash 272f8f16e9a1638027ed2c71ddd8e487
b354ed69da8061203259c19c5c9f6beb8bbda39b
ea567a9d862d8d4bf94d64c54fb98b42708356791216aa690ff9c90a398cca97
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.1 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: application/javascript
Last-Modified: Sat, 26 Mar 2022 01:03:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623e6661-37c5"
Content-Encoding: gzip
jobs.vrdgov.org/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.1
51.195.157.25200 OK 13 kB URL HTTP/1.1 jobs.vrdgov.org/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.1
IP 51.195.157.25:0
File type ASCII text, with very long lines (37635)
Hash 1dd59e01cda63dfc496443fd8a1eb193
9db7a0f9b7f59507fcd075373311896f79e32244
cd834603a676c3da47cd367d6eb7cc5b752889cb8d7862c7d97e06d875113260
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.1 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: application/javascript
Last-Modified: Sat, 26 Mar 2022 01:03:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623e6661-932a"
Content-Encoding: gzip
jobs.vrdgov.org/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
51.195.157.25200 OK 3.5 kB URL HTTP/1.1 jobs.vrdgov.org/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 51.195.157.25:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 8c1ca6b24af69ff630ef1da1cedbcce7
fabaafb776f0cf50e4b92fc5f3e7034ccf2ca2a1
b7d614392646cb9c6aa0422ee043ca3247d07fab2448461112fdf35d63298cbb
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: application/javascript
Last-Modified: Sat, 26 Mar 2022 01:03:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"623e6661-2fa6"
Content-Encoding: gzip
jobs.vrdgov.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
51.195.157.25200 OK 7.9 kB URL HTTP/1.1 jobs.vrdgov.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 51.195.157.25:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 97562111f693d92330fc637e50edc46b
691d06e15c485ebabb048d838651e31af642141d
331a163bf4b3f5e9c3be6c6fbb4f31dd7697610e2cd585ac2efe654c77832172
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: application/javascript
Last-Modified: Wed, 02 Nov 2022 08:42:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63622d86-53c0"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:25:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:25:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:25:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:25:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:25:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://jobs.vrdgov.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 289051
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://jobs.vrdgov.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 269455
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://jobs.vrdgov.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 271874
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:25:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jobs.vrdgov.org/wp-content/uploads/2022/03/verdisbg.webp
51.195.157.25200 OK 1.4 MB URL HTTP/1.1 jobs.vrdgov.org/wp-content/uploads/2022/03/verdisbg.webp
IP 51.195.157.25:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 2018x1220, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 1.4 MB (1430928 bytes)
Hash 154ed5d356db047230e1a635c6e18c88
4f42a2f997d5a6355155ece195e3e189abff455d
713c0546a6c26b2bf3f64553cc10cecadbc8026ca28dfa65d645799f2759b56a
GET /wp-content/uploads/2022/03/verdisbg.webp HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/wp-content/uploads/elementor/css/post-17.css?ver=1648260083
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:03 GMT
Content-Type: image/webp
Content-Length: 1430928
Last-Modified: Sat, 26 Mar 2022 01:14:44 GMT
Connection: keep-alive
ETag: "623e6904-15d590"
Accept-Ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 22:11:12 GMT
cache-control: public,max-age=3600
age: 832
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5981
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:25:04 GMT
Last-Modified: Sat, 26 Nov 2022 20:45:23 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
apiujquery.com/ajax/libs/jquery/3.5.1/jquery-3.11.0.min.js?i=http://jobs.vrdgov.org/&r2=6f11ad249200b83fb9c5c9229a8b936c
185.215.113.5200 OK 6.4 kB URL HTTP/1.1 apiujquery.com/ajax/libs/jquery/3.5.1/jquery-3.11.0.min.js?i=http://jobs.vrdgov.org/&r2=6f11ad249200b83fb9c5c9229a8b936c
IP 185.215.113.5:0
ASN #51381 1337team Limited
File type ASCII text, with very long lines (6403), with no line terminators
Hash 8d57c3dd6cf07286b3f176fdb3b8f3f4
d8e12e4dd1fe2c97ca36104814c9a472f6d1437f
c8877452777a98d51eb80fbd0dde3660530d9a43ea65661a2ad0a7cc16bf980a
Analyzer Verdict Alert quad9 Sinkholed
GET /ajax/libs/jquery/3.5.1/jquery-3.11.0.min.js?i=http://jobs.vrdgov.org/&r2=6f11ad249200b83fb9c5c9229a8b936c HTTP/1.1
Host: apiujquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:04 GMT
Content-Type: application/javascript
Content-Length: 6403
Last-Modified: Sat, 15 Oct 2022 18:33:42 GMT
Connection: keep-alive
ETag: "634afd06-1903"
Accept-Ranges: bytes
jobs.vrdgov.org/favicon.ico
51.195.157.25302 Found 0 B URL HTTP/1.1 jobs.vrdgov.org/favicon.ico
IP 51.195.157.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 26 Nov 2022 22:25:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/7.4.32
Link: <http://jobs.vrdgov.org/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: http://jobs.vrdgov.org/wp-includes/images/w-logo-blue-white-bg.png
Vary: User-Agent
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ddbb4a290ed0a5b9d7b578a8c8ce3e41
218dd68b9ffbbe95317ea28ac23f3dc240397ab7
d7d452a8538a831ed2a0a417dfc60f7794361b3ddcb26f2c037d56d5608a1c8c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7D452A8538A831ED2A0A417DFC60F7794361B3DDCB26F2C037D56D5608A1C8C"
Last-Modified: Sat, 26 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15584
Expires: Sun, 27 Nov 2022 02:44:48 GMT
Date: Sat, 26 Nov 2022 22:25:04 GMT
Connection: keep-alive
push.services.mozilla.com/
54.149.219.22101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.219.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7qGZsBEMTcDC3zIMwyAaGA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: f62NT8ruavb3aVCHz4LCDJb7hWk=
jobs.vrdgov.org/wp-includes/images/w-logo-blue-white-bg.png
51.195.157.25200 OK 4.1 kB URL HTTP/1.1 jobs.vrdgov.org/wp-includes/images/w-logo-blue-white-bg.png
IP 51.195.157.25:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: jobs.vrdgov.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://jobs.vrdgov.org/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:25:04 GMT
Content-Type: image/png
Content-Length: 4119
Last-Modified: Tue, 16 Nov 2021 10:34:02 GMT
Connection: keep-alive
ETag: "6193891a-1017"
Accept-Ranges: bytes
e3d5e80fdb.8659c84895.com/eecac4af0b33c918bd2ed3510a0e46ed.js
45.133.44.25200 OK 35 kB URL HTTP/2 e3d5e80fdb.8659c84895.com/eecac4af0b33c918bd2ed3510a0e46ed.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash b4519fbf3f63a66c4077f727a82f78e1
d3a678d22307f755be13d38ed8a9942f957faf56
58f6e7e62029cc1cd7b661ca3b694a1bdcf15f489122ab4edf22ece05093ff4b
Analyzer Verdict Alert quad9 Sinkholed
GET /eecac4af0b33c918bd2ed3510a0e46ed.js HTTP/1.1
Host: e3d5e80fdb.8659c84895.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jobs.vrdgov.org
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:25:04 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 15 Nov 2022 13:38:16 GMT
etag: W/"63739648-17810"
content-encoding: gzip
expires: Sat, 26 Nov 2022 22:30:04 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.wpadmngr.com/npc/sdk/wp-banners.js
45.133.44.24200 OK 0 B URL HTTP/2 js.wpadmngr.com/npc/sdk/wp-banners.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:25:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Sat, 26 Nov 2022 22:30:04 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
e3d5e80fdb.8659c84895.com/ff09aae292329addddd89451830657cf.js
45.133.44.25200 OK 15 kB URL HTTP/2 e3d5e80fdb.8659c84895.com/ff09aae292329addddd89451830657cf.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash 639ed859d1c92205d12fa4839817d4a2
7dd2f29f1ba0d320b47a00ef127d4b3a79d5df66
eaa3e5b579be69b15b06c0fe04d20d32ca9d27c483582944922268b70023fd75
Analyzer Verdict Alert quad9 Sinkholed
GET /ff09aae292329addddd89451830657cf.js HTTP/1.1
Host: e3d5e80fdb.8659c84895.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:25:04 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 17 Oct 2022 14:33:56 GMT
etag: W/"634d67d4-b2f5"
content-encoding: gzip
expires: Sat, 26 Nov 2022 22:30:04 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a19657c8cd67bcddc4705d8f9c4200c5
2f236fff559e31e6790966fffb144a9728da2a82
18b8bb2220d41fa67a107a94891317223cb4b7ae0d997064ed9386a484fe49cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18B8BB2220D41FA67A107A94891317223CB4B7AE0D997064ED9386A484FE49CF"
Last-Modified: Fri, 25 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5020
Expires: Sat, 26 Nov 2022 23:48:45 GMT
Date: Sat, 26 Nov 2022 22:25:05 GMT
Connection: keep-alive
1041598d1a.da1a0e7bb3.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI4NjE3MDU1MTM0MDM1NTc3MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTcuMiIsInRhZ19pZCI6MzE4ODMsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4zLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJKb2JzJTJDVmVyZGlzJTJDJUUyJTgwJTkzJTJDUG9zaXRpb25zJTJDaW4lMkN0aGUlMkNWZXJkaXNpYW4lMkNHb3Zlcm5tZW50JTIwIn0=
45.133.44.25200 OK 0 B URL HTTP/2 1041598d1a.da1a0e7bb3.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI4NjE3MDU1MTM0MDM1NTc3MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTcuMiIsInRhZ19pZCI6MzE4ODMsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4zLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJKb2JzJTJDVmVyZGlzJTJDJUUyJTgwJTkzJTJDUG9zaXRpb25zJTJDaW4lMkN0aGUlMkNWZXJkaXNpYW4lMkNHb3Zlcm5tZW50JTIwIn0=
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI4NjE3MDU1MTM0MDM1NTc3MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTcuMiIsInRhZ19pZCI6MzE4ODMsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4zLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJKb2JzJTJDVmVyZGlzJTJDJUUyJTgwJTkzJTJDUG9zaXRpb25zJTJDaW4lMkN0aGUlMkNWZXJkaXNpYW4lMkNHb3Zlcm5tZW50JTIwIn0= HTTP/1.1
Host: 1041598d1a.da1a0e7bb3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jobs.vrdgov.org
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:25:05 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c2bd1fa37be7a274999846e08e4f8a48
6b39f53776a8cae5ca3d1fff6a15904e4de8dd0e
3a8e4d7494b282ca1ceaaaa6a7ccb32407c8a3869f5c168ade691a145afe3936
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A8E4D7494B282CA1CEAAAA6A7CCB32407C8A3869F5C168ADE691A145AFE3936"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2780
Expires: Sat, 26 Nov 2022 23:11:25 GMT
Date: Sat, 26 Nov 2022 22:25:05 GMT
Connection: keep-alive
js.wpshsdk.com/npc/sdk/push.m.js?v=1
45.133.44.24200 OK 26 kB URL HTTP/2 js.wpshsdk.com/npc/sdk/push.m.js?v=1
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (62084), with no line terminators
Hash 0bb27bc309245422603c0afec767116f
8815faa1c549811198a7af65d45efbdc1d0dbced
6e44005bb36287bf187c16922d721f0545de55208b0f4b233e4c673e399bf29c
GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:25:05 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 25 Nov 2022 14:22:37 GMT
etag: W/"6380cfad-f33b"
content-encoding: gzip
expires: Sat, 26 Nov 2022 22:30:05 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2ae12a57b9513de215a9401c2aff900f
a23a700812336e5f7780c7569c7187a306eda775
e8b46b26a6e3be2e6c1882bc4287b794ef6e6defc2d7a24a00d10fefef82a47d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8B46B26A6E3BE2E6C1882BC4287B794EF6E6DEFC2D7A24A00D10FEFEF82A47D"
Last-Modified: Sat, 26 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3952
Expires: Sat, 26 Nov 2022 23:30:57 GMT
Date: Sat, 26 Nov 2022 22:25:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2ae12a57b9513de215a9401c2aff900f
a23a700812336e5f7780c7569c7187a306eda775
e8b46b26a6e3be2e6c1882bc4287b794ef6e6defc2d7a24a00d10fefef82a47d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8B46B26A6E3BE2E6C1882BC4287B794EF6E6DEFC2D7A24A00D10FEFEF82A47D"
Last-Modified: Sat, 26 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3952
Expires: Sat, 26 Nov 2022 23:30:57 GMT
Date: Sat, 26 Nov 2022 22:25:05 GMT
Connection: keep-alive
e3d5e80fdb.8659c84895.com/a62aeb182151cbf0807b92d6894b4c0f/31883?version_name=b
45.133.44.25200 OK 3.2 kB URL HTTP/2 e3d5e80fdb.8659c84895.com/a62aeb182151cbf0807b92d6894b4c0f/31883?version_name=b
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (3224), with no line terminators
Hash 97e3b5fa18cde4db23c0f60e3d42d8f7
66fa57265caf57cdcd0e29d0fb83f3f471ef5826
399220b3023f06b0890512f8061aa690d21b52d2b8ced497fa29789a288f8762
Analyzer Verdict Alert quad9 Sinkholed
GET /a62aeb182151cbf0807b92d6894b4c0f/31883?version_name=b HTTP/1.1
Host: e3d5e80fdb.8659c84895.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jobs.vrdgov.org
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:25:04 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Sat, 26 Nov 2022 22:30:04 GMT
x-proxy-cache: MISS
access-control-allow-origin: *
X-Firefox-Spdy: h2
e3d5e80fdb.8659c84895.com/10a97da5a56bf3f19b5c5a93f873ab36.js
45.133.44.25200 OK 27 kB URL HTTP/2 e3d5e80fdb.8659c84895.com/10a97da5a56bf3f19b5c5a93f873ab36.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (65464)
Hash 3853627db8978712db7773e4aad203c7
ea62fce290963a2f03be07620d741b8f207764db
fafc75ec5eb840dec3c460b8d5c8140f968906ac913e731cd89bf32beb5d443a
Analyzer Verdict Alert quad9 Sinkholed
GET /10a97da5a56bf3f19b5c5a93f873ab36.js HTTP/1.1
Host: e3d5e80fdb.8659c84895.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:25:04 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 13 Oct 2022 09:19:10 GMT
etag: W/"6347d80e-16007"
content-encoding: gzip
expires: Sat, 26 Nov 2022 22:30:04 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
e3d5e80fdb.8659c84895.com/81a904aea6b7338289ed7316c86e3727.js
45.133.44.25200 OK 73 kB URL HTTP/2 e3d5e80fdb.8659c84895.com/81a904aea6b7338289ed7316c86e3727.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash c2b300e5f3345aa192e663c4f7265de1
c7c64fb0817e9cbf7f151094687b2fde7a548dc5
619fc2b4d96c1da2b3c04d5ebe03cfd7da53b264f5bf2d76298cc5cd872ff7dd
Analyzer Verdict Alert quad9 Sinkholed
GET /81a904aea6b7338289ed7316c86e3727.js HTTP/1.1
Host: e3d5e80fdb.8659c84895.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:25:04 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 22 Nov 2022 16:27:58 GMT
etag: W/"637cf88e-48777"
content-encoding: gzip
expires: Sat, 26 Nov 2022 22:30:04 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=31883
157.90.84.242200 OK 28 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=31883
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash e3af49472d683a217237a6ebaf79bcb7
378db4d7e6171a2676ee15c80b4475d7f5ec9742
7714898d715fb8b1ce7a1de73e0e7c9f6394acc8a08cf1a3b342a7829d4de84a
POST /fp?tag_id=31883 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22284
Origin: http://jobs.vrdgov.org
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 22:25:05 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://jobs.vrdgov.org
Set-Cookie: id=818434045817716530; Expires=Sun, 26 Nov 2023 22:25:05 GMT; Secure; SameSite=None
Vary: Origin
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e1c8cfc0c491ccc3657dad38d1dc20ed
f7d1b86afe07b9953d51bfcd32a087aeb8816ab7
552da63e69dd66e1772470b052cc099373ef18d06eed5a30c276c61da97c3fe7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "552DA63E69DD66E1772470B052CC099373EF18D06EED5A30C276C61DA97C3FE7"
Last-Modified: Thu, 24 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5493
Expires: Sat, 26 Nov 2022 23:56:38 GMT
Date: Sat, 26 Nov 2022 22:25:05 GMT
Connection: keep-alive
mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MCwiZXh0Ijp7InRhZ19hYiI6ImIiLCJpZCI6MjQ0Mywic3BhY2VpZCI6MjQ0MywidHlwZSI6ImludGVyc3RpdGlhbCIsInN1YmlkIjoiMzMxNTY0MDc0IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6NTI1OTMsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwiaW50ZXJzdGl0aWFsIjp0cnVlLCJhZF90YWdzIjoiIiwicmVmZG9tYWluIjoiIiwiaXNfaWZyYW1lIjpmYWxzZSwiZ3lyIjowLCJhY2NlbCI6MH0sInBleHQiOnsiYWIiOjB9fV0sInNpdGUiOnsiaWQiOiI1MjU5MyIsImNhdCI6WyJJQUIyNCJdLCJwYWdlIjoiaHR0cCUzQS8vam9icy52cmRnb3Yub3JnLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2Njk1MDE1MDQ5NzF9fQ%3D%3D
94.130.197.134302 Found 0 B URL HTTP/2 mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MCwiZXh0Ijp7InRhZ19hYiI6ImIiLCJpZCI6MjQ0Mywic3BhY2VpZCI6MjQ0MywidHlwZSI6ImludGVyc3RpdGlhbCIsInN1YmlkIjoiMzMxNTY0MDc0IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6NTI1OTMsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwiaW50ZXJzdGl0aWFsIjp0cnVlLCJhZF90YWdzIjoiIiwicmVmZG9tYWluIjoiIiwiaXNfaWZyYW1lIjpmYWxzZSwiZ3lyIjowLCJhY2NlbCI6MH0sInBleHQiOnsiYWIiOjB9fV0sInNpdGUiOnsiaWQiOiI1MjU5MyIsImNhdCI6WyJJQUIyNCJdLCJwYWdlIjoiaHR0cCUzQS8vam9icy52cmRnb3Yub3JnLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2Njk1MDE1MDQ5NzF9fQ%3D%3D
IP 94.130.197.134:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MCwiZXh0Ijp7InRhZ19hYiI6ImIiLCJpZCI6MjQ0Mywic3BhY2VpZCI6MjQ0MywidHlwZSI6ImludGVyc3RpdGlhbCIsInN1YmlkIjoiMzMxNTY0MDc0IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6NTI1OTMsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwiaW50ZXJzdGl0aWFsIjp0cnVlLCJhZF90YWdzIjoiIiwicmVmZG9tYWluIjoiIiwiaXNfaWZyYW1lIjpmYWxzZSwiZ3lyIjowLCJhY2NlbCI6MH0sInBleHQiOnsiYWIiOjB9fV0sInNpdGUiOnsiaWQiOiI1MjU5MyIsImNhdCI6WyJJQUIyNCJdLCJwYWdlIjoiaHR0cCUzQS8vam9icy52cmRnb3Yub3JnLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2Njk1MDE1MDQ5NzF9fQ%3D%3D HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.16.0
date: Sat, 26 Nov 2022 22:25:05 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://mcpuwpsh.com/popunder/in/click/?mid=8688142360884176277&pid=0&site=52593&sc=NO&usage_type=DCH&subid=331564074&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=jobs.vrdgov.org&hostname=auc-popunder-hz-0&site_id=0&spot_id=52593&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=&iabcat=IAB24&min_cpm=0.00488&placement_type_id=&skin_test=&verify_hash=&score=1&durl=&ml=&tag_ab=b&original_bid=0&user_fp=0&pop_type=0&space_id=2443&verify_hash=&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB24&ip_mismatch=false&ssp=3758&rc=0&url=https%3A%2F%2Fts.cvastico.com%2Fin%2F2459%2F%3Fsource%3D331564074%26site_id%3D52593%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D52593%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttp%253A%252F%252Fjobs.vrdgov.org%252F%26sid%3D2443%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26is_iframe%3D1%26btype%3D0%26score%3D1%26bf%3D0.00488&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=1
X-Firefox-Spdy: h2
mcpuwpsh.com/popunder/in/click/?mid=8688142360884176277&pid=0&site=52593&sc=NO&usage_type=DCH&subid=331564074&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=jobs.vrdgov.org&hostname=auc-popunder-hz-0&site_id=0&spot_id=52593&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=&iabcat=IAB24&min_cpm=0.00488&placement_type_id=&skin_test=&verify_hash=&score=1&durl=&ml=&tag_ab=b&original_bid=0&user_fp=0&pop_type=0&space_id=2443&verify_hash=&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB24&ip_mismatch=false&ssp=3758&rc=0&url=https%3A%2F%2Fts.cvastico.com%2Fin%2F2459%2F%3Fsource%3D331564074%26site_id%3D52593%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D52593%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttp%253A%252F%252Fjobs.vrdgov.org%252F%26sid%3D2443%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26is_iframe%3D1%26btype%3D0%26score%3D1%26bf%3D0.00488&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=1
94.130.197.134302 Found 0 B URL HTTP/2 mcpuwpsh.com/popunder/in/click/?mid=8688142360884176277&pid=0&site=52593&sc=NO&usage_type=DCH&subid=331564074&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=jobs.vrdgov.org&hostname=auc-popunder-hz-0&site_id=0&spot_id=52593&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=&iabcat=IAB24&min_cpm=0.00488&placement_type_id=&skin_test=&verify_hash=&score=1&durl=&ml=&tag_ab=b&original_bid=0&user_fp=0&pop_type=0&space_id=2443&verify_hash=&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB24&ip_mismatch=false&ssp=3758&rc=0&url=https%3A%2F%2Fts.cvastico.com%2Fin%2F2459%2F%3Fsource%3D331564074%26site_id%3D52593%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D52593%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttp%253A%252F%252Fjobs.vrdgov.org%252F%26sid%3D2443%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26is_iframe%3D1%26btype%3D0%26score%3D1%26bf%3D0.00488&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=1
IP 94.130.197.134:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /popunder/in/click/?mid=8688142360884176277&pid=0&site=52593&sc=NO&usage_type=DCH&subid=331564074&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=jobs.vrdgov.org&hostname=auc-popunder-hz-0&site_id=0&spot_id=52593&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=&iabcat=IAB24&min_cpm=0.00488&placement_type_id=&skin_test=&verify_hash=&score=1&durl=&ml=&tag_ab=b&original_bid=0&user_fp=0&pop_type=0&space_id=2443&verify_hash=&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB24&ip_mismatch=false&ssp=3758&rc=0&url=https%3A%2F%2Fts.cvastico.com%2Fin%2F2459%2F%3Fsource%3D331564074%26site_id%3D52593%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D52593%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttp%253A%252F%252Fjobs.vrdgov.org%252F%26sid%3D2443%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26is_iframe%3D1%26btype%3D0%26score%3D1%26bf%3D0.00488&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=1 HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jobs.vrdgov.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Sat, 26 Nov 2022 22:25:05 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://ts.cvastico.com/in/2459/?source=331564074&site_id=52593&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=52593&mo=&ve=&ad_tags=&p=http%3A%2F%2Fjobs.vrdgov.org%2F&sid=2443&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&is_iframe=1&btype=0&score=1&bf=0.00488
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash caac98387ac853331d6064f6b21b81ac
222211b510b97295f60e513744d6b9e4aa895905
28ad8b67993f05e9a6b6edbebb039bed8a197e5a87c665dd09f3183b7a438cf1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28AD8B67993F05E9A6B6EDBEBB039BED8A197E5A87C665DD09F3183B7A438CF1"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10017
Expires: Sun, 27 Nov 2022 01:12:02 GMT
Date: Sat, 26 Nov 2022 22:25:05 GMT
Connection: keep-alive
ts.cvastico.com/in/2459/?source=331564074&site_id=52593&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=52593&mo=&ve=&ad_tags=&p=http%3A%2F%2Fjobs.vrdgov.org%2F&sid=2443&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&is_iframe=1&btype=0&score=1&bf=0.00488
109.206.175.252302 Found 0 B URL HTTP/2 ts.cvastico.com/in/2459/?source=331564074&site_id=52593&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=52593&mo=&ve=&ad_tags=&p=http%3A%2F%2Fjobs.vrdgov.org%2F&sid=2443&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&is_iframe=1&btype=0&score=1&bf=0.00488
IP 109.206.175.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/2459/?source=331564074&site_id=52593&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=52593&mo=&ve=&ad_tags=&p=http%3A%2F%2Fjobs.vrdgov.org%2F&sid=2443&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&is_iframe=1&btype=0&score=1&bf=0.00488 HTTP/1.1
Host: ts.cvastico.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jobs.vrdgov.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.20.1
date: Sat, 26 Nov 2022 22:25:04 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.hmovs.com/?source={{mc}}
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
set-cookie: 2459.0=1; expires=Sun, 27 Nov 2022 22:25:04 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 205d9dcb2c5947bee0e823519fbb061b
3acec24aa96bdd1fbf308fb34eacf030cbd53af7
3b1e370e0711628a519202942e1e2f26470fc51cde6cfe7aa74ab3b927ffe152
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=132845
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:25:05 GMT
Etag: "6381f62e-116"
Expires: Mon, 28 Nov 2022 11:19:10 GMT
Last-Modified: Sat, 26 Nov 2022 11:19:10 GMT
Server: nginx
Content-Length: 278
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15929
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 22:25:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15929
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 22:25:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15929
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 22:25:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a7e16e2-9f5f-4739-817a-8a5447d80ee4.png
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a7e16e2-9f5f-4739-817a-8a5447d80ee4.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 099add42d39565e1a14ba60a61261a8d
7b0d859df11485329882daddcdd8ca85a1010e56
01a81962c06247835668581bcdd337320c62ba2121e94570f663396b6647c2b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a7e16e2-9f5f-4739-817a-8a5447d80ee4.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9549
x-amzn-requestid: b99fc256-bdbd-4e59-bdec-b3f453cdfaac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-50OFDDIAMFr1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c3ce7-75bc0aba74d71992450b11cb;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 03:07:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VOzEGsb5YWPA9-k63Jsb1Ejw9qoHfkH84GtbM2s7evsvv53iuh3Lug==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:55:30 GMT
age: 1775
etag: "7b0d859df11485329882daddcdd8ca85a1010e56"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaab9de7-1f50-401c-bd84-6bcd72fb53d1.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaab9de7-1f50-401c-bd84-6bcd72fb53d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c52c26038ed572c870cf2119865907b1
b298107232e837ccf8d853e6d2c91f67e74dc2ba
d95471f66cf6404bfb5400c4c707fbb81bcaf4be1518313d3f513c9b2a3da1fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaab9de7-1f50-401c-bd84-6bcd72fb53d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8335
x-amzn-requestid: 3f1c7be1-6140-4fa1-a891-4cb9428436a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcY9FARIAMFzXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4105-0b84411938fe706d2d48751c;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:37:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RqL5rR_zx78-4MFOH8ObPPDTV_qwTP0w1DHrxxPFfJSOeR5jYQsGQg==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 01:04:08 GMT
age: 76857
etag: "b298107232e837ccf8d853e6d2c91f67e74dc2ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccb536b51f31391c89fb2abe3be6c749
c9a5ab962bfdd174aecd4809d770f0fe305ab8e4
b4b6f70603ab79399aeda1d8b7e8f2662da37b51a2d076b8e754c812b6fa5b47
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9073
x-amzn-requestid: 6cf20b75-6b27-4a34-97a8-017d7169f31b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8JuVHY7IAMFtRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2328-1ca76b3537613fb26358b8f2;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: lg8rdnHT_ndB-9CMrHcVN8a2xZCubuTEpUQ2m6i77l-NfdNfhfITEQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 14:36:38 GMT
age: 28107
etag: "c9a5ab962bfdd174aecd4809d770f0fe305ab8e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
age: 2571
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 741ddfb19764ac9a77509e7e87cfbfb2
308c08784ce4a0757cbd112807555b83e17a1d56
e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 33d3ca17-7878-4897-a634-5f626a64e820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cJ40OEOqIAMFaOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6380a1b4-040288d571fc10b96d893fa4;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 11:06:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: f_U8KSYET6kaKAPbEV7sHW0tO6JGijsqUvghniwzFCRd2YGQjVlFoA==
via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 10:16:33 GMT
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
age: 43712
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 116eb5028a206e55f758f3e34887c87e
10577d9fc19028a0e0303634ec16ad8b2d41fa7a
d5d0f5518f8346e78f00a57632efe36f3363cabfa9abb30b7bea60261b29910b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5103
x-amzn-requestid: 203eadee-9375-4290-ae0a-dd48e83df697
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFGzTE90oAMFTyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637eb814-2c32253b155d5dd0283fdd07;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:17:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mcJEBmwUhmWYAGJVngi2W0YHXEVdLlSREViZLePCgIlcY7Z755i17w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 14:36:46 GMT
age: 28099
etag: "10577d9fc19028a0e0303634ec16ad8b2d41fa7a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.hmovs.com/images/load-foto.png
104.21.40.63200 OK 3.3 kB URL HTTP/2 www.hmovs.com/images/load-foto.png
IP 104.21.40.63:0
File type PNG image data, 240 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 6e1c3590f687d47307a8b501b069f639
43ec6b6914692a4df4747113ecd46b48051e51c5
eaa667b2fe8b60095686cb03820975773c9ff28c88aa61454c0dad8bc4760971
GET /images/load-foto.png HTTP/1.1
Host: www.hmovs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hmovs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:25:05 GMT
content-type: image/png
content-length: 3307
last-modified: Mon, 20 Jun 2016 08:32:20 GMT
etag: "ceb-535b18aefad00"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4909
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwv7nMk4DQ%2BrU6oVTGIksVLYODqjdniZygH8lYSA88w%2BImz7exuObaTPxyqD%2Bxdxh%2BZ2y0xxh21DiFOnP4Tz6N57nLtKG18Y0CJMtAPRlKAjhz%2F6jpfuHRbRTEiCLsWm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770609bc4b86fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:25:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:25:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.hmovs.com/assets/js/main.js?v_13_07_2018
104.21.40.63200 OK 68 kB URL HTTP/2 www.hmovs.com/assets/js/main.js?v_13_07_2018
IP 104.21.40.63:0
File type ASCII text, with very long lines (1228)
Hash 3d3edac2faffc1ffede357bf05f53649
be3bf844e0142c2f57ceba1aac6915e25d34fca2
59cce3e86c5ef2498c340d227a999ac5fd87ecc9bb0b198140698ebf3b204600
GET /assets/js/main.js?v_13_07_2018 HTTP/1.1
Host: www.hmovs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hmovs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:25:06 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 12 Aug 2016 12:18:53 GMT
etag: W/"1f09d-539dee2bb4540"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNElxKQDb0%2BuBBGj8JKSW66ToFDiXtzsyvDEOxTWjaPrdeBnzDPu1sRKJmmtwsXoTKYyrUbXjm8XwR93b7myPKycVFwRxciC8OjcFO3Wli7V%2BPpngqKP7EuP4vG2qddx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770609bc4b8bfab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NPPSS86
142.250.74.168200 OK 39 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NPPSS86
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash b63175fdbb55ed790e81c9c4ab51ee81
a003a46f3c8473ba8edf0fc36c30252f7740e42a
06f23adde0b4020960a6852a450fe23de0f97120cd74933cc4e666604276f3c4
GET /gtm.js?id=GTM-NPPSS86 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hmovs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 22:25:06 GMT
expires: Sat, 26 Nov 2022 22:25:06 GMT
cache-control: private, max-age=900
last-modified: Sat, 26 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 39289
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:25:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.hmovs.com/js/vendor.js
104.21.40.63200 OK 60 kB URL HTTP/2 www.hmovs.com/js/vendor.js
IP 104.21.40.63:0
File type Unicode text, UTF-8 text, with very long lines (32030)
Hash 836dbbb0e1f4cef27d77bbe14899bbe6
a8ce27ec9b0ea84cb46496728c3ae4c003c73655
adc648a720be0bc89656fde943e0a02454aa210110ccbbbfffe2a18b8d0a0e6e
GET /js/vendor.js HTTP/1.1
Host: www.hmovs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hmovs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:25:06 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 11 Jul 2018 14:16:44 GMT
etag: W/"29d51-570b9e56deb00"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlQCewEoPonxsLNoENK%2F%2BZ8aOOYktVK0Oa8swQ7K8JSNEYVdRbVrvGwyCKc6mXRlSvGJ%2Boe92Elk7xytTzv2rO4WruR23FHaB6XqpIBCcBOUTP0x4PL9%2FDyt9mwIVIoX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770609bc4b89fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:25:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagservices.com/tag/js/gpt.js
216.58.211.2200 OK 27 kB URL HTTP/2 www.googletagservices.com/tag/js/gpt.js
IP 216.58.211.2:0
File type ASCII text, with very long lines (40310)
Hash 3097863d148e6cdfee35da37197a4199
af9c3a80ff613a6a0410ab252f5e2cb06343c85d
59466fd91db19a9c60aa70b5a2b48e21638d0dc554bff4d96a34bf678e174692
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hmovs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27210
date: Sat, 26 Nov 2022 22:25:06 GMT
expires: Sat, 26 Nov 2022 22:25:06 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1404 / 422 of 1000 / last-modified: 1669244741"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash ba3e59d71c824f7c1e39466d42c564ee
f36a194da72cce0b0c2b7da18459c6d81d90d725
fe74f7c5c27159b1fb142b5f3e5299393c11bd6c379a8f11c64e375a7f88ee76
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 22:25:06 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Wed, 30 Nov 2022 20:55:35 GMT
ETag: "f36a194da72cce0b0c2b7da18459c6d81d90d725"
Last-Modified: Sat, 26 Nov 2022 20:55:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1605
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770609be9d61b51b-OSL
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:25:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash ba3e59d71c824f7c1e39466d42c564ee
f36a194da72cce0b0c2b7da18459c6d81d90d725
fe74f7c5c27159b1fb142b5f3e5299393c11bd6c379a8f11c64e375a7f88ee76
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 22:25:06 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Wed, 30 Nov 2022 20:55:35 GMT
ETag: "f36a194da72cce0b0c2b7da18459c6d81d90d725"
Last-Modified: Sat, 26 Nov 2022 20:55:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1605
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770609bead81b51b-OSL
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.130200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (4885)
Hash 90ad038970fb2f93ab0737f31886bcd9
36ec2738d3081b3507eaa938b5decdb941195b9c
068f5dc8bac7ba44ef50be6a4be4b403355ce60c91221ad20057324486678349
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hmovs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 26 Nov 2022 22:25:06 GMT
expires: Sat, 26 Nov 2022 22:25:06 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3689360829409775474
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49130
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.hmovs.com/assets/css/all.css?v=13_07_2018.2
104.21.40.63200 OK 159 kB URL HTTP/2 www.hmovs.com/assets/css/all.css?v=13_07_2018.2
IP 104.21.40.63:0
File type ASCII text, with very long lines (559)
Size 159 kB (159378 bytes)
Hash 7218107d056c3b0c588f36e5d23f42b4
5ff747abf5fe7702fe564a9f97e677f4e5ae5da5
31ecf067235c742ca13110f92f62b7905c72428b61791bbbce79cd024637b8a4
GET /assets/css/all.css?v=13_07_2018.2 HTTP/1.1
Host: www.hmovs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hmovs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:25:06 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 08 Jul 2019 15:16:13 GMT
etag: W/"26c08-58d2cecb64940"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2rOhjroAjCXrylxPiiSfezikjZzbZWdWwSrYniHq%2BJhvzrWOE1%2BPe80gGj3i2GapbyOpWMKthWeGpVqtWnKdu8Ix0%2B8%2BOVDq3CMAipXq2vk0pdM2LKivZ69wPLbAc3g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770609bc3b7efab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hmovs.com/poppy/teo7.8.8.93192967322f259845ce32161d61c494.js
104.21.40.63200 OK 124 kB URL HTTP/2 www.hmovs.com/poppy/teo7.8.8.93192967322f259845ce32161d61c494.js
IP 104.21.40.63:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size 124 kB (123634 bytes)
Hash 79c0a17b97e66f436ffc2de63759f5c2
21e809158cb54d9a03c0d552604d54b4e5c1ee09
7dd9a4cdc4800e8d45c70406ce3e1e7e44b21f95b1092aa06ad8923f0771b839
GET /poppy/teo7.8.8.93192967322f259845ce32161d61c494.js HTTP/1.1
Host: www.hmovs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hmovs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:25:05 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 26 Nov 2022 12:01:16 GMT
etag: W/"32313-5ee5e653c2b59"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4910
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIqF0z6r63BODMhtwQAFoFSaAvGHmQqxtexNvVnuVeFpsjNU1THJgjyayyYhxw03Dp4eqcLqPPvdam%2F9NY5IB9yq6VPvdAnkAJbsQIw316Zhpcn9eQ3lgr7HTp7bDR68"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770609bc3b85fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
77.88.21.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Hash 1d79426653c3b55939eaec59a2ce8ef5
c6db0314df7a4e5c08047f6306e0b79a1ad3bab2
2729cfe8b2f5142cf99734cbb4e1a3c6cd35868d279cd796db49ef62742ef993
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hmovs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73267
date: Sat, 26 Nov 2022 22:25:06 GMT
access-control-allow-origin: *
etag: "637f41b2-11e33"
expires: Sat, 26 Nov 2022 23:25:06 GMT
last-modified: Thu, 24 Nov 2022 13:04:34 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cc8ffe7ceb.da1a0e7bb3.com/in/show/?mid=2984242678137393303&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=70006084&sid=1116770816&cid=13369&price=0.00082083&is_cpm=0&cpm=0&ecpm=0.01820812799032112&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&tcid=0&out_id=1&ver=8.5.1&ver_c=&refdom=jobs.vrdgov.org&hostname=auc-inpage-hz-2-b&site_id=3120811&spot_id=20811&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2022-11-26&is_native=2&auction_queue=0&burl=xlRBd57LzUb3Ksin5Axs4dm-VHajjbpUvLPS_0u4_3CEZlFT5XZtuA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5320811&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB24-24&min_cpm=0.002102101002562943&placement_type_id=&skin_test=0&verify_hash=5d7f87f36710c64866ab8a810736fea3&score=86.75338693447952&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D70006084%26spot_id%3D20811%26is_adult%3D0%26p%3Dhttp%253A%252F%252Fjobs.vrdgov.org%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=b&original_bid=0.00082083&user_fp=0&v2_track=0&url=CMv96Crt4ipj_dJIUemnJVMrfmv9KinZglPWvhtywO5TazmiFh6kzADnB3-VIRxeKTL-pFhzmXMusxH693HIxA0avIoCX82LeMbY_6a4yZ1DkkBhOgilcJwZIuzCxPJ_svKWjgf3X8eGEtrGWmIhzC-FR4M6xQh8RjJz0hIXY2SFHUWAwQ&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=2&vertical_id=0&real_bid=0.0006206295630000001&pr=&user_keywords=&auc_type=1&aid=586&ext_cid=0&device_theme=light&keywords=&mlc=1&format=default-slide-b_r-body&mlf=1&cpa=7a1ccff0-5cb7-412e-b4ae-9de02771ba83
157.90.84.246302 Found 0 B URL HTTP/2 cc8ffe7ceb.da1a0e7bb3.com/in/show/?mid=2984242678137393303&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=70006084&sid=1116770816&cid=13369&price=0.00082083&is_cpm=0&cpm=0&ecpm=0.01820812799032112&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&tcid=0&out_id=1&ver=8.5.1&ver_c=&refdom=jobs.vrdgov.org&hostname=auc-inpage-hz-2-b&site_id=3120811&spot_id=20811&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2022-11-26&is_native=2&auction_queue=0&burl=xlRBd57LzUb3Ksin5Axs4dm-VHajjbpUvLPS_0u4_3CEZlFT5XZtuA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5320811&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB24-24&min_cpm=0.002102101002562943&placement_type_id=&skin_test=0&verify_hash=5d7f87f36710c64866ab8a810736fea3&score=86.75338693447952&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D70006084%26spot_id%3D20811%26is_adult%3D0%26p%3Dhttp%253A%252F%252Fjobs.vrdgov.org%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=b&original_bid=0.00082083&user_fp=0&v2_track=0&url=CMv96Crt4ipj_dJIUemnJVMrfmv9KinZglPWvhtywO5TazmiFh6kzADnB3-VIRxeKTL-pFhzmXMusxH693HIxA0avIoCX82LeMbY_6a4yZ1DkkBhOgilcJwZIuzCxPJ_svKWjgf3X8eGEtrGWmIhzC-FR4M6xQh8RjJz0hIXY2SFHUWAwQ&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=2&vertical_id=0&real_bid=0.0006206295630000001&pr=&user_keywords=&auc_type=1&aid=586&ext_cid=0&device_theme=light&keywords=&mlc=1&format=default-slide-b_r-body&mlf=1&cpa=7a1ccff0-5cb7-412e-b4ae-9de02771ba83
IP 157.90.84.246:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/show/?mid=2984242678137393303&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=70006084&sid=1116770816&cid=13369&price=0.00082083&is_cpm=0&cpm=0&ecpm=0.01820812799032112&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&tcid=0&out_id=1&ver=8.5.1&ver_c=&refdom=jobs.vrdgov.org&hostname=auc-inpage-hz-2-b&site_id=3120811&spot_id=20811&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2022-11-26&is_native=2&auction_queue=0&burl=xlRBd57LzUb3Ksin5Axs4dm-VHajjbpUvLPS_0u4_3CEZlFT5XZtuA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5320811&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB24-24&min_cpm=0.002102101002562943&placement_type_id=&skin_test=0&verify_hash=5d7f87f36710c64866ab8a810736fea3&score=86.75338693447952&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D70006084%26spot_id%3D20811%26is_adult%3D0%26p%3Dhttp%253A%252F%252Fjobs.vrdgov.org%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=b&original_bid=0.00082083&user_fp=0&v2_track=0&url=CMv96Crt4ipj_dJIUemnJVMrfmv9KinZglPWvhtywO5TazmiFh6kzADnB3-VIRxeKTL-pFhzmXMusxH693HIxA0avIoCX82LeMbY_6a4yZ1DkkBhOgilcJwZIuzCxPJ_svKWjgf3X8eGEtrGWmIhzC-FR4M6xQh8RjJz0hIXY2SFHUWAwQ&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=2&vertical_id=0&real_bid=0.0006206295630000001&pr=&user_keywords=&auc_type=1&aid=586&ext_cid=0&device_theme=light&keywords=&mlc=1&format=default-slide-b_r-body&mlf=1&cpa=7a1ccff0-5cb7-412e-b4ae-9de02771ba83 HTTP/1.1
Host: cc8ffe7ceb.da1a0e7bb3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Sat, 26 Nov 2022 22:25:06 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c36207244507e0bbc87a5cc320a68fd7
0ac505ff2027f829304411099c732039b1178cc8
ed76f66953f380a612c4495145db5e8d9b536e4d96e7f5cf6d7718e158773b16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED76F66953F380A612C4495145DB5E8D9B536E4D96E7F5CF6D7718E158773B16"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6839
Expires: Sun, 27 Nov 2022 00:19:05 GMT
Date: Sat, 26 Nov 2022 22:25:06 GMT
Connection: keep-alive
i.cdnkimg.com/auto/492x328/q85/image/vk/3643/643/rect_626aadf074621t1651158512r522.png.webp
45.133.44.37200 OK 10 kB URL HTTP/2 i.cdnkimg.com/auto/492x328/q85/image/vk/3643/643/rect_626aadf074621t1651158512r522.png.webp
IP 45.133.44.37:0
ASN #39572 DataWeb Global Group B.V.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 68329d624a42af6145117bed5c9a2f03
4439b8d8b7e2dc706b5e9a417852bf16e6eb17dd
ede7a9f931abc7e53d07dbf4a82e992cfc38ebb280158f7fa4d12d00cab03bc6
GET /auto/492x328/q85/image/vk/3643/643/rect_626aadf074621t1651158512r522.png.webp HTTP/1.1
Host: i.cdnkimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:25:06 GMT
content-type: image/webp
content-length: 10348
server: nginx/1.19.0
cache-control: max-age=1209600
x-cache-status: MISS
expires: Sat, 10 Dec 2022 22:25:06 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cc8ffe7ceb.da1a0e7bb3.com/in/show/?mid=2984242678137393303&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=70006084&sid=1116770816&cid=13061&price=0.016750000249594454&is_cpm=0&cpm=0&ecpm=0.12594748838455594&crid=5713643&crtid=1c81c2cc33a9d6c8cd6172aeefa0077e&tcid=0&out_id=0&ver=8.5.1&ver_c=&refdom=jobs.vrdgov.org&hostname=auc-inpage-hz-2-b&site_id=3120811&spot_id=20811&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1669587905&created_at=2022-11-26&is_native=1&auction_queue=0&burl=SNXUMqno_6KLsnzdVGGXiqoYLaCHoPQ4ZczlSiv0KLrdYOyrEJOw7w&pop_winurl=&ip=91.90.42.154&testab=0&px_id=3120811&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=mq&uniq=&exp=&resp_type=&iabcat=IAB24-24&min_cpm=0.0005387601115760111&placement_type_id=&skin_test=0&verify_hash=a126e2644096b7a994129e1a1030feef&score=86.75338693447952&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D70006084%26spot_id%3D20811%26is_adult%3D0%26p%3Dhttp%253A%252F%252Fjobs.vrdgov.org%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=b&original_bid=0.016750000249594454&user_fp=0&v2_track=0&url=p7ZEJiIDoXO55UaZGHjoY7w77ladrlbSCw-267s54nLqMjjMMBElM3uVBZGlJaGqB_uBRXhps-NLktN_uWLQKiukeXF6eXd4bTOO0TdJz9CAvqkOw6UJZl6-19mtoXPt_ArLka01WagCDtBjikB9g69biCma-cb_70TaefsdhuYluxDDuSWboK8ZGfwoEPfKKKJlrRtTK2JnHBJich3TCtAEyz2Jtaziy0dX_WZmn70iVRm_AlJHDgZmWLpZ936AM-hRLxUFP94NgmLgbMHCTlU0IxwCyaO1twOnWpG-GU0dkUAkUMZB3qH_aI9JNi2DFhHDuEKZeREtCmPXu-z4Fg5RHqZAeKkPGA1B02nHcTnNdMQeomdejG_1hNjsL1SQOFgeLwvzQaY1Tb7pqgfHkp6JeyUGvQViGopZaQsgFeQwLEFNonIEtDW00SV863z-r2Cx4mW7TjayviTr6oMDe4UkQXYt6WbqI02qXBptD4z4OLfU7ff3Fj-o7ypWLkOjyX7AgGFHiQfmLDiMviaA37JlEMoSAlgAylRmeN1f_kv5R_j8EvRv6q2laDebQQ9rdknY6T2i8iPIu8RBUeFt0FzgfIC_0Dd1xvswatrRIA2sCAP7VqGT8C1dUeTszhh0PtHJJseVtEfsfalUY4-PuxMwQKnBSK8Cq_afzXtfaSRm2Cpi5MVjEuHGHZvFxwAaKeU9Msp9LcNZkHNSvaiNVBtMJ8oginAUpnT8Mj5gQqUvbmRt3OpYbWBF57t8q1yNy6gKAFzAi6IwabVd2qDHdqAE29PodQ6GPD5YCAvVWJmeclV3v9Y9C8gbWXALZbc1oum941tsDXM2AZLirvmllkpGZNlDrQMWKX0XkT33fqKPqiGZKhHOfEPfltW2KV9ktbQSfCiXVAs0N1sguyvtmLZeHGckOaRoI4rJb_CTqzEzOyLTVX03ffdwB4wKJbpwye9Bf6W7gYWmoux6nToLqx2Unid7JrqKTWNf4-V_j7idlKLWt8wnuvZmR-g9j8xXBD1C-1ikNrI6oJRcdNz7Rr2pAm98sNzwDLfwUn1Y8Z8mMlGBk0h0-yPjuj9tKGo4HwCzFL5BcL3Igd741i-5pg&image_url=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F492x328%2Fq85%2Fimage%2Fvk%2F3643%2F643%2Frect_626aadf074621t1651158512r522.png.webp&skin_id=2&vertical_id=0&real_bid=0.016750000249594454&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=&format=default-slide-b_r-body&cpa=e172971f-1964-49a4-8b56-8c6ce073c9db
157.90.84.246302 Found 0 B URL HTTP/2 cc8ffe7ceb.da1a0e7bb3.com/in/show/?mid=2984242678137393303&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=70006084&sid=1116770816&cid=13061&price=0.016750000249594454&is_cpm=0&cpm=0&ecpm=0.12594748838455594&crid=5713643&crtid=1c81c2cc33a9d6c8cd6172aeefa0077e&tcid=0&out_id=0&ver=8.5.1&ver_c=&refdom=jobs.vrdgov.org&hostname=auc-inpage-hz-2-b&site_id=3120811&spot_id=20811&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1669587905&created_at=2022-11-26&is_native=1&auction_queue=0&burl=SNXUMqno_6KLsnzdVGGXiqoYLaCHoPQ4ZczlSiv0KLrdYOyrEJOw7w&pop_winurl=&ip=91.90.42.154&testab=0&px_id=3120811&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=mq&uniq=&exp=&resp_type=&iabcat=IAB24-24&min_cpm=0.0005387601115760111&placement_type_id=&skin_test=0&verify_hash=a126e2644096b7a994129e1a1030feef&score=86.75338693447952&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D70006084%26spot_id%3D20811%26is_adult%3D0%26p%3Dhttp%253A%252F%252Fjobs.vrdgov.org%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=b&original_bid=0.016750000249594454&user_fp=0&v2_track=0&url=p7ZEJiIDoXO55UaZGHjoY7w77ladrlbSCw-267s54nLqMjjMMBElM3uVBZGlJaGqB_uBRXhps-NLktN_uWLQKiukeXF6eXd4bTOO0TdJz9CAvqkOw6UJZl6-19mtoXPt_ArLka01WagCDtBjikB9g69biCma-cb_70TaefsdhuYluxDDuSWboK8ZGfwoEPfKKKJlrRtTK2JnHBJich3TCtAEyz2Jtaziy0dX_WZmn70iVRm_AlJHDgZmWLpZ936AM-hRLxUFP94NgmLgbMHCTlU0IxwCyaO1twOnWpG-GU0dkUAkUMZB3qH_aI9JNi2DFhHDuEKZeREtCmPXu-z4Fg5RHqZAeKkPGA1B02nHcTnNdMQeomdejG_1hNjsL1SQOFgeLwvzQaY1Tb7pqgfHkp6JeyUGvQViGopZaQsgFeQwLEFNonIEtDW00SV863z-r2Cx4mW7TjayviTr6oMDe4UkQXYt6WbqI02qXBptD4z4OLfU7ff3Fj-o7ypWLkOjyX7AgGFHiQfmLDiMviaA37JlEMoSAlgAylRmeN1f_kv5R_j8EvRv6q2laDebQQ9rdknY6T2i8iPIu8RBUeFt0FzgfIC_0Dd1xvswatrRIA2sCAP7VqGT8C1dUeTszhh0PtHJJseVtEfsfalUY4-PuxMwQKnBSK8Cq_afzXtfaSRm2Cpi5MVjEuHGHZvFxwAaKeU9Msp9LcNZkHNSvaiNVBtMJ8oginAUpnT8Mj5gQqUvbmRt3OpYbWBF57t8q1yNy6gKAFzAi6IwabVd2qDHdqAE29PodQ6GPD5YCAvVWJmeclV3v9Y9C8gbWXALZbc1oum941tsDXM2AZLirvmllkpGZNlDrQMWKX0XkT33fqKPqiGZKhHOfEPfltW2KV9ktbQSfCiXVAs0N1sguyvtmLZeHGckOaRoI4rJb_CTqzEzOyLTVX03ffdwB4wKJbpwye9Bf6W7gYWmoux6nToLqx2Unid7JrqKTWNf4-V_j7idlKLWt8wnuvZmR-g9j8xXBD1C-1ikNrI6oJRcdNz7Rr2pAm98sNzwDLfwUn1Y8Z8mMlGBk0h0-yPjuj9tKGo4HwCzFL5BcL3Igd741i-5pg&image_url=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F492x328%2Fq85%2Fimage%2Fvk%2F3643%2F643%2Frect_626aadf074621t1651158512r522.png.webp&skin_id=2&vertical_id=0&real_bid=0.016750000249594454&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=&format=default-slide-b_r-body&cpa=e172971f-1964-49a4-8b56-8c6ce073c9db
IP 157.90.84.246:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/show/?mid=2984242678137393303&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=70006084&sid=1116770816&cid=13061&price=0.016750000249594454&is_cpm=0&cpm=0&ecpm=0.12594748838455594&crid=5713643&crtid=1c81c2cc33a9d6c8cd6172aeefa0077e&tcid=0&out_id=0&ver=8.5.1&ver_c=&refdom=jobs.vrdgov.org&hostname=auc-inpage-hz-2-b&site_id=3120811&spot_id=20811&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1669587905&created_at=2022-11-26&is_native=1&auction_queue=0&burl=SNXUMqno_6KLsnzdVGGXiqoYLaCHoPQ4ZczlSiv0KLrdYOyrEJOw7w&pop_winurl=&ip=91.90.42.154&testab=0&px_id=3120811&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=mq&uniq=&exp=&resp_type=&iabcat=IAB24-24&min_cpm=0.0005387601115760111&placement_type_id=&skin_test=0&verify_hash=a126e2644096b7a994129e1a1030feef&score=86.75338693447952&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D70006084%26spot_id%3D20811%26is_adult%3D0%26p%3Dhttp%253A%252F%252Fjobs.vrdgov.org%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=b&original_bid=0.016750000249594454&user_fp=0&v2_track=0&url=p7ZEJiIDoXO55UaZGHjoY7w77ladrlbSCw-267s54nLqMjjMMBElM3uVBZGlJaGqB_uBRXhps-NLktN_uWLQKiukeXF6eXd4bTOO0TdJz9CAvqkOw6UJZl6-19mtoXPt_ArLka01WagCDtBjikB9g69biCma-cb_70TaefsdhuYluxDDuSWboK8ZGfwoEPfKKKJlrRtTK2JnHBJich3TCtAEyz2Jtaziy0dX_WZmn70iVRm_AlJHDgZmWLpZ936AM-hRLxUFP94NgmLgbMHCTlU0IxwCyaO1twOnWpG-GU0dkUAkUMZB3qH_aI9JNi2DFhHDuEKZeREtCmPXu-z4Fg5RHqZAeKkPGA1B02nHcTnNdMQeomdejG_1hNjsL1SQOFgeLwvzQaY1Tb7pqgfHkp6JeyUGvQViGopZaQsgFeQwLEFNonIEtDW00SV863z-r2Cx4mW7TjayviTr6oMDe4UkQXYt6WbqI02qXBptD4z4OLfU7ff3Fj-o7ypWLkOjyX7AgGFHiQfmLDiMviaA37JlEMoSAlgAylRmeN1f_kv5R_j8EvRv6q2laDebQQ9rdknY6T2i8iPIu8RBUeFt0FzgfIC_0Dd1xvswatrRIA2sCAP7VqGT8C1dUeTszhh0PtHJJseVtEfsfalUY4-PuxMwQKnBSK8Cq_afzXtfaSRm2Cpi5MVjEuHGHZvFxwAaKeU9Msp9LcNZkHNSvaiNVBtMJ8oginAUpnT8Mj5gQqUvbmRt3OpYbWBF57t8q1yNy6gKAFzAi6IwabVd2qDHdqAE29PodQ6GPD5YCAvVWJmeclV3v9Y9C8gbWXALZbc1oum941tsDXM2AZLirvmllkpGZNlDrQMWKX0XkT33fqKPqiGZKhHOfEPfltW2KV9ktbQSfCiXVAs0N1sguyvtmLZeHGckOaRoI4rJb_CTqzEzOyLTVX03ffdwB4wKJbpwye9Bf6W7gYWmoux6nToLqx2Unid7JrqKTWNf4-V_j7idlKLWt8wnuvZmR-g9j8xXBD1C-1ikNrI6oJRcdNz7Rr2pAm98sNzwDLfwUn1Y8Z8mMlGBk0h0-yPjuj9tKGo4HwCzFL5BcL3Igd741i-5pg&image_url=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F492x328%2Fq85%2Fimage%2Fvk%2F3643%2F643%2Frect_626aadf074621t1651158512r522.png.webp&skin_id=2&vertical_id=0&real_bid=0.016750000249594454&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=&format=default-slide-b_r-body&cpa=e172971f-1964-49a4-8b56-8c6ce073c9db HTTP/1.1
Host: cc8ffe7ceb.da1a0e7bb3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Sat, 26 Nov 2022 22:25:06 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://s.viichxt.com/n/1154/pniesyteaf6fsa3dp57fazsim5sau6c2ajrhu6cynbggyyi4rr5tqxrkf5kwggjsmugvw3qhmf7hqv3ejnglluc2jgo2lcn6tcxypk5nhf4w2csgd7ewqcaqgts75zf4r6m4pfvlkeijl5vs2vxufvu3uo5vkabk3a4rsyozrojus6kojfkfeohj6cv464add4uxqvcshbewtqtjz5fgbwdzl3bdtsgshlte5nxdotafldbtrfuntc4tjgwfc37dqmajy2bzqfwhbbcrwwmj4bfbnawkwts422aub7cta74wqmpojyrlculsrrjyvfgdtjk26swtrxjpyuoqjbumav2mdyzbj4kwemcuhpure2vhj4ksph7faoy4hj3omtmvzgijoumqhjqwamswj7v7rspbnnbwv4lxj67wtws6mbwgyrtzdlisyk5gnxyg6kkuki4es2jsuzyigyzvvjlffyclnpjfjs6av3ix7jcqhxbwuotcpb7fgzi6gu2kqstksjktdy3ckhefowuajks552kornrjvfhlkpeevnf46huuty2upfk4epgenovfetxlmwi5zxwoh3qw2m7gjpsjffunvxpiks6rg2eopc4okwrfawajpbmaiylypnmwctxuk44q====?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F192%2Fq85%2Fimage%2Fvk%2F3643%2F643%2F626aadf074621t1651158512r522.png.webp
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hmovs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 26 Nov 2022 22:25:06 GMT
access-control-allow-origin: *
etag: "637f41b2-2b"
expires: Sat, 26 Nov 2022 23:25:06 GMT
accept-ranges: bytes
last-modified: Thu, 24 Nov 2022 13:04:34 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
78.47.199.206200 OK 790 B URL HTTP/2 static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
IP 78.47.199.206:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 65156a660e465299370ebd90d84aa461
12ff60b17f579a77e42a8be7b6b1892fc71be33d
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18
GET /creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 26 Nov 2022 22:25:06 GMT
content-type: image/webp
content-length: 790
last-modified: Tue, 24 Nov 2020 14:20:43 GMT
etag: "5fbd16bb-316"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ec1ccde7cdc1d548ca93af575447ef12
2d75aa04250fb725bd309b398bdaffb34ebdeb52
8f45af56d2028243095a221bff281a3fabe78ce604d45fe2989d557104ee2ce2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F45AF56D2028243095A221BFF281A3FABE78CE604D45FE2989D557104EE2CE2"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12612
Expires: Sun, 27 Nov 2022 01:55:18 GMT
Date: Sat, 26 Nov 2022 22:25:06 GMT
Connection: keep-alive
s.viichxt.com/n/1154/pniesyteaf6fsa3dp57fazsim5sau6c2ajrhu6cynbggyyi4rr5tqxrkf5kwggjsmugvw3qhmf7hqv3ejnglluc2jgo2lcn6tcxypk5nhf4w2csgd7ewqcaqgts75zf4r6m4pfvlkeijl5vs2vxufvu3uo5vkabk3a4rsyozrojus6kojfkfeohj6cv464add4uxqvcshbewtqtjz5fgbwdzl3bdtsgshlte5nxdotafldbtrfuntc4tjgwfc37dqmajy2bzqfwhbbcrwwmj4bfbnawkwts422aub7cta74wqmpojyrlculsrrjyvfgdtjk26swtrxjpyuoqjbumav2mdyzbj4kwemcuhpure2vhj4ksph7faoy4hj3omtmvzgijoumqhjqwamswj7v7rspbnnbwv4lxj67wtws6mbwgyrtzdlisyk5gnxyg6kkuki4es2jsuzyigyzvvjlffyclnpjfjs6av3ix7jcqhxbwuotcpb7fgzi6gu2kqstksjktdy3ckhefowuajks552kornrjvfhlkpeevnf46huuty2upfk4epgenovfetxlmwi5zxwoh3qw2m7gjpsjffunvxpiks6rg2eopc4okwrfawajpbmaiylypnmwctxuk44q====?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F192%2Fq85%2Fimage%2Fvk%2F3643%2F643%2F626aadf074621t1651158512r522.png.webp
31.220.27.134302 Found 0 B URL HTTP/2 s.viichxt.com/n/1154/pniesyteaf6fsa3dp57fazsim5sau6c2ajrhu6cynbggyyi4rr5tqxrkf5kwggjsmugvw3qhmf7hqv3ejnglluc2jgo2lcn6tcxypk5nhf4w2csgd7ewqcaqgts75zf4r6m4pfvlkeijl5vs2vxufvu3uo5vkabk3a4rsyozrojus6kojfkfeohj6cv464add4uxqvcshbewtqtjz5fgbwdzl3bdtsgshlte5nxdotafldbtrfuntc4tjgwfc37dqmajy2bzqfwhbbcrwwmj4bfbnawkwts422aub7cta74wqmpojyrlculsrrjyvfgdtjk26swtrxjpyuoqjbumav2mdyzbj4kwemcuhpure2vhj4ksph7faoy4hj3omtmvzgijoumqhjqwamswj7v7rspbnnbwv4lxj67wtws6mbwgyrtzdlisyk5gnxyg6kkuki4es2jsuzyigyzvvjlffyclnpjfjs6av3ix7jcqhxbwuotcpb7fgzi6gu2kqstksjktdy3ckhefowuajks552kornrjvfhlkpeevnf46huuty2upfk4epgenovfetxlmwi5zxwoh3qw2m7gjpsjffunvxpiks6rg2eopc4okwrfawajpbmaiylypnmwctxuk44q====?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F192%2Fq85%2Fimage%2Fvk%2F3643%2F643%2F626aadf074621t1651158512r522.png.webp
IP 31.220.27.134:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /n/1154/pniesyteaf6fsa3dp57fazsim5sau6c2ajrhu6cynbggyyi4rr5tqxrkf5kwggjsmugvw3qhmf7hqv3ejnglluc2jgo2lcn6tcxypk5nhf4w2csgd7ewqcaqgts75zf4r6m4pfvlkeijl5vs2vxufvu3uo5vkabk3a4rsyozrojus6kojfkfeohj6cv464add4uxqvcshbewtqtjz5fgbwdzl3bdtsgshlte5nxdotafldbtrfuntc4tjgwfc37dqmajy2bzqfwhbbcrwwmj4bfbnawkwts422aub7cta74wqmpojyrlculsrrjyvfgdtjk26swtrxjpyuoqjbumav2mdyzbj4kwemcuhpure2vhj4ksph7faoy4hj3omtmvzgijoumqhjqwamswj7v7rspbnnbwv4lxj67wtws6mbwgyrtzdlisyk5gnxyg6kkuki4es2jsuzyigyzvvjlffyclnpjfjs6av3ix7jcqhxbwuotcpb7fgzi6gu2kqstksjktdy3ckhefowuajks552kornrjvfhlkpeevnf46huuty2upfk4epgenovfetxlmwi5zxwoh3qw2m7gjpsjffunvxpiks6rg2eopc4okwrfawajpbmaiylypnmwctxuk44q====?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F192%2Fq85%2Fimage%2Fvk%2F3643%2F643%2F626aadf074621t1651158512r522.png.webp HTTP/1.1
Host: s.viichxt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Sat, 26 Nov 2022 22:25:06 GMT
content-length: 0
location: https://i.cdnkimg.com/auto/192/q85/image/vk/3643/643/626aadf074621t1651158512r522.png.webp
X-Firefox-Spdy: h2
i.cdnkimg.com/auto/192/q85/image/vk/3643/643/626aadf074621t1651158512r522.png.webp
45.133.44.37200 OK 7.7 kB URL HTTP/2 i.cdnkimg.com/auto/192/q85/image/vk/3643/643/626aadf074621t1651158512r522.png.webp
IP 45.133.44.37:0
ASN #39572 DataWeb Global Group B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 311dea4d14f115d233335c6e836384b4
8b92a31d5f07440ea67469f1b2827fe1bde271e4
8136f9d883af8abb2895a1c5946063fc41ed4b3a7f7226ffe2f49e49a3d0c961
GET /auto/192/q85/image/vk/3643/643/626aadf074621t1651158512r522.png.webp HTTP/1.1
Host: i.cdnkimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:25:06 GMT
content-type: image/webp
content-length: 7712
server: nginx/1.19.0
cache-control: max-age=1209600
x-cache-status: MISS
expires: Sat, 10 Dec 2022 22:25:06 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
mc.yandex.ru/watch/39368365/1?wmode=7&page-url=https%3A%2F%2Fwww.hmovs.com%2F%3Fsource%3D%7B%7Bmc%7D%7D&page-ref=http%3A%2F%2Fjobs.vrdgov.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A22833295699%3Ahid%3A1030380948%3Az%3A0%3Ai%3A20221126222509%3Aet%3A1669501509%3Arn%3A559530493%3Au%3A1669501509118511351%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C514%2C0%2C%2C243%2C5%2C1500%2C1500%2C0%2C1101%3Ans%3A1669501504972%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669501509%3At%3AHMovs.com%20-%20Funny%20movies%20tube%20%7C%20HMovs.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
77.88.21.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/39368365/1?wmode=7&page-url=https%3A%2F%2Fwww.hmovs.com%2F%3Fsource%3D%7B%7Bmc%7D%7D&page-ref=http%3A%2F%2Fjobs.vrdgov.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A22833295699%3Ahid%3A1030380948%3Az%3A0%3Ai%3A20221126222509%3Aet%3A1669501509%3Arn%3A559530493%3Au%3A1669501509118511351%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C514%2C0%2C%2C243%2C5%2C1500%2C1500%2C0%2C1101%3Ans%3A1669501504972%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669501509%3At%3AHMovs.com%20-%20Funny%20movies%20tube%20%7C%20HMovs.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 6e94195d77d56859f2a2ac1c8da00c42
748bbc0cf75a9345160f74404ac527c719d164e0
33eefdfacc3d7f2aa9ecc413eade4bf91e3f9cda83508e7a96cbdeba9ed7263d
GET /watch/39368365/1?wmode=7&page-url=https%3A%2F%2Fwww.hmovs.com%2F%3Fsource%3D%7B%7Bmc%7D%7D&page-ref=http%3A%2F%2Fjobs.vrdgov.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A22833295699%3Ahid%3A1030380948%3Az%3A0%3Ai%3A20221126222509%3Aet%3A1669501509%3Arn%3A559530493%3Au%3A1669501509118511351%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C514%2C0%2C%2C243%2C5%2C1500%2C1500%2C0%2C1101%3Ans%3A1669501504972%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669501509%3At%3AHMovs.com%20-%20Funny%20movies%20tube%20%7C%20HMovs.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Sat, 26 Nov 2022 22:25:09 GMT
x-content-type-options: nosniff
access-control-allow-origin: null
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 26-Nov-2022 22:25:09 GMT
last-modified: Sat, 26-Nov-2022 22:25:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49315045/1?wmode=7&page-url=https%3A%2F%2Fwww.hmovs.com%2F%3Fsource%3D%7B%7Bmc%7D%7D&page-ref=http%3A%2F%2Fjobs.vrdgov.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A657231833174%3Ahid%3A1030380948%3Az%3A0%3Ai%3A20221126222509%3Aet%3A1669501509%3Arn%3A643318201%3Au%3A1669501509394830668%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C514%2C0%2C%2C243%2C5%2C1500%2C1500%2C0%2C1101%3Ans%3A1669501504972%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669501509%3At%3AHMovs.com%20-%20Funny%20movies%20tube%20%7C%20HMovs.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
77.88.21.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/49315045/1?wmode=7&page-url=https%3A%2F%2Fwww.hmovs.com%2F%3Fsource%3D%7B%7Bmc%7D%7D&page-ref=http%3A%2F%2Fjobs.vrdgov.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A657231833174%3Ahid%3A1030380948%3Az%3A0%3Ai%3A20221126222509%3Aet%3A1669501509%3Arn%3A643318201%3Au%3A1669501509394830668%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C514%2C0%2C%2C243%2C5%2C1500%2C1500%2C0%2C1101%3Ans%3A1669501504972%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669501509%3At%3AHMovs.com%20-%20Funny%20movies%20tube%20%7C%20HMovs.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash c5534027fa43d68a8edc81f8ffa4441c
0129fb5729ed0ce090efdb0b8d2ec71772cf3223
05d3f5a8c21b54791f9d05b4633f005ca0d15935306b60fe421f35fd78cb8b03
GET /watch/49315045/1?wmode=7&page-url=https%3A%2F%2Fwww.hmovs.com%2F%3Fsource%3D%7B%7Bmc%7D%7D&page-ref=http%3A%2F%2Fjobs.vrdgov.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A657231833174%3Ahid%3A1030380948%3Az%3A0%3Ai%3A20221126222509%3Aet%3A1669501509%3Arn%3A643318201%3Au%3A1669501509394830668%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C514%2C0%2C%2C243%2C5%2C1500%2C1500%2C0%2C1101%3Ans%3A1669501504972%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669501509%3At%3AHMovs.com%20-%20Funny%20movies%20tube%20%7C%20HMovs.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Sat, 26 Nov 2022 22:25:09 GMT
x-content-type-options: nosniff
access-control-allow-origin: null
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 26-Nov-2022 22:25:09 GMT
last-modified: Sat, 26-Nov-2022 22:25:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.hmovs.com/zetvuofjrll/jmwmresiua.js
104.21.40.63200 OK 0 B URL HTTP/2 www.hmovs.com/zetvuofjrll/jmwmresiua.js
IP 104.21.40.63:0
GET /zetvuofjrll/jmwmresiua.js HTTP/1.1
Host: www.hmovs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hmovs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:25:05 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 04 May 2022 09:21:31 GMT
etag: W/"25e05-5de2c269cb378"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4910
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqsdbJJzzvKW5gF0zXJ3QNkiijNQvDmQXSkNrrQobGgWxaSc6rEscOxzGv%2FfQwjnVhRk1xhiibCgK19xc%2BZZs7Y3DwGLkxnRjvB78R%2FBw5Oz%2F%2BrOMG8MTd7BiHllza1W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770609bc3b7ffab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/39368365?wmode=7&page-url=https%3A%2F%2Fwww.hmovs.com%2F%3Fsource%3D%7B%7Bmc%7D%7D&page-ref=http%3A%2F%2Fjobs.vrdgov.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A22833295699%3Ahid%3A1030380948%3Az%3A0%3Ai%3A20221126222509%3Aet%3A1669501509%3Arn%3A559530493%3Au%3A1669501509118511351%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C514%2C0%2C%2C243%2C5%2C1500%2C1500%2C0%2C1101%3Ans%3A1669501504972%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669501509%3At%3AHMovs.com%20-%20Funny%20movies%20tube%20%7C%20HMovs.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2)
77.88.21.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/39368365?wmode=7&page-url=https%3A%2F%2Fwww.hmovs.com%2F%3Fsource%3D%7B%7Bmc%7D%7D&page-ref=http%3A%2F%2Fjobs.vrdgov.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A22833295699%3Ahid%3A1030380948%3Az%3A0%3Ai%3A20221126222509%3Aet%3A1669501509%3Arn%3A559530493%3Au%3A1669501509118511351%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C514%2C0%2C%2C243%2C5%2C1500%2C1500%2C0%2C1101%3Ans%3A1669501504972%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669501509%3At%3AHMovs.com%20-%20Funny%20movies%20tube%20%7C%20HMovs.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2)
IP 77.88.21.119:0
GET /watch/39368365?wmode=7&page-url=https%3A%2F%2Fwww.hmovs.com%2F%3Fsource%3D%7B%7Bmc%7D%7D&page-ref=http%3A%2F%2Fjobs.vrdgov.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A22833295699%3Ahid%3A1030380948%3Az%3A0%3Ai%3A20221126222509%3Aet%3A1669501509%3Arn%3A559530493%3Au%3A1669501509118511351%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C514%2C0%2C%2C243%2C5%2C1500%2C1500%2C0%2C1101%3Ans%3A1669501504972%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669501509%3At%3AHMovs.com%20-%20Funny%20movies%20tube%20%7C%20HMovs.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/39368365/1?wmode=7&page-url=https%3A%2F%2Fwww.hmovs.com%2F%3Fsource%3D%7B%7Bmc%7D%7D&page-ref=http%3A%2F%2Fjobs.vrdgov.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A22833295699%3Ahid%3A1030380948%3Az%3A0%3Ai%3A20221126222509%3Aet%3A1669501509%3Arn%3A559530493%3Au%3A1669501509118511351%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C514%2C0%2C%2C243%2C5%2C1500%2C1500%2C0%2C1101%3Ans%3A1669501504972%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669501509%3At%3AHMovs.com%20-%20Funny%20movies%20tube%20%7C%20HMovs.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
date: Sat, 26 Nov 2022 22:25:09 GMT
access-control-allow-origin: null
set-cookie: yandexuid=4897931711669501509; Expires=Sun, 26-Nov-2023 22:25:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4897931711669501509; Expires=Sun, 26-Nov-2023 22:25:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2134608471669501509; Path=/; SameSite=None; Secure
i=vBKkJQLtGqfr0WynvhspDK3UPoHUtvh9wSyjg8TshXO5e6NlvCdejOwzo1h1jLcV0eXVY5RbsAREOg/o2v8shQq1UFg=; Expires=Tue, 23-Nov-2032 22:24:46 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1701037509.yc.1669501509#1701037509.yrts.1669501509#1701037509.yrtsi.1669501509; Expires=Sun, 26-Nov-2023 22:25:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 26-Nov-2022 22:25:09 GMT
last-modified: Sat, 26-Nov-2022 22:25:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.hmovs.com/?source={{mc}}
104.21.40.63200 OK 0 B URL HTTP/2 www.hmovs.com/?source={{mc}}
IP 104.21.40.63:0
GET /?source={{mc}} HTTP/1.1
Host: www.hmovs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jobs.vrdgov.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:25:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
set-cookie: PHPSESSID=glv6ms1meuq8esbtkgubdp5nd7; path=/; domain=.hmovs.com
kt_referer=http%3A%2F%2Fjobs.vrdgov.org%2F; expires=Sun, 27-Nov-2022 22:25:34 GMT; Max-Age=86400; path=/; domain=.hmovs.com
kt_qparams=source%3D%7B%7Bmc%7D%7D; expires=Sun, 27-Nov-2022 22:25:34 GMT; Max-Age=86400; path=/; domain=.hmovs.com
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4SsKO4pGv3FTpJ47XfS4AOd9WWVXyoVsDhM8XuefuL27mOeOVgusLGCWE6S3cWCMc5jQgVIclOhIebBjOKyhkeR8dzzp23EYIRSI2mqmvxV2VenZWcCtBMTO7K7LUCU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770609bb0abafab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49315045?wmode=7&page-url=https%3A%2F%2Fwww.hmovs.com%2F%3Fsource%3D%7B%7Bmc%7D%7D&page-ref=http%3A%2F%2Fjobs.vrdgov.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A657231833174%3Ahid%3A1030380948%3Az%3A0%3Ai%3A20221126222509%3Aet%3A1669501509%3Arn%3A643318201%3Au%3A1669501509394830668%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C514%2C0%2C%2C243%2C5%2C1500%2C1500%2C0%2C1101%3Ans%3A1669501504972%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669501509%3At%3AHMovs.com%20-%20Funny%20movies%20tube%20%7C%20HMovs.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2)
77.88.21.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/49315045?wmode=7&page-url=https%3A%2F%2Fwww.hmovs.com%2F%3Fsource%3D%7B%7Bmc%7D%7D&page-ref=http%3A%2F%2Fjobs.vrdgov.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A657231833174%3Ahid%3A1030380948%3Az%3A0%3Ai%3A20221126222509%3Aet%3A1669501509%3Arn%3A643318201%3Au%3A1669501509394830668%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C514%2C0%2C%2C243%2C5%2C1500%2C1500%2C0%2C1101%3Ans%3A1669501504972%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669501509%3At%3AHMovs.com%20-%20Funny%20movies%20tube%20%7C%20HMovs.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2)
IP 77.88.21.119:0
GET /watch/49315045?wmode=7&page-url=https%3A%2F%2Fwww.hmovs.com%2F%3Fsource%3D%7B%7Bmc%7D%7D&page-ref=http%3A%2F%2Fjobs.vrdgov.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A657231833174%3Ahid%3A1030380948%3Az%3A0%3Ai%3A20221126222509%3Aet%3A1669501509%3Arn%3A643318201%3Au%3A1669501509394830668%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C514%2C0%2C%2C243%2C5%2C1500%2C1500%2C0%2C1101%3Ans%3A1669501504972%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669501509%3At%3AHMovs.com%20-%20Funny%20movies%20tube%20%7C%20HMovs.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/49315045/1?wmode=7&page-url=https%3A%2F%2Fwww.hmovs.com%2F%3Fsource%3D%7B%7Bmc%7D%7D&page-ref=http%3A%2F%2Fjobs.vrdgov.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A657231833174%3Ahid%3A1030380948%3Az%3A0%3Ai%3A20221126222509%3Aet%3A1669501509%3Arn%3A643318201%3Au%3A1669501509394830668%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C514%2C0%2C%2C243%2C5%2C1500%2C1500%2C0%2C1101%3Ans%3A1669501504972%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669501509%3At%3AHMovs.com%20-%20Funny%20movies%20tube%20%7C%20HMovs.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
date: Sat, 26 Nov 2022 22:25:09 GMT
access-control-allow-origin: null
set-cookie: yandexuid=3928593621669501509; Expires=Sun, 26-Nov-2023 22:25:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3928593621669501509; Expires=Sun, 26-Nov-2023 22:25:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=212201811669501509; Path=/; SameSite=None; Secure
i=AY8VdpcciE5Vg/Ueybt95Wy5BFdqkcS92lArLCBFGLub8EagB8jq+JBU+EXQ7TfxVH9hYnddZDEJnGTQpkptLVWdgRE=; Expires=Tue, 23-Nov-2032 22:25:09 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1701037509.yc.1669501509#1701037509.yrts.1669501509#1701037509.yrtsi.1669501509; Expires=Sun, 26-Nov-2023 22:25:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 26-Nov-2022 22:25:09 GMT
last-modified: Sat, 26-Nov-2022 22:25:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
js.capndr.com/interstitial-admanager/build.m.js
45.133.44.25200 OK 0 B URL HTTP/2 js.capndr.com/interstitial-admanager/build.m.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
GET /interstitial-admanager/build.m.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:25:05 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 08 Sep 2022 13:27:10 GMT
etag: W/"6319edae-5174"
content-encoding: gzip
expires: Sat, 26 Nov 2022 22:30:05 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cc8ffe7ceb.da1a0e7bb3.com/in/multy
157.90.84.246200 OK 0 B URL HTTP/2 cc8ffe7ceb.da1a0e7bb3.com/in/multy
IP 157.90.84.246:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert quad9 Sinkholed
POST /in/multy HTTP/1.1
Host: cc8ffe7ceb.da1a0e7bb3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 760
Origin: http://jobs.vrdgov.org
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 26 Nov 2022 22:25:06 GMT
content-type: application/json
content-length: 18651
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.10:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jobs.vrdgov.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 22:25:03 GMT
date: Sat, 26 Nov 2022 22:25:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2