www.packdoor.sa.com/rmrwkinuq/nbocr874282bcat/JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
104.21.50.76200 OK 538 B URL HTTP/1.1 www.packdoor.sa.com/rmrwkinuq/nbocr874282bcat/JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
IP 104.21.50.76:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ed1fe8d7e7e4c2939e5c3f1afc3806b1
7cbe41a521002236812341fd7d3813dd78a7352b
f212ecea68ca70a5da3d1970cbf5545bbce8ee17d52412352d1a4947908b7c0d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /rmrwkinuq/nbocr874282bcat/JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDFbOXHtetdP4tBnz%2F72Ark8CYG%2BTOfobyGMHwgG1Hjxf4hzQ8veUdvbs0abcNQuVyN5c9BYb4M9vY1c7sY71D5ybtL9gjlPHTVu6oMdbDNuF8cj0w5iPkIFGBjL%2FDQD50V%2B7Vhi"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749a1b220f58b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 16:05:29 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iMrrwkSTI8YtSjXG-BbdJ5DBUypCrBgHYyZulnTB7MQ1GOp39Dfl8g==
Age: 2318
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9689
Expires: Mon, 12 Sep 2022 19:25:36 GMT
Date: Mon, 12 Sep 2022 16:44:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _JevZZywP-6YMtTAEn8ePe_PxNiZB95YPKfupdoRgLxWryypxxlRrw==
age: 34015
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 16:44:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c3d8032059a24d14d00c2ee5d8840c01
62efae1ea6aaea612a12d42b6e5b65d24be11437
2319fe90c8b4d3cc41ec9cce275c82d19fb764015196bd1c52dfb9c5d85b9b0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 16:44:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-22484186-3
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-22484186-3
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 3a3764775b4a88febea4af3281dd798b
2f0f0b0e33c11aabe138b56d6188df6ea4ef1574
bab3583264e1ce840677ea83ef32ee47d56d593b8f5f25c63aa95e5d9d56cc00
GET /gtag/js?id=UA-22484186-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 12 Sep 2022 16:44:07 GMT
expires: Mon, 12 Sep 2022 16:44:07 GMT
cache-control: private, max-age=900
last-modified: Mon, 12 Sep 2022 16:07:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41962
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c3d8032059a24d14d00c2ee5d8840c01
62efae1ea6aaea612a12d42b6e5b65d24be11437
2319fe90c8b4d3cc41ec9cce275c82d19fb764015196bd1c52dfb9c5d85b9b0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 16:44:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.packdoor.sa.com/jquery-1.11.0.min.js
104.21.50.76200 OK 33 kB URL HTTP/1.1 www.packdoor.sa.com/jquery-1.11.0.min.js
IP 104.21.50.76:0
File type ASCII text, with very long lines (32341)
Hash 95fe3f4dd117c33f6015e1c3d6df1d0d
d5b8856932d1ea63f51824de0bb50670d2e960bc
e6945ac3f1927f242a9fd7a5cf67720f7763888127a7427eb24ffc52019d4b16
Analyzer Verdict Alert quad9 Sinkholed
GET /jquery-1.11.0.min.js HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/rmrwkinuq/nbocr874282bcat/JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:39 GMT
ETag: W/"62e8238b-1787d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jv%2BgVs%2Brd4jT8VqB2EWetF52ZpTghXI7ij0L89aFILrtKCbknroF2insuEr7mwAhscBN3H%2F%2FBbYDaydz7mps04skB%2B4UM9xNL4dD62WlrIGlBuDrrExFT%2Bl%2FSeV9wE2IJTfRiykk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b245ac4b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.packdoor.sa.com/offer.php?id=373&sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
104.21.50.76200 OK 328 B URL HTTP/1.1 www.packdoor.sa.com/offer.php?id=373&sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
IP 104.21.50.76:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash d78d2fd3874585164179a33d00ed21d9
76002b3281f707d42bc545e8039e089c753ca4e2
d051535a20e5fcec48a857ec62191b619aeea3db28eafaea31cd5a8d65c9cf20
Analyzer Verdict Alert quad9 Sinkholed
GET /offer.php?id=373&sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/rmrwkinuq/nbocr874282bcat/JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L37saPBZuPQ1tlI6%2FO5ZtWTOpKesBFe7Mr%2FYs5aFMjm9jKS%2BWAIcmdv6ahq3BwKW1qeW18vutjXEoZDA0DfXEbXHf3vNtns83l297ycPPhyX2J8ewQy7owRmjBlHhH8ObXkgBEQk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749a1b265df4b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 12 Sep 2022 15:56:07 GMT
Expires: Mon, 12 Sep 2022 16:50:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KuXz6rB5a2pGFYVfkrOrPBOTUF6xw2K_PBqdW-eb3trbnNifZ7tUzw==
Age: 2881
www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
104.21.50.76200 OK 14 kB URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
IP 104.21.50.76:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16084), with CRLF line terminators
Hash c928341d41145b139a72a91fb41fd590
a98b9d9ac17a1165844a1b38f8ad7b6169a24917
1ddd34251fa8988f5c3327497390e701de7bb4afbcf926a7aebc919d7d57bf37
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=szfxD2Ytw83WBe3H6j2y36EZXAgOapJNp43gV08RUOU6p%2FP1l%2Br2Ht3mBDA5QSsUj%2BzAwFqvC7JSOBXweWCphFFaK4j2ytR2GfEO%2B4idLOCpf1xuzzBawePfchdkJFcAhTPNnA3g"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749a1b273f18b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fast.wistia.com/assets/images/blank.gif
151.101.86.110200 OK 1.2 kB URL HTTP/2 fast.wistia.com/assets/images/blank.gif
IP 151.101.86.110:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-type: image/gif
etag: "631f569c-4be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 12 Sep 2022 15:56:12 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 12 Sep 2022 16:44:08 GMT
age: 2768
x-served-by: cache-iad-kcgs7200062-IAD, cache-bma1669-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 68
x-timer: S1663001048.371047,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 1214
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 435
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 16:44:08 GMT
Last-Modified: Mon, 12 Sep 2022 16:36:53 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
www.packdoor.sa.com/clicks/circaknee_files/blueshift.js
104.21.50.76200 OK 2.0 kB URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/blueshift.js
IP 104.21.50.76:0
File type ASCII text, with very long lines (4246), with no line terminators
Hash e510f0f99cb3baeac9c35553b8aec6f7
af64d1fc4bf5aa002596afa0d3c52a396ff69720
df549f295116025c11a3d9c8c4491963ba4f08ef3b3aa6eaa29542777cac70b1
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/blueshift.js HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-1096"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GASOOnpPoz3D1q1I5r5R9cgtBEvJvJM0a6Yj5eDKekZodvuW7MjcC3p8Tx6APM0Pl6ycSbwOt4e0k%2F5jvrh9V0JRb8IV6dJPLQAs03xS60ixeoHG514cobkCafUPrj3W3cAVqQrH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b27f8c00b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.packdoor.sa.com/clicks/circaknee_files/modernizr-custom.js
104.21.50.76200 OK 1.6 kB URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/modernizr-custom.js
IP 104.21.50.76:0
File type ASCII text, with very long lines (4277)
Hash 3b0b7910dbc74a70a84d5aaadd6dd5d8
ede9efa01f4f13ff72a4e0ec38f861fb0038997a
ffceb69c04fb2f1c15b6212bf27ab6a5e40522a273ad49fd3d4a05578f49d2c0
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/modernizr-custom.js HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-114c"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPGTukCrmbrutOrfMpgt6mgaWMZaoBXHVn%2Bz5VYt2SgqFh3jPcsTqZSlhKanMg2%2BTkzznCG%2BCFOjMzm%2Bb%2BM%2FXbviZAPFkMZSSwAKWbTVYLFQhy%2FuckoFB9edyZxbdEKgiVF60dy%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b280eb90af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.packdoor.sa.com/clicks/circaknee_files/jquery-3.js
104.21.50.76200 OK 20 kB URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/jquery-3.js
IP 104.21.50.76:0
File type ASCII text, with very long lines (54348)
Hash 56fc9633833c473831b8772b20db4222
0f10326f6916de5303c92b3305ddcf3f64717242
0b64c12f01acfbac88bfac17bcfbe537a3be0c50ac7945309ca2a53378c930d6
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/jquery-3.js HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-d573"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgUDep6HCTTLjaCkfCcm0GJU3%2BfLd1dv%2FptRLYfPOVyblGhYxjrIszq%2FgvL%2BWQCcQf7MFcLmBY2U5meFbV6ahnrJBG9qi%2BMdagx%2BG35r4Ms%2FIzxXZRu692B66bsI%2B3rJrBrOp7dG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b28082bb529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.packdoor.sa.com/clicks/circaknee_files/blazy.js
104.21.50.76200 OK 2.0 kB URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/blazy.js
IP 104.21.50.76:0
File type ASCII text, with very long lines (4991)
Hash b8116e5ca2a0e5c405502b6ee3cc25c5
52992193091d2872454ff3015f5d1756fd6b67f0
a7ed5eb0e7d7f08e31b08c515cbd6f491e18583106a549d060f1b4941f85c506
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/blazy.js HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-1448"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjhvbUxVufCpXkVSjHk4x84pEtO2Se1rEGpuifWZK7qhjNlvezYe5nrgVs4v%2FA3PqsNkCwLwgyzwt0fD4GK8jq2y3Kjj7yz8u4Zgg2fR9VYDlMO3IxsMh8z8SpGQTS3gGc9BqC%2FV"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b28a9bc0b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.packdoor.sa.com/clicks/circaknee_files/css2.css
104.21.50.76200 OK 1.1 kB URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/css2.css
IP 104.21.50.76:0
Hash 53163eba0cf2d43dc392eca69fc2bfca
6f8c761a3da4e24bf7061f156db65a9f540c9c6f
a06dd967385fb560f7d9cc68fe9c7ee4e9476d33c4f5416d17fd953d1c2b0421
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/css2.css HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-65d2"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1n4Ieg0FqKTDRVKj6XddeGkmbfQrtGFgCWWE1PE8g7TrN88t1tv80ksyZLt7DNohLC%2BupiOngsUjhKzeSeKTIjK11BYsYsSotIbMOjrHs0PXabYG6rNxQMFcMHfE2szpi83wvves"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b27fbef0b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.packdoor.sa.com/clicks/circaknee_files/ctrwowUtils-v2.js
104.21.50.76200 OK 11 kB URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/ctrwowUtils-v2.js
IP 104.21.50.76:0
File type ASCII text, with very long lines (33542), with no line terminators
Hash e6bde883be6ad8515c33ef779bd321f7
137f2bf9436f3f892c3e176da7429b171736d52f
9c1c652b9439d825b0a4bb12fc127a9a4b3397c1103becd5b6630541151bb11e
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/ctrwowUtils-v2.js HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-8306"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZ54NKWRp1WB6CzHqxtX1nxWRM%2FJiu60G1yWQZH9b4kUmZ4%2FA1jUgacfoWmhvHagZfbMhWptt8gdP0vSDNmVzYuV6%2FtFBkMPjenuBjegi%2Fpgn6HXI0bg07WS9dXMBVgTagjX%2BIUd"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b28dfc50af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.packdoor.sa.com/clicks/circaknee_files/pre-vsl.css
104.21.50.76200 OK 2.8 kB URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/pre-vsl.css
IP 104.21.50.76:0
File type ASCII text, with very long lines (10514), with no line terminators
Hash a6194a7ab9c22bc59390745f841b48aa
a247bebbd2a37da8e811a7194f9328c84ec56170
a3f25cc361c9d1ac5f237abe450e0795863f6d635a2b54dd731320e24a4ccefc
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/pre-vsl.css HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-2912"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqfHZ6St4hxnQpap%2FUvMVSt82vuT5961FpsxNt63iESAHznVZR8QL%2BZQQnFoiXSWVez3D1ujV4FyrqoJe5AJOscReCiOSY2kCpWnytIcLjeC%2FjXqEA3qXCBPey3h3ex6WBDdueEI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b2939c1b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.packdoor.sa.com/clicks/circaknee_files/gtm_002.js
104.21.50.76200 OK 68 kB URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/gtm_002.js
IP 104.21.50.76:0
File type ASCII text, with very long lines (62413)
Hash 6fdc4ea785ec4cc00f67e91ee7b38ba8
72458fb5a66d19067d7c24be9a9c7154925fd964
130d86eb0dbe7b3ec701e78d18f6982db50feffe7597e6241bf045776ed62b7f
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/gtm_002.js HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-3e9e8"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojEFEybSFn%2BC4HKvaL037NLxcxmyjs6trYLbIjH5amjfUH8IkEtBWTacKcexPq9%2F2db3zWXlx2hTrvgtxatKnagNvlRrEiKzKSzqwZlhFZOquJvD%2FjUpKpZL%2FcVeFvdo8QlAyAgk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b27fc69b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.packdoor.sa.com/clicks/circaknee_files/CTR_FUNNEL_TRACKING-v2.js
104.21.50.76200 OK 3.0 kB URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/CTR_FUNNEL_TRACKING-v2.js
IP 104.21.50.76:0
File type ASCII text, with very long lines (8769), with no line terminators
Hash 53c890fc05fb6b6f2ba47d4efb27c270
1ddeb2e7e2457457afd49eb36ca322b8974b4503
f95f367cdc41e82a967eb190867b0a08dea30585fc45c0f4f5dcb43886d752bf
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/CTR_FUNNEL_TRACKING-v2.js HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-2241"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLWXceD4NQkxX0LNDJ1LVWd4pIlP%2BiDlhcmwxAbnBnoz8O2%2FqtglTCm0Kv07vFOL%2BmXL%2Fid%2FYuC2uUsnnVLurFccJqfejk%2Bk%2FJWeLdDXsLg1cdCPvwP%2BUsVfLcthQgXmNKqFi2eG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b296de00b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.packdoor.sa.com/clicks/circaknee_files/gtm.js
104.21.50.76200 OK 69 kB URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/gtm.js
IP 104.21.50.76:0
File type ASCII text, with very long lines (55397)
Hash 5fa1c01b5d91b87b894513a1abe72ebb
165aadc0a4a01222146e4f7281e592532da95796
5d4826e8ff74dba968c57d47d2bbe791508729c389d445abd680e608dbab39d0
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/gtm.js HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-3a09f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjuynAyUnpMwb1gedDUp2YCpEGwGKID3naGmCo6GaIFaU%2BoT%2BgbSe99Hnqi85Mp1njK6ajZOvkbfga1833J9ZAWXoBM%2BgaTCyPetOjPTODaOTzca%2B6XDa6%2BHZiBfiph9GEjMke89"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b28091c1c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.packdoor.sa.com/clicks/circaknee_files/ctr_heatmap_tracking-v1.js
104.21.50.76200 OK 9.3 kB URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/ctr_heatmap_tracking-v1.js
IP 104.21.50.76:0
File type ASCII text, with very long lines (30558), with no line terminators
Hash 1db1146a85840c35a9b14adf025fab66
8a96cbb216131380e65e2309ddc95102c4ca40b2
2cc882d7ca1ddde7f0b740d1715427768bb32a4058c613109ab107fb483203a7
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/ctr_heatmap_tracking-v1.js HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-775e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0Alpmb80qWARilq8GIC%2FXT26WFByFQQGkCXtdGxWXyG%2FmR61zqLRdF1MfczOs0daVHF81AUqM9COHTFxVO34tGiISkRYcEgc3x29A4KEbxX4EbaTI0OOnX2wOz2RgNbBQtwQ8fm"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b29e8eb0af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 16:44:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15688, version 1.0\012- data
Hash aa23b7b4bcf2b8f0e876106bb3de69c6
106ac454ba4e503e0a1cd15e1275130918049182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
GET /s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.packdoor.sa.com
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15688
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 10:09:08 GMT
expires: Wed, 06 Sep 2023 10:09:08 GMT
cache-control: public, max-age=31536000
age: 542100
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 16:44:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 16:44:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 16:44:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.packdoor.sa.com/clicks/circaknee_files/pre-vsl.js
104.21.50.76200 OK 4.3 kB URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/pre-vsl.js
IP 104.21.50.76:0
File type ASCII text, with very long lines (12372), with no line terminators
Hash f1bde3c479fc31ed81fa769c1385710e
238cec8e873157b500f313ba9b1b8ed32a632f3b
03a9e4b87446916d42182a7bc7912d2fd7d25d9efbdb4a13dae39834a3eab00e
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/pre-vsl.js HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-3054"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mX%2B62OWQy1Z%2BCAkKkGY0kso6nirvH7%2FC1JWi459UWgun4FaVtrOnX8ZExzWA6Yr65jMbEtYNSDOcEHjqbLLHQHibq56rWcQ3DD80TuqbZubtcP9df3SBTLg%2BH08mPH40Jd3mbon"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b2a4ef50b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15732, version 1.0\012- data
Hash 80fe119e5efa3911b9d61b265f723b3d
34f751a1b1a0c1c0b5264b99f490e689db939657
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
GET /s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.packdoor.sa.com
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15732
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 21:52:56 GMT
expires: Sun, 10 Sep 2023 21:52:56 GMT
cache-control: public, max-age=31536000
age: 154272
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15828, version 1.0\012- data
Hash bf28241e67511184c14dbd0ef7d39f91
c706e0a4122ab727645b744c21667390e8898a4d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
GET /s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.packdoor.sa.com
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15828
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 05:46:24 GMT
expires: Wed, 06 Sep 2023 05:46:24 GMT
cache-control: public, max-age=31536000
age: 557864
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash f00e7e4432f7c70d8c97efbe2c50d43b
d836c7d4bc52bcd67626b8960ae030ad315c2507
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
GET /s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.packdoor.sa.com
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 01:28:54 GMT
expires: Sun, 10 Sep 2023 01:28:54 GMT
cache-control: public, max-age=31536000
age: 227714
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 16:44:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.packdoor.sa.com/clicks/circaknee_files/blank.htm
104.21.50.76200 OK 548 B URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/blank.htm
IP 104.21.50.76:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1254), with CRLF line terminators
Hash 0a16aec008013f053a922381dee71f9d
13a69b2e43a426ce54f9a47146955ec0bb169172
4686bf42f5ae452ed851ee0e084ece44ceccef9bc2fde5eee10a33a6c92461ae
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/blank.htm HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1pBhJy4zJ7cjz2lhQA9HBiE2UUbB4ZsK%2Bdh1v4%2FqXs9OjeDE%2BIshpnmpUUxAhG6731SK%2FSTOY%2BREc6f5%2BzEOkXEVz3YuS0i9UnARY9Xl%2BQqTU1cvlHkFv%2F0qfQhaPjiUnGUWHnd"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 749a1b2a8bdd0b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.packdoor.sa.com/clicks/circaknee_files/dmca-badge-resize.webp
104.21.50.76200 OK 1.4 kB URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/dmca-badge-resize.webp
IP 104.21.50.76:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9985d83ad8ac83764331a13b920ac486
6991872ac8abd1abd1045d20f355ce4b124de007
286198e6e4eaa35a618b8c9c954584d5d8c19bb0720228a0546bea63995285fa
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/dmca-badge-resize.webp HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: image/webp
Content-Length: 1386
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: "62e823bb-56a"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UsOLT6BZizmnP9r3X2t%2B7XrCRap83FC%2B7Hzftl%2B3la0hFvRiLl65O7eEEwYaZxbTpu15f%2B%2BckNb3r97Z7ar%2FwamMtMrRig9yMvePE%2FcQIUF7u6GwjNCCCwJq%2FeYAuz3Mf4t9Wy6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b2ab9cd0af6-OSL
alt-svc: h2=":443"; ma=60
www.packdoor.sa.com/clicks/circaknee_files/blueshift_wow.js
104.21.50.76200 OK 5.4 kB URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/blueshift_wow.js
IP 104.21.50.76:0
File type Unicode text, UTF-8 text, with very long lines (15843), with no line terminators
Hash e65348c7a35e848a81cdfa547cffd09f
101070c91c21f9fe0ffd42fc17c8a0cfee2c56cd
4aa0a980550dad9808b8d4a80190720ad9c40d92b9e86c19919361a43d7745a0
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/blueshift_wow.js HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-3e23"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1LEZhjvu3oFwoqkNdCh%2BmR%2FkV3bPbEWpF%2FP5tye4Na8UgiBnv7l2%2Fa9fwuBSc6fNqNfAypGOjSWiLXO7wYkKXs4YE31GOixYCH3iPycXpua2inZ%2FFFc%2BcHaofpQrqKn7P3t7Fra"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b2a7c281c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.packdoor.sa.com/clicks/circaknee_files/icon_shipping.webp
104.21.50.76200 OK 1.4 kB URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/icon_shipping.webp
IP 104.21.50.76:0
File type PNG image data, 104 x 52, 8-bit colormap, non-interlaced\012- data
Hash ba2661585e30c45f0a39517480f9968f
bc126b42415e512f42aa551cc2af30e3d675ee8a
b8d83ff7d53074a841c50d8e17b38e41f8624b38f842fe4edad04f63fe9e4962
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/icon_shipping.webp HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: image/webp
Content-Length: 1431
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: "62e823bb-597"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iQZuPMa1M8AP1fMjQotNeCsE29gh2uki180scmOi2gaxXB2VGUz4%2FqPcViGxet7pMYpKYmK2yX5YCwzDQJD6camVujjFsd%2BP%2BLHxPyMQT23dbx6KBevz5Vh63KKmjo2vNW2Y5WI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b2b2cb20b65-OSL
alt-svc: h2=":443"; ma=60
www.packdoor.sa.com/clicks/circaknee_files/blank_data/inject.css
104.21.50.76200 OK 928 B URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/blank_data/inject.css
IP 104.21.50.76:0
File type ASCII text, with CRLF line terminators
Hash e1c22e631b7cce42e3ef13cd9bb02ff5
6c6c2b15c56e776d9eac10babf3a6c4a2bd964ae
93950a736308fe62073a44a76b8ec05b9a651062f6ecee4782059d0718aab6dc
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/blank_data/inject.css HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee_files/blank.htm
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-f28"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvutUeG6%2FUpCVIFfDHrEyWVc9yloYRnssBRbVxdaKfJW4stMtbl6R6zJxz%2B8flRETDgnts9bLsZxixAarBOzanSW4dR16FOvKjbnz8A2IUhpOID5jsU9rEGWHjOeMUr31veS2%2Byv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b2b5af20af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.packdoor.sa.com/clicks/circaknee_files/ctrwow_analytics.js
104.21.50.76200 OK 18 kB URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/ctrwow_analytics.js
IP 104.21.50.76:0
File type ASCII text, with very long lines (55555), with no line terminators
Hash b4122018c18e0056422bb66c626070ee
836971bf8615cf908a985bf6307537cb10a84d15
f8ade1457ef938e60eb3f133e0e26dfa9a6eef5e74fa1aff540b12d8fcea41cd
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/ctrwow_analytics.js HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-d903"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BrYi0nVV2sCYsGZ%2FzIfC83UCdgBLwF8N0zGq8skDFMHfBosgQG4YIr3MDeMcpC9880vYu9mDR0Y1b8Ck9hHVZmJvy2oBcfufIsdPt75JlWGScasAPBJLUPGr%2FDcIN3wEbFlZgco"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b29fac0b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.packdoor.sa.com/clicks/circaknee_files/624bfc51d2fcbc0ebaac400b53014447.webp
104.21.50.76200 OK 66 kB URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/624bfc51d2fcbc0ebaac400b53014447.webp
IP 104.21.50.76:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f36d62db167adfa5c64a791490c1a04d
526b470fae5046c224f05b2394225943da24f602
11b47f9ca33a2da98a9cc8fbdd2507a85ab3d8e71d8d499fa185be8cf42cc1f8
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/624bfc51d2fcbc0ebaac400b53014447.webp HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: image/webp
Content-Length: 65510
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: "62e823bb-ffe6"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1uwdpL%2FUwl3PRQwlp70NUWz%2FBPSIckpExUvPXc9R9cTmhVduWw63HfG3uQLGe5iwxUA2NlAdkqkg8zKZYVLBsXWSoIqNqc7v786MmC66VBfN2QjR6KlJdVLbsA6EESM2uNnVwrJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b2aefbf0b55-OSL
alt-svc: h2=":443"; ma=60
www.packdoor.sa.com/clicks/circaknee_files/caresole-logo.webp
104.21.50.76200 OK 11 kB URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/caresole-logo.webp
IP 104.21.50.76:0
File type PNG image data, 250 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 1c5dbd2e1ce2316b00542d800ef78ce0
621e8e53b796f51192300283da10107a8ac30280
cfd90f4cf00eb0e2918940b49b27c69cade015d631b3d7ac31c227f624edcb83
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/caresole-logo.webp HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:09 GMT
Content-Type: image/webp
Content-Length: 11188
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: "62e823bb-2bb4"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lW1Z8J82EUvwrRfwYYT0%2BqLulbJzHkj2x%2B5fyNS8s7948HzPH7pKuh6ypUZMoedNFyn3CHpi1%2FvUlbCUxjZfiGWX5tuZ%2B9IVQQB4%2Fw8UEO0TuhGvbiKxaqcS%2FMI4RpZl62L%2F20UX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b2b7d291c02-OSL
alt-svc: h2=":443"; ma=60
www.packdoor.sa.com/clicks/circaknee_files/E-v1.js
104.21.50.76200 OK 154 kB URL HTTP/1.1 www.packdoor.sa.com/clicks/circaknee_files/E-v1.js
IP 104.21.50.76:0
File type ASCII text, with very long lines (65459)
Size 154 kB (153756 bytes)
Hash aaaf417f60bc4b6154bc19e986c91100
cbec210ecfe93e0228665dd34c1ce55a5ad92cd2
5b77d5516120b74fe87c6940c863883d02db3306f138b897758e7abc4bd0dcbe
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/E-v1.js HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-9b796"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZojkGZv5CMdY0UQXByzwb7mtpRh4gqy7nVu7aBiOYy5JbCjGTpvH6HV1Yrui8J6u79zsO5Kj2uRDoCFf9FpkJhdvnISIHPrQQ0eQpuaAMj16d%2BpVPPn19rutPWnEnOFYzOkcbXi"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b2a3fc4b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b0074a6aabb5f85650d75e8b9099bd4e
a93943c07d89dc0b887cdb7a1401b93f8a61866d
10929f35a8e415a548559ea180410433c73751a4e6649fbf49279ab9c805b4e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "10929F35A8E415A548559EA180410433C73751A4E6649FBF49279AB9C805B4E3"
Last-Modified: Sat, 10 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8721
Expires: Mon, 12 Sep 2022 19:09:30 GMT
Date: Mon, 12 Sep 2022 16:44:09 GMT
Connection: keep-alive
api.sjpf.io/
75.2.10.96200 OK 208 B IP 75.2.10.96:0
File type ASCII text, with no line terminators
Hash e62a1be99ec6052b8ab27bef27f8ba55
6dd318e6f68cf460db3ca8f4920be498a7ab6725
70fe15add29e44e1170c20653d67825e2e5b64f91101ea9264015aad5a7a0e79
GET / HTTP/1.1
Host: api.sjpf.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.packdoor.sa.com
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=2592000, immutable, private
strict-transport-security: max-age=63072000; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 208
date: Mon, 12 Sep 2022 16:44:09 GMT
X-Firefox-Spdy: h2
fast.wistia.net/assets/external/wistia-mux.js
151.101.86.110200 OK 37 kB URL HTTP/1.1 fast.wistia.net/assets/external/wistia-mux.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 088055ee2e1d957c0747384fd644b01d
a05f4510e6127c5ba4a204a3de92f8e76ef3bc77
1213ca9a4ad31ab9d1bb8cc2c60517a48099dde403112d4251e5c5e94d996b24
GET /assets/external/wistia-mux.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "631f51b5-9121"
Last-Modified: Mon, 12 Sep 2022 15:35:17 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 37153
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 16:44:09 GMT
Age: 2769
Connection: keep-alive
X-Served-By: cache-iad-kjyo7100049-IAD, cache-bma1682-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 3, 4
X-Timer: S1663001049.412153,VS0,VE0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
fast.wistia.net/embed/medias/wl3c973xo9.json?callback=wistiajson1
151.101.86.110200 OK 1.8 kB URL HTTP/1.1 fast.wistia.net/embed/medias/wl3c973xo9.json?callback=wistiajson1
IP 151.101.86.110:0
File type ASCII text, with very long lines (5598), with no line terminators
Hash 811c8b70fcb71408084bcfc6409063aa
fab27ee6defd15c582bba82ad3202aa31c595d74
47fe984d9f8e8935d033bd424fda0632cc7cefa175536cb60ca54cd107e8f2b9
GET /embed/medias/wl3c973xo9.json?callback=wistiajson1 HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, no-cache
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
ETag: W/"1ca5795d52a352b559813a0d323b60ec"
P3P: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
Referrer-Policy: strict-origin-when-cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: f333aae183752db7604d9b784619a130
X-Runtime: 0.046511
Via: 1.1 varnish, 1.1 varnish
Content-Length: 1842
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 16:44:09 GMT
Age: 24949
Connection: keep-alive
X-Served-By: cache-iad-kjyo7100025-IAD, cache-bma1669-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1663001049.412251,VS0,VE1
Vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 12 Sep 2022 16:41:12 GMT
expires: Mon, 12 Sep 2022 18:41:12 GMT
cache-control: public, max-age=7200
age: 177
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45b55c678e2944a30a6d8160bb6e4a94
a1ac0c9681902e7d64e49bd9e146820ce2c60f4f
5a89db56a9b47aa3e426799671db9b25a42d7dd7d6881c66eca7ed37facf6bd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 16:44:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1623)
Hash 4738d969770682feba80f04bf171d65b
be0e0ceb91bf5ed0c64b0f3f2cc2c99c6d4cd6b7
1daca97cf9e8078299f94c50346e45fead45bf908ca97ded912f26986c1c4e9a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 12 Sep 2022 16:44:09 GMT
expires: Mon, 12 Sep 2022 16:44:09 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15579141248118922429
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fast.wistia.net/assets/external/share-v2.js
151.101.86.110200 OK 16 kB URL HTTP/1.1 fast.wistia.net/assets/external/share-v2.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (51358), with no line terminators
Hash 85a8d5fcc8b3f06704fd016714106422
4f96f638aa290263c17b1ffaffa46b79a455c108
31f2f387f5ef6b9b4af68b82f98698abadabc11f0ad109868d8f000a2fdf7906
GET /assets/external/share-v2.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "631f51b5-3d48"
Last-Modified: Mon, 12 Sep 2022 15:35:17 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 15688
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 16:44:09 GMT
Age: 2767
Connection: keep-alive
X-Served-By: cache-iad-kcgs7200090-IAD, cache-bma1682-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 2
X-Timer: S1663001049.484214,VS0,VE0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 437c7ccd2c357dd83d6b9a5118d4b402
e0002389b286a960b454a92aeb3d1a1e08317ff2
9a5b3bdb7765ea21d7147a0c8022198a1be6c8256fa594b53732cf59e86532b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 16:44:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ctrwow-prod-analytics-socketserver.azurewebsites.net/?trackingId=5f8ea23018087a1c5c16753a
52.176.5.241101 Switching Protocols 0 B URL HTTP/1.1 ctrwow-prod-analytics-socketserver.azurewebsites.net/?trackingId=5f8ea23018087a1c5c16753a
IP 52.176.5.241:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?trackingId=5f8ea23018087a1c5c16753a HTTP/1.1
Host: ctrwow-prod-analytics-socketserver.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://www.packdoor.sa.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gJJNUnY7ZS76OieMnTioJQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Date: Mon, 12 Sep 2022 16:44:09 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=5dd88b1b095b0bace916bbff8b6816e0a442269c15efc1ddf244384e7f96a14f;Path=/;HttpOnly;Secure;Domain=ctrwow-prod-analytics-socketserver.azurewebsites.net
ARRAffinitySameSite=5dd88b1b095b0bace916bbff8b6816e0a442269c15efc1ddf244384e7f96a14f;Path=/;HttpOnly;SameSite=None;Secure;Domain=ctrwow-prod-analytics-socketserver.azurewebsites.net
Upgrade: websocket
Sec-WebSocket-Accept: hTnVkOI9znHuzyFCVMEOZDQkJe0=
Origin: http://www.packdoor.sa.com
X-Powered-By: ASP.NET
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 674e46154bcffa9e4e8e65ef21e5cf7d
1e43bac3d1efaf5f670fda335d3b01b28f325810
cac5df6aaa6290a5733a43fab8c3dbf4af101dcf471dd92e7d1b40150abcd4d8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 16:44:09 GMT
Server: ECS (dcb/7FA8)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XIL4V6B26ap2UbSeXiOy92olle5iBxYUqZp9yqXBe43iTdVtlpGGbg==
www.buycircaknee.com/en/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/61a8e210-6748-4c7c-b2a1-23ebffc86321/favicon-a5551bb1-a4db-4b5e-ab39-4afedf9403a7.png
54.230.111.52200 OK 1.0 kB URL HTTP/2 www.buycircaknee.com/en/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/61a8e210-6748-4c7c-b2a1-23ebffc86321/favicon-a5551bb1-a4db-4b5e-ab39-4afedf9403a7.png
IP 54.230.111.52:0
File type PNG image data, 128 x 127, 8-bit colormap, non-interlaced\012- data
Hash 0f351fbdf834a0dfa6b09ee104664762
1d0f4329ee8bd6e0f4fd1e89ba7b6e7feb4c117b
d4571ae92aa3e457bd64730f7bca11b74a0052faddd90e9c57560683ed538c11
GET /en/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/61a8e210-6748-4c7c-b2a1-23ebffc86321/favicon-a5551bb1-a4db-4b5e-ab39-4afedf9403a7.png HTTP/1.1
Host: www.buycircaknee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1048
date: Sat, 06 Aug 2022 01:37:32 GMT
cache-control: max-age=31536000
last-modified: Fri, 24 Jun 2022 10:36:10 GMT
etag: "0f351fbdf834a0dfa6b09ee104664762"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: P8UYHSSnGeg9siCvLJUNt0dyABcn-5PquEkdHMjvdgSQZ4LIZpoAqA==
age: 3251198
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 324364e9311c1f7cb5e4068f3d947d5d
ddb00dc97404cee267838983ce8bb4ae48d6647a
d6cc296b22c48f9e7bb3a905dd9e899441ae7c29faec4a62e71628e1f23d61a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 16:44:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/781463602/?random=1663001037473&cv=9&fst=1663001037473&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.packdoor.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D992793%26h%3DJXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM%2FZ00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.130200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/781463602/?random=1663001037473&cv=9&fst=1663001037473&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.packdoor.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D992793%26h%3DJXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM%2FZ00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (2726), with no line terminators
Hash f5c7d3ee1238308932bfe1d1cf693c5e
494be4edff196ae07e48ccde71bb5be09c7d189c
e42d57a767bcf73c600e25ce6431a59ceac737c2494963045df01d85339d9eac
GET /pagead/viewthroughconversion/781463602/?random=1663001037473&cv=9&fst=1663001037473&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.packdoor.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D992793%26h%3DJXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM%2FZ00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 16:44:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1246
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 12-Sep-2022 16:59:09 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
embedwistia-a.akamaihd.net/deliveries/624bfc51d2fcbc0ebaac400b53014447.webp?image_crop_resized=1280x720
2.22.244.131200 OK 66 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/624bfc51d2fcbc0ebaac400b53014447.webp?image_crop_resized=1280x720
IP 2.22.244.131:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f36d62db167adfa5c64a791490c1a04d
526b470fae5046c224f05b2394225943da24f602
11b47f9ca33a2da98a9cc8fbdd2507a85ab3d8e71d8d499fa185be8cf42cc1f8
GET /deliveries/624bfc51d2fcbc0ebaac400b53014447.webp?image_crop_resized=1280x720 HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/webp
Accept-Ranges: none
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
content-disposition: inline
Last-Modified: Tue, 11 May 2021 01:11:50 UTC
surrogate-key: 624bfc51d2fcbc0ebaac400b53014447 thumbnail-delivery
Content-Length: 65510
Cache-Control: max-age=31037703
Date: Mon, 12 Sep 2022 16:44:09 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7c85e22b75dd559a6c65736bae63c5bd
eb57470991666108a01b8ee0adf707e1c1dc8642
bd05cc5dfc5ddd554cc9ac5395035ce302b0b74343d199a64b2dbdcac0070944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 16:44:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fast.wistia.net/assets/external/engines/manual_quality_video.js
151.101.86.110200 OK 25 kB URL HTTP/1.1 fast.wistia.net/assets/external/engines/manual_quality_video.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5f34fb143ebb48f3e8a42fca02878707
f9bc9126bf05c2caeec00cb8e6b7f3a926416ccb
c29ef5c516533467b029fdd597983988db8686147ce06180fa73758e02e024be
GET /assets/external/engines/manual_quality_video.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "631f51b5-61b6"
Last-Modified: Mon, 12 Sep 2022 15:35:17 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 25014
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 16:44:09 GMT
Age: 2767
Connection: keep-alive
X-Served-By: cache-iad-kiad7000143-IAD, cache-bma1682-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1663001050.879682,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
fast.wistia.net/assets/images/blank.gif
151.101.86.110200 OK 1.2 kB URL HTTP/1.1 fast.wistia.net/assets/images/blank.gif
IP 151.101.86.110:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Content-Type: image/gif
ETag: "631f569c-4be"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Mon, 12 Sep 2022 15:56:12 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 1214
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 16:44:09 GMT
Age: 2770
Connection: keep-alive
X-Served-By: cache-iad-kiad7000103-IAD, cache-bma1682-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 28
X-Timer: S1663001050.932719,VS0,VE0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 0b2a2a6770a37b7b3fdfb7bfcc796339
0bf5ef5a447f683e143785394775a08132833d0a
2619a1b834327e7774ff1bd62ab2caf6b812471e8c267c9c27d9e1706d50130f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 16:44:09 GMT
Server: ECS (dcb/7EA7)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9HIGeAScTQrd46i_naCGobKoAVG6_WTLvyU9zpsqux1FVabxqbj1hA==
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11456
Expires: Mon, 12 Sep 2022 19:55:05 GMT
Date: Mon, 12 Sep 2022 16:44:09 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11456
Expires: Mon, 12 Sep 2022 19:55:05 GMT
Date: Mon, 12 Sep 2022 16:44:09 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11456
Expires: Mon, 12 Sep 2022 19:55:05 GMT
Date: Mon, 12 Sep 2022 16:44:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 68538
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NKM6RRhJ5AuRF4NKSyBO6-KMkd1UGaw3DuZBkBao_8fzzpkMeDrn0w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:55:40 GMT
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
age: 67709
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7ccc33ae0c85a906f2c17db281ec790
1904722d70348235d5472c54f888d2b4b991e2aa
f48edc03624f582b05b596694b76bd784f85eb9f2ca5dd025bbea9cc2ff1f096
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6999
x-amzn-requestid: 61e3e817-fb62-47c7-b938-2dfc6a134622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO1mlG3XIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3629-37c2c8982c4ccf891875c59a;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S2TR552YpZeEbhTSAn4vdXexYpvR4Lrr-LaJmfNd7LnO0L4QM8w-Dg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:38:55 GMT
age: 47114
etag: "1904722d70348235d5472c54f888d2b4b991e2aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b674daf3dc6e85ed054ab34d69979b86
47aaf5a3af2c25820d01d613c82b7f1279a298fc
7b9993ef69d4b77c1533ada040c85563b9cf7b1f5d007177c005f6cd7fdba1d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4162
x-amzn-requestid: 9dc27e34-69e1-439d-8974-1297584ef4d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIhuHlWIAMFhOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d87a4-410e9ede524aa657609a057a;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:00:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jGj2al3pBpze7UQnHild4DxKndrprY4pTG_EZScw2RukQlgFEvNMkw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 07:18:04 GMT
age: 33966
etag: "47aaf5a3af2c25820d01d613c82b7f1279a298fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: u_jETr8miiFyuhq7R09yb0lAP-hUv_6eTRV81Xzd9gSqU31VXwC9CQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:15:48 GMT
age: 48502
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2jR7F56GE_qqbRBWjNDiDBgWbCYv-Ac6kvC1LI0HciQkKGTeNDYlyw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:57:43 GMT
age: 67587
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fp.ctrwow.com/
75.2.62.78403 Forbidden 75 B IP 75.2.62.78:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 41eff65d165da68dcac2f69e7c59c2f6
0d1ce4ccf439561d81f3b94ea5b5bb49c14b09d2
f58668c5141a2d470d5fc9da4319343dc9da65bf33ab8bdf68bbed2daafe2a7b
POST / HTTP/1.1
Host: fp.ctrwow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1027
Origin: http://www.packdoor.sa.com
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Mon, 12 Sep 2022 16:44:10 GMT
content-type: application/json; charset=utf-8
content-length: 75
server: nginx
access-control-allow-credentials: true
access-control-allow-origin: http://www.packdoor.sa.com
access-control-expose-headers: Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cc16b956392846e1100a913453575c87
09e81e2f60ab04ca565b73ed9060380a2229cf30
3a3eecb77d71c4f1c3d706f33f33e8df527b3653906d0086089c2e5b45fd25e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 16:44:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-135383900-2&cid=346469217.1663001037&jid=52101647&gjid=1679525548&_gid=1388511152.1663001037&_u=YEDAAUABAAAAAC~&z=1774066199
142.251.1.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-135383900-2&cid=346469217.1663001037&jid=52101647&gjid=1679525548&_gid=1388511152.1663001037&_u=YEDAAUABAAAAAC~&z=1774066199
IP 142.251.1.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-135383900-2&cid=346469217.1663001037&jid=52101647&gjid=1679525548&_gid=1388511152.1663001037&_u=YEDAAUABAAAAAC~&z=1774066199 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.packdoor.sa.com
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.packdoor.sa.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Sep 2022 16:44:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22484186-3&cid=346469217.1663001037&jid=1485726142&gjid=618282282&_gid=1388511152.1663001037&_u=YEBAAUAAAAAAAC~&z=731821701
142.251.1.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22484186-3&cid=346469217.1663001037&jid=1485726142&gjid=618282282&_gid=1388511152.1663001037&_u=YEBAAUAAAAAAAC~&z=731821701
IP 142.251.1.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22484186-3&cid=346469217.1663001037&jid=1485726142&gjid=618282282&_gid=1388511152.1663001037&_u=YEBAAUAAAAAAAC~&z=731821701 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.packdoor.sa.com
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.packdoor.sa.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Sep 2022 16:44:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/781463602/?random=1663001037473&cv=9&fst=1662998400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=http%3A%2F%2Fwww.packdoor.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D992793%26h%3DJXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM%2FZ00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&async=1&fmt=3&is_vtc=1&random=2917457208&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/781463602/?random=1663001037473&cv=9&fst=1662998400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=http%3A%2F%2Fwww.packdoor.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D992793%26h%3DJXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM%2FZ00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&async=1&fmt=3&is_vtc=1&random=2917457208&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/781463602/?random=1663001037473&cv=9&fst=1662998400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=http%3A%2F%2Fwww.packdoor.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D992793%26h%3DJXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM%2FZ00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&async=1&fmt=3&is_vtc=1&random=2917457208&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 16:44:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fast.wistia.net/assets/external/playPauseLoadingControl.js
151.101.86.110200 OK 18 kB URL HTTP/1.1 fast.wistia.net/assets/external/playPauseLoadingControl.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (59748), with no line terminators
Hash 5ace5f22e80cd593e867b5494ab1db8a
dc3232d86ae6f6d9c81a95aeff2d7da3e74b1b5a
8caefe5996d4051f4f46508718c00d036883284e39abdf3ad55bfbd5211c6d0c
GET /assets/external/playPauseLoadingControl.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "631f51b5-4564"
Last-Modified: Mon, 12 Sep 2022 15:35:17 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 17764
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 16:44:10 GMT
Age: 2769
Connection: keep-alive
X-Served-By: cache-iad-kiad7000148-IAD, cache-bma1682-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 4
X-Timer: S1663001050.126375,VS0,VE0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
cdn.getblueshift.com/blueshift.js
54.230.111.92200 OK 2.0 kB URL HTTP/1.1 cdn.getblueshift.com/blueshift.js
IP 54.230.111.92:0
File type ASCII text, with very long lines (4407), with no line terminators
Hash e180e60ec878d69551a1c449b37c6552
41e08b360ccf3b35947abcf709f1cc249f6393c6
daa4b9339673c9cce7e986f05b60b11f5773108503f83ce2f81464fc470f254c
GET /blueshift.js HTTP/1.1
Host: cdn.getblueshift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1990
Connection: keep-alive
Last-Modified: Tue, 08 Feb 2022 00:38:50 GMT
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 12 Sep 2022 16:09:33 GMT
Cache-Control: max-age=3600
ETag: "e180e60ec878d69551a1c449b37c6552"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: suAWK1jj_ZwdkGh0aCJYFhzRUA2AfhmX7penory1v6AZii7LwSe39Q==
Age: 2077
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cc16b956392846e1100a913453575c87
09e81e2f60ab04ca565b73ed9060380a2229cf30
3a3eecb77d71c4f1c3d706f33f33e8df527b3653906d0086089c2e5b45fd25e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 16:44:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fast.wistia.com/assets/external/E-v1.js
151.101.86.110200 OK 150 kB URL HTTP/1.1 fast.wistia.com/assets/external/E-v1.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 150 kB (149599 bytes)
Hash 0f19f3f2dd4894d63369c3176cc1e5ea
34a499a789f0abd4f646a01047656d94e8192d1f
c3d8210c2253d29cbe67927ceac5a61f1eccfc1e2289118a7373f42d98207a4f
GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "631f51b5-2485f"
Last-Modified: Mon, 12 Sep 2022 15:35:17 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 149599
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 16:44:10 GMT
Age: 2770
Connection: keep-alive
X-Served-By: cache-iad-kcgs7200148-IAD, cache-bma1672-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 2
X-Timer: S1663001050.182053,VS0,VE0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
www.packdoor.sa.com/clicks/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/f124aa22-b68f-4251-8730-5e7d42902268/dmca-badge-resize.webp?t=20211012T10425534
104.21.50.76404 Not Found 116 B URL HTTP/1.1 www.packdoor.sa.com/clicks/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/f124aa22-b68f-4251-8730-5e7d42902268/dmca-badge-resize.webp?t=20211012T10425534
IP 104.21.50.76:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d6e62b966693d7822072903ae8310d00
2de307cf4db56a090d7633f2da9ce6d224f6ffb7
36bd7d3c61ddaa2cfd74438dfcc2552f527a5299abc17957073a05d4b1d5cecf
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/f124aa22-b68f-4251-8730-5e7d42902268/dmca-badge-resize.webp?t=20211012T10425534 HTTP/1.1
Host: www.packdoor.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/clicks/circaknee.php?sid=992793&h=JXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM/Z00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
Cookie: _gcl_au=1.1.840765583.1663001037; _ga=GA1.3.346469217.1663001037; _gid=GA1.3.1388511152.1663001037; _gat_gtag_UA_22484186_3=1; _gat_gtag_UA_135383900_2=1
HTTP/1.1 404 Not Found
Date: Mon, 12 Sep 2022 16:44:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBIXA0wE59MVKauk%2FVMPvXwCAiiwSVSMR7rldAbjxqWFiXgQUVQOYHDqD%2Bga6Ln2E0lJPuC80ZsVCOt1mVxYvlEO5jHHXb5LE%2BsXDhyxEP75bT87ISBv5ktDBKjp92ey3N0z3DVd"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749a1b336e58b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash cb395520fb1fd1972ae899697352886b
3cec66b73942344dc3ec3cc18e63517598b89b1f
5b366a49c7e8041cc78a39cf040d05bed3c4d376daeb1732570ad21b8b461881
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 16:44:10 GMT
Last-Modified: Mon, 12 Sep 2022 14:58:28 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JMq8FoFqSZXiIoAAopWVVJTWEFLimBxVqaIodVUpFm3wP6-R0sChkQ==
Age: 6342
distillery.wistia.com/x
3.227.165.195204 No Content 0 B IP 3.227.165.195:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1288
Origin: http://www.packdoor.sa.com
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 12 Sep 2022 16:44:10 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 97d1bc78d4745eb507bf0d8febe0fbd3
2a640e92e27faff80ccf278d77a303dd9298c285
88bbaf3752be1966f6233316cc8b50156eac034ed178195852dc2d281d874fc4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 16:44:10 GMT
Last-Modified: Mon, 12 Sep 2022 16:26:11 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Nh3bign8mTF9hET6EBU4Tca_yhIF-gtGeKV5ormqZnpHYd03CuFdoQ==
Age: 1079
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 97d1bc78d4745eb507bf0d8febe0fbd3
2a640e92e27faff80ccf278d77a303dd9298c285
88bbaf3752be1966f6233316cc8b50156eac034ed178195852dc2d281d874fc4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 16:44:10 GMT
Last-Modified: Mon, 12 Sep 2022 16:28:46 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mUXB9bbcwy3iXaH_Pf7jbmxVD2K7F0hzzZVORtdjgoagBeNcDpF_qg==
Age: 924
pipedream.wistia.com/mput?topic=metrics
52.44.213.33200 OK 2 B URL HTTP/1.1 pipedream.wistia.com/mput?topic=metrics
IP 52.44.213.33:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
content-type: application/x-www-form-urlencoded
Content-Length: 2161
Origin: http://www.packdoor.sa.com
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:10 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: *
fg8vvsvnieiv3ej16jby.litix.io/
34.230.191.203200 OK 0 B URL HTTP/1.1 fg8vvsvnieiv3ej16jby.litix.io/
IP 34.230.191.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS / HTTP/1.1
Host: fg8vvsvnieiv3ej16jby.litix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www.packdoor.sa.com/
Origin: http://www.packdoor.sa.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Date: Mon, 12 Sep 2022 16:44:10 GMT
Content-Length: 0
Connection: keep-alive
fg8vvsvnieiv3ej16jby.litix.io/
34.230.191.203200 OK 0 B URL HTTP/1.1 fg8vvsvnieiv3ej16jby.litix.io/
IP 34.230.191.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: fg8vvsvnieiv3ej16jby.litix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1515
Origin: http://www.packdoor.sa.com
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: *
Date: Mon, 12 Sep 2022 16:44:10 GMT
Content-Length: 0
Connection: keep-alive
distillery.wistia.com/x
3.227.165.195204 No Content 0 B IP 3.227.165.195:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1276
Origin: http://www.packdoor.sa.com
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 12 Sep 2022 16:44:10 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
fast.wistia.net/assets/external/allIntegrations.js
151.101.86.110200 OK 6.2 kB URL HTTP/1.1 fast.wistia.net/assets/external/allIntegrations.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (21488), with no line terminators
Hash 479c3d43fc32adefbc7b0a21729a27de
03bc95db80884138c4c02e5ee4d0289c02fc3313
9da99cb5d6f56332e08a440bdecef3faf7788190b607e9fe9bb736028289301c
GET /assets/external/allIntegrations.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "631f51b5-1862"
Last-Modified: Mon, 12 Sep 2022 15:35:17 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 6242
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 16:44:11 GMT
Age: 2771
Connection: keep-alive
X-Served-By: cache-iad-kcgs7200149-IAD, cache-bma1682-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1663001051.131729,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
pipedream.wistia.com/mput?topic=metrics
52.44.213.33200 OK 2 B URL HTTP/1.1 pipedream.wistia.com/mput?topic=metrics
IP 52.44.213.33:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
content-type: application/x-www-form-urlencoded
Content-Length: 2161
Origin: http://www.packdoor.sa.com
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:11 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: *
api.getblueshift.com/unity.gif?t=1663001039&e=pageload&r=&z=370560&x=13c25a652e2a0c05cb06a3b1dba09a85&k=593d5382-aa5f-f02d-e5b3-491c384df2f7&u=http%3A%2F%2Fwww.packdoor.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D992793%26h%3DJXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM%2FZ00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
18.236.27.0200 OK 0 B URL HTTP/1.1 api.getblueshift.com/unity.gif?t=1663001039&e=pageload&r=&z=370560&x=13c25a652e2a0c05cb06a3b1dba09a85&k=593d5382-aa5f-f02d-e5b3-491c384df2f7&u=http%3A%2F%2Fwww.packdoor.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D992793%26h%3DJXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM%2FZ00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
IP 18.236.27.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /unity.gif?t=1663001039&e=pageload&r=&z=370560&x=13c25a652e2a0c05cb06a3b1dba09a85&k=593d5382-aa5f-f02d-e5b3-491c384df2f7&u=http%3A%2F%2Fwww.packdoor.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D992793%26h%3DJXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM%2FZ00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu HTTP/1.1
Host: api.getblueshift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Referer: http://www.packdoor.sa.com/
Origin: http://www.packdoor.sa.com
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:11 GMT
Content-Length: 0
Connection: keep-alive
access-control-max-age: 86400
access-control-allow-origin: http://www.packdoor.sa.com
access-control-allow-methods: PATCH, DELETE, POST, HEAD, GET, OPTIONS, PUT
access-control-allow-headers: if-none-match, x-requested-with, if-modified-since, x-api-key, content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
api.getblueshift.com/unity.gif?t=1663001039&e=pageload&r=&z=370560&x=13c25a652e2a0c05cb06a3b1dba09a85&k=593d5382-aa5f-f02d-e5b3-491c384df2f7&u=http%3A%2F%2Fwww.packdoor.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D992793%26h%3DJXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM%2FZ00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
18.236.27.0200 OK 42 B URL HTTP/1.1 api.getblueshift.com/unity.gif?t=1663001039&e=pageload&r=&z=370560&x=13c25a652e2a0c05cb06a3b1dba09a85&k=593d5382-aa5f-f02d-e5b3-491c384df2f7&u=http%3A%2F%2Fwww.packdoor.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D992793%26h%3DJXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM%2FZ00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu
IP 18.236.27.0:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /unity.gif?t=1663001039&e=pageload&r=&z=370560&x=13c25a652e2a0c05cb06a3b1dba09a85&k=593d5382-aa5f-f02d-e5b3-491c384df2f7&u=http%3A%2F%2Fwww.packdoor.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D992793%26h%3DJXFGKpRGfpgyryi4ySE0NNyenVP7HoefG0LT_jX7jpM%2FZ00GI0IppNNRX3OZ9uCSUlrxPfQRhCokoYQILOInRmNOxsxYj_LRjYNflmTelYitNGXx6-pQg_mHZoy__bG112E_SxSuvpbCYUY5dKPBF7f_fss8lHXFBfsBwNUKVuKu HTTP/1.1
Host: api.getblueshift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Api-Key: 13c25a652e2a0c05cb06a3b1dba09a85
Origin: http://www.packdoor.sa.com
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 16:44:11 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
access-control-allow-origin: http://www.packdoor.sa.com
access-control-expose-headers: etag
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
static.hotjar.com/c/hotjar-1450693.js?sv=7
54.230.111.113200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-1450693.js?sv=7
IP 54.230.111.113:0
GET /c/hotjar-1450693.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.packdoor.sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 12 Sep 2022 16:43:53 GMT
cache-control: max-age=60
etag: W/0291b398af80fa6fc18a8b708dba3f3f
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: c8ESRsbOZABPm6X04LQBUK6en28JsI8hF1NvME2bRk8gMjXR4XACGw==
age: 16
X-Firefox-Spdy: h2