firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 14:08:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NvkSC19PRfZXnhMCjmMk1a12kR7sdX00LB-661ZUxGB1xMDy7rC6hA==
Age: 3447
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6816
Expires: Tue, 13 Sep 2022 16:59:49 GMT
Date: Tue, 13 Sep 2022 15:06:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eum02w-fYKsMSlyav-D-tl2c-kr7ekXRQRYINL5Wr3-vRtQqRadJRw==
age: 37859
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:06:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 13 Sep 2022 15:03:22 GMT
Expires: Tue, 13 Sep 2022 15:13:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: H5WUqk6uqWJo3vRTtiwVBD6la-DDIuHlLH1XKAT3u2mgA3qX5lEuPw==
Age: 171
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 760
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:14 GMT
Last-Modified: Tue, 13 Sep 2022 14:53:34 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/
162.241.194.161302 Moved Temporarily 0 B URL HTTP/1.1 www.clickforcontent.com/wp-includes/Text/tab/dab/conect/
IP 162.241.194.161:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-includes/Text/tab/dab/conect/ HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
location: 9f960
X-Server-Cache: true
X-Proxy-Cache: MISS
Set-Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf; path=/
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960
162.241.194.161301 Moved Permanently 277 B URL HTTP/1.1 www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960
IP 162.241.194.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3d00be74f584f40093cef2d85635cdbb
4c08e5e73e9e37670c9d197304125cfa26e10efe
21281c61e9cee824edf6fe0a6140ba71fff05477cb3344a6187ede0f5675ea1d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/Text/tab/dab/conect/9f960 HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=iso-8859-1
Content-Length: 277
Location: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
X-Server-Cache: false
push.services.mozilla.com/
54.148.148.62101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.148.62:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: o25Wm0iQl+K5TVl+msmAuw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0oiRtFnzxoBkN5J/7PRbJLv7dHg=
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
162.241.194.161200 OK 6.0 kB URL HTTP/1.1 www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
IP 162.241.194.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1414)
Hash 80bbbf18c9d65c1dd33ba848dd2fd444
2c91da5607d6994d3f26fb8e9c8c80edceb59343
9e386243bfe542303f26ce9c6c5868bf24ac768fa6aea1c9aa5a31cad94aef65
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/Text/tab/dab/conect/9f960/ HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 5958
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: false
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/common.css
162.241.194.161200 OK 3.4 kB URL HTTP/1.1 www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/common.css
IP 162.241.194.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Non-ISO extended-ASCII text, with CRLF line terminators
Hash a7661ca868fe8c999b15ffbd54cb635d
d34237baadf29da1cceeaabc49fe109cb9902891
5a226b7dc795c3522e6855f035c79ffbd319f6276bc4d12ae3d371dda0f578d9
GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/common.css HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: Apache
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3376
Content-Type: text/css
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/custom_4e588d08afda9814698a46572afbf27c.js
162.241.194.161200 OK 1.6 kB URL HTTP/1.1 www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/custom_4e588d08afda9814698a46572afbf27c.js
IP 162.241.194.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (6524), with no line terminators
Hash bb15daa91b7e5f11a3b944dedcc6734a
bff255d6fead3554757aa1f8fdbdf18fd8513438
b0f240e991fe56107237163ae0b0cd35cdab9fea0402aa7bb63f746a90c03069
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/custom_4e588d08afda9814698a46572afbf27c.js HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: Apache
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1621
Content-Type: application/javascript
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/SCS1902010.css
162.241.194.161200 OK 359 B URL HTTP/1.1 www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/SCS1902010.css
IP 162.241.194.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash d538201958198fe84fb6d2d55c1b2480
6bbf9868f8a51827c28ab4f92091907482ca1902
fc3d41b67faa8d468d6a87ebcb951c5700853ef40b910223c5116414b12c5dfc
GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/SCS1902010.css HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 359
Content-Type: text/css
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/SResonaCommon.js
162.241.194.161200 OK 1.2 kB URL HTTP/1.1 www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/SResonaCommon.js
IP 162.241.194.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- exported SGML document, Non-ISO extended-ASCII text, with CRLF line terminators
Hash 43cdde14be966ea647f2dc7bb13db3b2
b8634b08747f3615383eb2d91dc634eea3b70cc1
152467e192c5e90b75c0ac7a155d070196cd67f1e5bef29ba6451b1adbf7c65e
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/SResonaCommon.js HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1243
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/analytics.js
162.241.194.161200 OK 24 kB URL HTTP/1.1 www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/analytics.js
IP 162.241.194.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1325)
Hash adde81c29c1bb71ef85a28e0cf1cacb8
274fac6b33ff074afaa20cd6f27932c7e2b46a26
00ed53021065f463df09ac7dbeb5982665ad5111eab046634483c1bf4a765803
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/analytics.js HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/bullet_arrow_top.png
162.241.194.161200 OK 170 B URL HTTP/1.1 www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/bullet_arrow_top.png
IP 162.241.194.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 9 x 9, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ef2d9ad1765b6134febc2d696ce0976
3a5eb23ea8d32c103ccf951837b2ac2f5f61fb9c
9a5c1c7d2aa5626a759eecc3402cae440dd07cb971142d51bbc5adb743923896
GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/bullet_arrow_top.png HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: Apache
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Content-Length: 170
Content-Type: image/png
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/icon_comment.png
162.241.194.161200 OK 1.7 kB URL HTTP/1.1 www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/icon_comment.png
IP 162.241.194.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 23 x 25, 8-bit/color RGB, non-interlaced\012- data
Hash 7eebe59a91352e88ddc8bdeb33351192
5d20632f19f4fbe1e35b3db32735bca97dda7e8b
0923b154b710ec5c80a8477ab7617e0620ac9da66937bf9e8e2780fe0556860b
GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/icon_comment.png HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: Apache
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Content-Length: 1749
Content-Type: image/png
www.googletagmanager.com/gtm.js?id=GTM-5FQFWZZ
142.250.74.72200 OK 104 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5FQFWZZ
IP 142.250.74.72:0
File type Unicode text, UTF-8 text, with very long lines (49400)
Size 104 kB (103848 bytes)
Hash 128f55a14b13ab17b8cc77ee1abfa445
c59bbc24fab5a135dbe351838a6337efb591495c
6f77fb32ead0fe09494f79e24c9a3d930ff4a13cbab4e4f39035331940cf56f7
GET /gtm.js?id=GTM-5FQFWZZ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.clickforcontent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 15:06:15 GMT
expires: Tue, 13 Sep 2022 15:06:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 103848
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 5d7fbe704ff0819b57464e2f70366c5a
daf724276821ad91fa4e9f7e8242fbdfcd8cfe99
01428488b3f9be8793f27c2b2ad8fb751b107508aee0280455af14ee51111386
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 15:06:15 GMT
Last-Modified: Tue, 13 Sep 2022 14:53:48 GMT
Server: ECS (dcb/7EA6)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: injnPNefL4a_zQv03LWKl7juOQq85jswsUFsD2GyD_B9MQ0eW1W7Yw==
Age: 747
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.clickforcontent.com/IB/Images/SmartPhone/SP1.png
162.241.194.161404 Not Found 462 B URL HTTP/1.1 www.clickforcontent.com/IB/Images/SmartPhone/SP1.png
IP 162.241.194.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3b58a4197a90ce28f053f853e9f5201a
1764aa95ccf139706beb229625b9d6d6f154bd5d
e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648
GET /IB/Images/SmartPhone/SP1.png HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/common.css
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf
HTTP/1.1 404 Not Found
Date: Tue, 13 Sep 2022 15:06:15 GMT
Server: Apache
Last-Modified: Sun, 28 Feb 2021 00:56:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 462
Content-Type: text/html
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/logo.png
162.241.194.161200 OK 4.2 kB URL HTTP/1.1 www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/logo.png
IP 162.241.194.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 126 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash f534e361b03a9a1384140e1293fce6cc
da2cf6df7d628da88e5ca88ed4a87017f0cb6a11
2930fe159b32a9dd59017b729e11979f74eabfec285c1657391146ecf3663d70
GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/logo.png HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:15 GMT
Server: Apache
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Content-Length: 4179
Content-Type: image/png
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/empt.htm
162.241.194.161200 OK 167 B URL HTTP/1.1 www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/empt.htm
IP 162.241.194.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9fa32a0ec02cf0d013bc46c803112737
a0c784832cc7b4b92a7296260b77e99415401bde
8f623e90adae05768787b4e9bff1fd103a77b65e7a8a79a5aebda0a8a83ae1fb
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/empt.htm HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:15 GMT
Server: nginx/1.21.6
Content-Type: text/html
Content-Length: 167
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: false
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/gtm.js
162.241.194.161200 OK 155 kB URL HTTP/1.1 www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/gtm.js
IP 162.241.194.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (49400)
Size 155 kB (154791 bytes)
Hash 4f195982c115807c3c227da1dbe63e7d
44fd2419a4f5b7c37eefdb246dafd306c722cf7e
9af5e9582ff8a7aa44a63d78e702c4616e28aa18d087ff917b7effd67ccde04f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/gtm.js HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/ci.gif
162.241.194.161200 OK 2.9 kB URL HTTP/1.1 www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/ci.gif
IP 162.241.194.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 122 x 33\012- data
Hash ac3d42802042a690adf5328a0cc8e239
7616199e2d188a271d6e4cd13ea4e37db7febc42
7be78c98a5f6c37f9eb313cfc3c07b1c525807b1c0ac350e3b639413d63e0daa
GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/ci.gif HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:15 GMT
Server: Apache
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Content-Length: 2872
Content-Type: image/gif
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8708
Expires: Tue, 13 Sep 2022 17:31:23 GMT
Date: Tue, 13 Sep 2022 15:06:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8708
Expires: Tue, 13 Sep 2022 17:31:23 GMT
Date: Tue, 13 Sep 2022 15:06:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8708
Expires: Tue, 13 Sep 2022 17:31:23 GMT
Date: Tue, 13 Sep 2022 15:06:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 04:49:30 GMT
age: 37005
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d97e56f75165efcc71ae54952ded405
28d47359e70789115b2954b6c94711bb783b3c8c
564eac2ae99724e5f43aa1ae0afe4dec03697f888f51774e70e1b9c273c2d9d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8764
x-amzn-requestid: 48f44e2c-3d91-46cf-8701-3c5028e0a86d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-gLG4_oAMFn-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184467-46abfc77601bd90f39a2c840;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:12:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tE5GZDktiELwfFRC_IEAqoat6cN7vb_TA17d-zRO6saTLEGRqB94Pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:01:47 GMT
age: 61468
etag: "28d47359e70789115b2954b6c94711bb783b3c8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 838f709437b2dfbede4ee15307afe217
2ab2ee20e720b78be6deb55f967ac0d8b7dad048
a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4rpwcrZLDlgcwBtH7wpoHMOb8hhFbKbZSQpjWqUqbt_Sl4ud3dm9Vg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:18 GMT
age: 62637
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9ab2ec10c79b91d15edb1d1e3dc763c
744fee4a0baa22ba3aa352d60620a916972b47dd
f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lZ3FmD1gM8YBgZNt97kuYSol1kj0GQqRjyLT_7715VtH9GR1WpMDxA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:20 GMT
age: 62635
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gUhO_jZ9W_10cAK-2lOVSmQ9r1DIZvNDaqpJs5oc6lt85qAkWbBcXg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:48:14 GMT
age: 62281
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4acf448-2a96-49a3-8257-7743a38525f5.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4acf448-2a96-49a3-8257-7743a38525f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae7d16fad4da4300a1953a916fb59688
488c58f73c81bb4d45e496c458fe3197a0884c26
4d4946932d53caad6e97bcc66527bd9cad658c0cf6f4215d01943b8a9e832959
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4acf448-2a96-49a3-8257-7743a38525f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7720
x-amzn-requestid: 7670a969-cb9c-4583-8455-10f7512ee9c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YT9YJG__oAMF4YA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e429a-674ef5a4727826ab0d60529e;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 20:18:34 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OOCryyfLht-3ebVn-5aWtQI_JnVkWxMGggv07cUoomDlgb5ogru7vg==
via: 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:01:55 GMT
age: 61460
etag: "488c58f73c81bb4d45e496c458fe3197a0884c26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/js
162.241.194.161200 OK 222 kB URL HTTP/1.1 www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/js
IP 162.241.194.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20993)
Size 222 kB (222304 bytes)
Hash aa7b78f951f0a6bd2bfab7c7f5584d4e
0fd40025081ea03fc7bef5e5a04453ee358edd9a
489b80f26bdc7cb6f57e4d34cc5ece491943c1481e5fd2f65a7f67035f2bfddc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/js HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: nginx/1.21.6
Content-Length: 222304
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
X-Server-Cache: false
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/empt_data/build.js
162.241.194.161200 OK 41 kB URL HTTP/1.1 www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/empt_data/build.js
IP 162.241.194.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (497), with CRLF, LF line terminators
Hash 3f23bb07d256fb0251ae8951317d72bd
fef5125eb8b6bd803578ae171f1325576bee0001
68e6d6d6e600612b0e30066bf22fb12fb62841e1e398de44acef541ad3b294bb
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/empt_data/build.js HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/empt.htm
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf; _gcl_au=1.1.365610885.1663081562
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:15 GMT
Server: Apache
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f1642580b2cb55b10e45c9b8f504223b
631e64028c951d1ba9f1cf8711b90e464244a991
d6d3260749f7881525b09541fcdc4c8e30f942a8ed38670303c648892dd6c8e3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5711
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:15 GMT
Last-Modified: Tue, 13 Sep 2022 13:31:04 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
path.to/provider/?xdm_e=http%3A%2F%2Fwww.clickforcontent.com&xdm_c=default8491&xdm_p=1
3.227.93.35302 Found 354 B URL HTTP/1.1 path.to/provider/?xdm_e=http%3A%2F%2Fwww.clickforcontent.com&xdm_c=default8491&xdm_p=1
IP 3.227.93.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1510707b8009fb719432b85d866e6811
b11d4fd28c44fbe1b4dcc3d622f39b1c92bad6fd
f4e1411e9bc7350b3ac5a6dc90ab97d7f0b966878feac91f3e86928c00122628
GET /provider/?xdm_e=http%3A%2F%2Fwww.clickforcontent.com&xdm_c=default8491&xdm_p=1 HTTP/1.1
Host: path.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 13 Sep 2022 15:06:16 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 354
Connection: keep-alive
Server: Apache/2.2.34 (Amazon)
Location: http://path.to?xdm_e=http%253A%252F%252Fwww.clickforcontent.com&xdm_c=default8491&xdm_p=1
path.to/?xdm_e=http%253A%252F%252Fwww.clickforcontent.com&xdm_c=default8491&xdm_p=1
3.227.93.35200 OK 4.0 kB URL HTTP/1.1 path.to/?xdm_e=http%253A%252F%252Fwww.clickforcontent.com&xdm_c=default8491&xdm_p=1
IP 3.227.93.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 499c5a496b5d061bc82fa22e8fc33269
683a6231fe2cbf28073b279ea52fdba83cbecf44
0bd7bfdd3777435c8e3448c6617ecc62d97e957f5bf9dc211605790d08517ff9
GET /?xdm_e=http%253A%252F%252Fwww.clickforcontent.com&xdm_c=default8491&xdm_p=1 HTTP/1.1
Host: path.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.clickforcontent.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:16 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 4037
Connection: keep-alive
Server: Apache/2.2.34 (Amazon)
X-Powered-By: PHP/5.3.29
netdna.bootstrapcdn.com/bootstrap/3.0.0/js/bootstrap.min.js
104.18.11.207200 OK 8.3 kB URL HTTP/1.1 netdna.bootstrapcdn.com/bootstrap/3.0.0/js/bootstrap.min.js
IP 104.18.11.207:0
File type ASCII text, with very long lines (27605)
Hash 50515345c44ca28863efddf0e1a42947
e8cbc9092fad0e01b4063ffe0bb5630f018c3617
fa816963eed7dd26ea02b634adeac8a7ecc698a959a9e85fee0c29ebc3bb1244
GET /bootstrap/3.0.0/js/bootstrap.min.js HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://path.to/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:16 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CDN-PullZone: 252412
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
CDN-RequestCountryCode: SE
CDN-EdgeStorageId: 601, 617, 617
Last-Modified: Mon, 25 Jan 2021 22:03:55 GMT
CDN-CachedAt: 2021-04-22 22:34:54
CDN-RequestPullSuccess: True
CDN-RequestPullCode: 200
Cache-Control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
CDN-RequestId: ba30007c64a1c052c1a81ad19491d293
Content-Encoding: gzip
CDN-Cache: HIT
CF-Cache-Status: HIT
Age: 11191784
Server: cloudflare
CF-RAY: 74a1c92b8fd9b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/tracker.js
162.241.194.161200 OK 0 B URL HTTP/1.1 www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/tracker.js
IP 162.241.194.161:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/tracker.js HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
142.250.74.106200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32341)
Hash 856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://path.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 08:19:08 GMT
expires: Tue, 12 Sep 2023 08:19:08 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 110828
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 75ba5dfff6c5ac83de13846f0d700980
927065e77f5ee18a7551522e6705089c023e9557
0ff3c66e31de5d00a8fa835c961e1c28bf46f95d8ce56bcd0002cd37df88f56e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:16 GMT
Server: ECS (amb/6B8E)
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 0b844ee1d885bfba8e57ee6cae2fe795
269941b0e4b5cc61a384f7d1ca8efc6b8c6f1ea9
fb59630f0ab631a4b899eb4cdfbf6f03c60278d5e65f1ccb6ef8f79cb22b9623
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120239
Date: Tue, 13 Sep 2022 15:06:16 GMT
Etag: "631fbe51-1d7"
Expires: Thu, 15 Sep 2022 00:30:15 GMT
Last-Modified: Mon, 12 Sep 2022 23:18:41 GMT
Server: ECS (dcb/7ECB)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8T7IvdBt0plCJxAQ0foAZReNbn3zybhNAhybhUzOIw8ygf-CZ8Wcwg==
Age: 4294
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 0b844ee1d885bfba8e57ee6cae2fe795
269941b0e4b5cc61a384f7d1ca8efc6b8c6f1ea9
fb59630f0ab631a4b899eb4cdfbf6f03c60278d5e65f1ccb6ef8f79cb22b9623
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 15:06:16 GMT
Last-Modified: Tue, 13 Sep 2022 13:27:43 GMT
Server: ECS (dcb/7EC9)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3EmMsl0uDTOT8NQQgmbv2VYrkERVLxE0yaGV6bEg5mkbVuvmmh0w9w==
Age: 5913
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 0b844ee1d885bfba8e57ee6cae2fe795
269941b0e4b5cc61a384f7d1ca8efc6b8c6f1ea9
fb59630f0ab631a4b899eb4cdfbf6f03c60278d5e65f1ccb6ef8f79cb22b9623
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 15:06:16 GMT
Last-Modified: Tue, 13 Sep 2022 14:57:22 GMT
Server: ECS (dcb/7F5B)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XsCSDq4d66vax_QPaXNNPGWVS6oAmzghETtrYlJIqNUSSb3HUb8C7Q==
Age: 534
park.io/css/park.css
34.224.175.55200 OK 11 kB IP 34.224.175.55:0
Hash 1a4e263942e0a159174a4f3779b7713d
404f619b24981bd707698f44c8cf18dc85d960d5
fe28fa0c14b3d2cbf6744fca6a9b4625724dc7d0a97e5a6de78df4b3ba6aa12f
GET /css/park.css HTTP/1.1
Host: park.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://path.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:06:16 GMT
content-type: text/css
content-length: 10619
server: Apache/2.2.34 (Amazon)
last-modified: Wed, 10 Aug 2022 19:38:50 GMT
etag: "60f14-297b-5e5e832ca6bc4"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 75ba5dfff6c5ac83de13846f0d700980
927065e77f5ee18a7551522e6705089c023e9557
0ff3c66e31de5d00a8fa835c961e1c28bf46f95d8ce56bcd0002cd37df88f56e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:16 GMT
Server: ECS (amb/6B9F)
Content-Length: 471
www.resonacard.co.jp/favicon.ico
14.0.41.231200 OK 318 B URL HTTP/1.1 www.resonacard.co.jp/favicon.ico
IP 14.0.41.231:0
ASN #54994 QUANTILNETWORKS
File type MS Windows icon resource - 1 icon, 16x16, 16 colors\012- data
Hash 15cb18c4b4ba3e32f5a229d328f47911
f96ef91718ab997015fe5d7772ed80c285a405a3
72dee9206d303ed0273e3a1cd587deaf223f4d8e37e4ab438601d813a534872d
GET /favicon.ico HTTP/1.1
Host: www.resonacard.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.clickforcontent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:16 GMT
Content-Type: image/x-icon
Content-Length: 318
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 13 Sep 2017 03:40:49 GMT
ETag: "13e-55909ecfaf240"
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
Age: 218
Via: 1.1 bd134:5 (W), 1.1 PSrbdbOSA1gs91:22 (W)
X-Px: ht PSrbdbOSA1gs91KIX
X-Ws-Request-Id: 63209c68_PSrbdbOSA1ap90_38201-31153
Server: PWS/8.3.1.0.8
Cache-Control: max-age=600
park.io/js/bootstrap.min.js
34.224.175.55200 OK 28 kB URL HTTP/2 park.io/js/bootstrap.min.js
IP 34.224.175.55:0
File type ASCII text, with very long lines (27605)
Hash 9e25e8e29ef0ea358e9778082ffd97d8
75a42212affc118fef849aba4b9326a7da2acda1
54d21b0676784d0c983bbd4093898770adefa932d89b72c8afd88183a19172a7
GET /js/bootstrap.min.js HTTP/1.1
Host: park.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://path.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:06:16 GMT
content-type: text/javascript
content-length: 27726
server: Apache/2.2.34 (Amazon)
last-modified: Wed, 02 Aug 2017 17:45:42 GMT
etag: "60f4d-6c4e-555c8d539a81c"
accept-ranges: bytes
X-Firefox-Spdy: h2
park.io/css/bootstrap-park.css
34.224.175.55200 OK 105 kB URL HTTP/2 park.io/css/bootstrap-park.css
IP 34.224.175.55:0
File type assembler source, ASCII text
Size 105 kB (104820 bytes)
Hash 1f3bd1c5be02fa9c6c627b4d52866c41
0a6056eb2caeda0f51847078a0929cab669c5286
04a170b9976a4c2b5518f51c7a9badeb70089bdc78ef9cc18ac80d8b7e2f92d4
GET /css/bootstrap-park.css HTTP/1.1
Host: park.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://path.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:06:16 GMT
content-type: text/css
content-length: 104820
server: Apache/2.2.34 (Amazon)
last-modified: Wed, 02 Aug 2017 17:45:42 GMT
etag: "60ee7-19974-555c8d53959fc"
accept-ranges: bytes
X-Firefox-Spdy: h2
park.io/images/body-bg.png
34.224.175.55200 OK 118 kB URL HTTP/2 park.io/images/body-bg.png
IP 34.224.175.55:0
File type PNG image data, 3384 x 2233, 8-bit/color RGBA, non-interlaced\012- data
Size 118 kB (117590 bytes)
Hash a3baa7d2b3cabd978c5bda18d801c7a6
c7da5a1bdf29a5f84effb1d13b83fce1d7458de6
41bdfe36294129b956f194e5412dab8549728ef699e4e6bc4deb235f5cf2d3a9
GET /images/body-bg.png HTTP/1.1
Host: park.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://park.io/css/park.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:06:17 GMT
content-type: image/png
content-length: 117590
server: Apache/2.2.34 (Amazon)
last-modified: Wed, 02 Aug 2017 17:45:42 GMT
etag: "60f19-1cb56-555c8d539987c"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://path.to
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 08:31:01 GMT
expires: Wed, 13 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 23716
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://path.to/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20006
Date: Tue, 13 Sep 2022 14:20:38 GMT
Expires: Tue, 13 Sep 2022 16:20:38 GMT
Cache-Control: public, max-age=7200
Age: 2739
Last-Modified: Wed, 13 Apr 2022 21:02:38 GMT
Content-Type: text/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sb.resonabank.co.jp/IB/Images/SmartPhone/home.png
95.101.10.177200 OK 3.5 kB URL HTTP/2 sb.resonabank.co.jp/IB/Images/SmartPhone/home.png
IP 95.101.10.177:0
ASN #20940 Akamai International B.V.
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 288cc2518e6e5f07d6094ef29aebb119
14ab61f4240d82499a3807f6477b10274349d3f4
ef77512d33280ababb1456865c24cd504f2a05d22eb27e2c4aea7f0bad58cd4e
GET /IB/Images/SmartPhone/home.png HTTP/1.1
Host: sb.resonabank.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.clickforcontent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
last-modified: Tue, 20 Dec 2011 08:30:00 GMT
accept-ranges: bytes
etag: "0f4b90f1becc1:0"
content-length: 3453
date: Tue, 13 Sep 2022 15:06:17 GMT
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700,800
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700,800
IP 142.250.74.10:0
GET /css?family=Open+Sans:400,700,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://path.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 15:06:16 GMT
date: Tue, 13 Sep 2022 15:06:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.karte.io/libs/tracker.js
143.204.55.104200 OK 0 B URL HTTP/2 static.karte.io/libs/tracker.js
IP 143.204.55.104:0
GET /libs/tracker.js HTTP/1.1
Host: static.karte.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.clickforcontent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 30 Aug 2022 04:23:36 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 13 Sep 2022 15:03:24 GMT
cache-control: max-age=300
etag: W/"fc69b59d6a74cacc75e414b21d0c341b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pJKP3sZffmGwskZDr-7jJ2ndM6Ov59E-aV2EKtFgz9y8RU7J6TxCtA==
age: 192
X-Firefox-Spdy: h2