fdsygtnght.com/dofadd/?sitekey=616a2eda5fbffd7a&SID=3586ffccf4a84ef17b467bc10e65d16c&product_id=274366
207.120.33.44301 Moved Permanently 275 B URL HTTP/1.1 fdsygtnght.com/dofadd/?sitekey=616a2eda5fbffd7a&SID=3586ffccf4a84ef17b467bc10e65d16c&product_id=274366
IP 207.120.33.44:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4d3a86d3104856b71c33b3b51ae35210
0ee5ce91b430f4db0ed5800984020d49afe6ce19
0bfbb0397ece34bc932bd69844d752639e793f447695f01dcde9054dc5dca7ba
GET /dofadd/?sitekey=616a2eda5fbffd7a&SID=3586ffccf4a84ef17b467bc10e65d16c&product_id=274366 HTTP/1.1
Host: fdsygtnght.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 04:57:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 275
Connection: keep-alive
X-Varnish: 8670267
Location: https://fdsygtnght.com/dofadd/?sitekey=616a2eda5fbffd7a&SID=3586ffccf4a84ef17b467bc10e65d16c&product_id=274366
Retry-After: 5
section-io-id: b0655b9ce3c33dc60b1d0d20873ec1a8
firefox.settings.services.mozilla.com/v1/
54.230.111.65200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hFSgNChw_MydwkS1nhHmKMvIfeRqonjILIgEOwRrp91fAK9rJEXh2Q==
Age: 47415
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9744
Expires: Thu, 06 Oct 2022 07:39:57 GMT
Date: Thu, 06 Oct 2022 04:57:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1073a68ed38c8e3575e889224db944c
ee2a7a3e2da77a8540131f9ffaa0a20d4dd486bd
a9fb1f7ade7c8a79d2ee83e9b7215e66dc89ac733b11079297a8f4b9aceae1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9FB1F7ADE7C8A79D2EE83E9B7215E66DC89AC733B11079297A8F4B9ACEAE1F5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16059
Expires: Thu, 06 Oct 2022 09:25:12 GMT
Date: Thu, 06 Oct 2022 04:57:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +9DJEGaVTDbi+U4vvc3WOXCdo531VDozIDZiE0+udNL0xkWsLdX5tT4Uircz0apEgHAEHqgP7WA=
x-amz-request-id: SG1WN7AAWQ3B6N4E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 04:30:38 GMT
age: 1615
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 04:57:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dd5eff183562464a7afd5f9143dda9b5
e1f5a9929d6370326ea2ac433f4c983306c50e76
0caaeb8ac2c904f1bad71fa22077327930d8a50d5569876d2cab8db6b78f71df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0CAAEB8AC2C904F1BAD71FA22077327930D8A50D5569876D2CAB8DB6B78F71DF"
Last-Modified: Mon, 03 Oct 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21573
Expires: Thu, 06 Oct 2022 10:57:07 GMT
Date: Thu, 06 Oct 2022 04:57:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.65200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 04:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 06 Oct 2022 04:46:21 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vE43WAJsr7E34S7YT7vkJ7uiBKx7-zfabpnz5lULghA1UurJGyeXxQ==
Age: 1673
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5316
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 04:57:34 GMT
Last-Modified: Thu, 06 Oct 2022 03:28:58 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js
152.199.19.160200 OK 12 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js
IP 152.199.19.160:0
File type ASCII text, with very long lines (32405)
Hash 29aaadd88feae1cc97337661a34bb99f
bf5c684d3c1dbeb119557404136ba91ae45d07b5
d4af778947d9005af87a62b411f328d3512edc6f9594ee46f0a34a57e6ef3c95
GET /ajax/bootstrap/3.3.2/bootstrap.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fdsygtnght.com
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 24384664
cache-control: public,max-age=31536000
content-type: application/javascript
date: Thu, 06 Oct 2022 04:57:34 GMT
etag: "194598e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:58 GMT
server: ECAcc (ska/F68B)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 12247
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 04:57:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 04:57:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
142.250.74.106200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fdsygtnght.com
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 23:13:29 GMT
expires: Thu, 05 Oct 2023 23:13:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
age: 20645
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fdsygtnght.com/common_tpls/images/ajax-loader.gif
207.120.33.38200 OK 3.2 kB URL HTTP/2 fdsygtnght.com/common_tpls/images/ajax-loader.gif
IP 207.120.33.38:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash be1cede97289c13920048f238fd37b85
313b867d11fc0dd6bc6ca47c334bbcf18956ca76
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355
GET /common_tpls/images/ajax-loader.gif HTTP/1.1
Host: fdsygtnght.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fdsygtnght.com/dofadd/?sitekey=616a2eda5fbffd7a&SID=3586ffccf4a84ef17b467bc10e65d16c&product_id=274366
Cookie: PHPSESSID=3586ffccf4a84ef17b467bc10e65d16c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:34 GMT
content-type: image/gif
content-length: 3208
last-modified: Mon, 07 Oct 2013 22:49:23 GMT
etag: "52533a73-c88"
section-io-cache-id: c242d22371620c6a7eb99accc0ef323e
x-varnish: 9244735 8397352
age: 20843
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: be6d5af3a301d8aff10b400600aa1861
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-208203304-1
142.250.74.168200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-208203304-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (2039)
Hash be621191b6234e94fb2efd2603cb1a7f
1cb18e6a477206923ccfaf927adef6ed3a6ac7cb
fe62ce5637229504321d27031478968d649f9c946c69ceb1bf685a661e537677
GET /gtag/js?id=UA-208203304-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 06 Oct 2022 04:57:34 GMT
expires: Thu, 06 Oct 2022 04:57:34 GMT
cache-control: private, max-age=900
last-modified: Thu, 06 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42420
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fdsygtnght.com/common_tpls/images/cvv-visa.gif
207.120.33.38200 OK 10 kB URL HTTP/2 fdsygtnght.com/common_tpls/images/cvv-visa.gif
IP 207.120.33.38:0
File type GIF image data, version 89a, 259 x 181\012- data
Hash b61e0dd19d8380f60d8f1801a0811cc4
07448b05b4389e6cbde1df160daccc03c122df6b
fe43178cc763c4d8a188b8743fcb663ff67b6783b3639a622a8b053df03989d0
GET /common_tpls/images/cvv-visa.gif HTTP/1.1
Host: fdsygtnght.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fdsygtnght.com/dofadd/?sitekey=616a2eda5fbffd7a&SID=3586ffccf4a84ef17b467bc10e65d16c&product_id=274366
Cookie: PHPSESSID=3586ffccf4a84ef17b467bc10e65d16c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:34 GMT
content-type: image/gif
content-length: 10421
last-modified: Mon, 07 Oct 2013 22:49:23 GMT
etag: "52533a73-28b5"
section-io-cache-id: ca2ca61955cda3073330e06bab2fdca3
x-varnish: 8451502 8560741
age: 20894
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 3cbbf21670b26f906e2c9484428b87fb
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 04:57:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: M7V1vuH5sn+OkNDEvUXMvQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GYQ8wIkCVft/g7Gs+rxQ7fF/o0U=
fdsygtnght.com/common_tpls/js/validate_form_v2.js?jsv=26
207.120.33.38200 OK 6.2 kB URL HTTP/2 fdsygtnght.com/common_tpls/js/validate_form_v2.js?jsv=26
IP 207.120.33.38:0
Hash ef377514eeded4fb707bb124a0e8f1da
a719ad231d7c7a5c03f82428d7077d500216712a
6b6b05d3517e41d94909712c08fd86c4658ebcbe17e7d33029b8e1e989e02d9c
Analyzer Verdict Alert fortinet Phishing
GET /common_tpls/js/validate_form_v2.js?jsv=26 HTTP/1.1
Host: fdsygtnght.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fdsygtnght.com/dofadd/?sitekey=616a2eda5fbffd7a&SID=3586ffccf4a84ef17b467bc10e65d16c&product_id=274366
Cookie: PHPSESSID=3586ffccf4a84ef17b467bc10e65d16c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:34 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 04 Oct 2022 17:00:20 GMT
etag: W/"633c66a4-5feb"
section-io-cache-id: ce6a428b38fcf71ed217701ce6829f73
x-varnish: 8899025 7660484
age: 20894
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 8113164769d368ce05fcf3e583692ca7
X-Firefox-Spdy: h2
fdsygtnght.com/common_tpls/images/card_brand/ccLogo.png
207.120.33.38200 OK 3.5 kB URL HTTP/2 fdsygtnght.com/common_tpls/images/card_brand/ccLogo.png
IP 207.120.33.38:0
File type PNG image data, 100 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 1dfe29ecc79e8f04d9e6e8a87e228a76
35d16e8a8465feb8abd1b98411ff59e69e7db0ca
7e10d759aa6bca603fe983e531f620ae4db54257079f85c049eb10b8a574a14b
GET /common_tpls/images/card_brand/ccLogo.png HTTP/1.1
Host: fdsygtnght.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fdsygtnght.com/dofadd/?sitekey=616a2eda5fbffd7a&SID=3586ffccf4a84ef17b467bc10e65d16c&product_id=274366
Cookie: PHPSESSID=3586ffccf4a84ef17b467bc10e65d16c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:34 GMT
content-type: image/png
content-length: 3466
last-modified: Fri, 29 Apr 2022 14:18:41 GMT
etag: "626bf3c1-d8a"
section-io-cache-id: bfa74ab540eedf27b56ddf0f754e3bb3
x-varnish: 8899026 7985349
age: 13547
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: e158c207368fa1aba23677b13717fc23
X-Firefox-Spdy: h2
fdsygtnght.com/common_tpls/compactTokens/css/c4upgradeD.css
207.120.33.38200 OK 35 kB URL HTTP/2 fdsygtnght.com/common_tpls/compactTokens/css/c4upgradeD.css
IP 207.120.33.38:0
File type ASCII text, with very long lines (436)
Hash 57c2f141bdc7addf6ad6ee1826fe25ea
c5813f144e9bbac4e678ea578dee1b606f55d0f7
3dd7503e55f56e4811bfc766456d5bf68b38d752f2efc98451e4e073f764443a
GET /common_tpls/compactTokens/css/c4upgradeD.css HTTP/1.1
Host: fdsygtnght.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fdsygtnght.com/dofadd/?sitekey=616a2eda5fbffd7a&SID=3586ffccf4a84ef17b467bc10e65d16c&product_id=274366
Cookie: PHPSESSID=3586ffccf4a84ef17b467bc10e65d16c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:34 GMT
content-type: text/css
content-length: 35442
last-modified: Thu, 29 Apr 2021 19:43:40 GMT
etag: W/"608b0c6c-2e03d"
content-encoding: gzip
section-io-cache-id: edcabaa7e91ca4fd0daf96b4c517d38e
vary: Accept-Encoding
x-varnish: 9252793 8899971
age: 9339
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: c345fc9e6feb82d0520f77748d511c6b
X-Firefox-Spdy: h2
fdsygtnght.com/common_tpls/css/animate.min.css
207.120.33.38200 OK 6.6 kB URL HTTP/2 fdsygtnght.com/common_tpls/css/animate.min.css
IP 207.120.33.38:0
File type ASCII text, with very long lines (54696)
Hash bfc76ef8b7acb84ba71a9c86d1550bd6
584710e136922df85e3e1511bf34a96fa8e8ab1b
644cb612025371f9a35904715214a6d352cb22ea7f397b952b53d97bb37857d6
GET /common_tpls/css/animate.min.css HTTP/1.1
Host: fdsygtnght.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fdsygtnght.com/dofadd/?sitekey=616a2eda5fbffd7a&SID=3586ffccf4a84ef17b467bc10e65d16c&product_id=274366
Cookie: PHPSESSID=3586ffccf4a84ef17b467bc10e65d16c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:34 GMT
content-type: text/css
content-length: 6609
last-modified: Fri, 10 Jun 2016 19:09:48 GMT
etag: W/"575b107c-da24"
content-encoding: gzip
section-io-cache-id: d1569b024b59818a99a395ac0169085f
vary: Accept-Encoding
x-varnish: 8670280 7764175
age: 9339
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 0be38aaa51c39e2dd9ba606905d022a7
X-Firefox-Spdy: h2
fdsygtnght.com/common_tpls/compactML/img/cashu/mst_b.svg
207.120.33.38200 OK 1.2 kB URL HTTP/2 fdsygtnght.com/common_tpls/compactML/img/cashu/mst_b.svg
IP 207.120.33.38:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 7c9b9d497fbf8cf3fedf4a53f2d07988
10d09d19e27325fe5a30cd315512586cf966ca10
a4f5dd47e0e008f96278cd2a0e97e40afa5c5938290cfb69a0d1b35c20fcc103
Analyzer Verdict Alert fortinet Phishing
GET /common_tpls/compactML/img/cashu/mst_b.svg HTTP/1.1
Host: fdsygtnght.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fdsygtnght.com/dofadd/?sitekey=616a2eda5fbffd7a&SID=3586ffccf4a84ef17b467bc10e65d16c&product_id=274366
Cookie: PHPSESSID=3586ffccf4a84ef17b467bc10e65d16c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:34 GMT
content-type: image/svg+xml
content-length: 1241
last-modified: Fri, 29 May 2020 14:52:59 GMT
etag: "5ed121cb-4d9"
accept-ranges: bytes
x-varnish: 8799905
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: 80d0e69bf1053509bd15bf8b7e1d536b
X-Firefox-Spdy: h2
fdsygtnght.com/common_tpls/compactML/img/cashu/visa_b.svg
207.120.33.38200 OK 1.6 kB URL HTTP/2 fdsygtnght.com/common_tpls/compactML/img/cashu/visa_b.svg
IP 207.120.33.38:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (324), with CRLF line terminators
Hash 72f17eacdab2579f572e6f70841815d0
ae82eb863c1e221406eb47d76698a3ad357f8577
80342c7a1da0d1ab960235ce8570a0b05abee0d4ecd03168170895c5cce0a810
Analyzer Verdict Alert fortinet Phishing
GET /common_tpls/compactML/img/cashu/visa_b.svg HTTP/1.1
Host: fdsygtnght.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fdsygtnght.com/dofadd/?sitekey=616a2eda5fbffd7a&SID=3586ffccf4a84ef17b467bc10e65d16c&product_id=274366
Cookie: PHPSESSID=3586ffccf4a84ef17b467bc10e65d16c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:34 GMT
content-type: image/svg+xml
content-length: 1560
last-modified: Fri, 29 May 2020 14:52:59 GMT
etag: "5ed121cb-618"
accept-ranges: bytes
x-varnish: 9244736
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: cfcc6ab9357c25df1b621039642ec187
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
104.18.22.52200 OK 2.6 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
IP 104.18.22.52:0
File type ASCII text, with very long lines (27832)
Hash eaaabd3f60063923cd5333eb1d7a20a1
0da69706105e28896a1f6eeaa91d5bec1b82f7f1
f863309ec0ac675409167610ff9776fa9c7620d6ee3592cc0c19d0b883ff2f70
GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fdsygtnght.com/
Origin: https://fdsygtnght.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:34 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 211578
accept-ranges: bytes
server: cloudflare
cf-ray: 755bd1297fa0b524-OSL
X-Firefox-Spdy: h2
kit.fontawesome.com/83bab90c30.js
104.18.22.52200 OK 58 kB URL HTTP/2 kit.fontawesome.com/83bab90c30.js
IP 104.18.22.52:0
File type ASCII text, with very long lines (54322)
Hash 1da75411b25e66640361afdc1d83acb0
b5330a43833b960fa418abe106f1bae0424c5d54
8696d0e5e45f200396d2f6c1f397148fa4880d282a0dec24cc92e635ed314fde
GET /83bab90c30.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fdsygtnght.com
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:34 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FxtiA5Br0i-fqP5VRHhC
cf-cache-status: MISS
server: cloudflare
cf-ray: 755bd127aea0b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
104.18.22.52200 OK 4.2 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
IP 104.18.22.52:0
File type ASCII text, with very long lines (26366)
Hash 7fd743485fa194e25e2a207bff6c258a
97c999d752b95ee1ed6271a29aa58109dc17281e
dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc
GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fdsygtnght.com/
Origin: https://fdsygtnght.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:34 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 211578
accept-ranges: bytes
server: cloudflare
cf-ray: 755bd1296f9eb524-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=83bab90c30
104.18.22.52200 OK 4.2 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=83bab90c30
IP 104.18.22.52:0
File type ASCII text, with very long lines (26366)
Hash 7fd743485fa194e25e2a207bff6c258a
97c999d752b95ee1ed6271a29aa58109dc17281e
dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc
GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=83bab90c30 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fdsygtnght.com/
Origin: https://fdsygtnght.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:35 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 755bd1297fa4b524-OSL
X-Firefox-Spdy: h2
fdsygtnght.com/common_tpls/js/wow.min.js
207.120.33.38200 OK 10 kB URL HTTP/2 fdsygtnght.com/common_tpls/js/wow.min.js
IP 207.120.33.38:0
Hash ebbadc4a2bcea8da3f2a1454cc6d9a61
36d1fe2430e337f7e0c1bfd49b496dcd23694629
3c3a08fef2396a78aafa19cc99c9bce253f2c096177e1695defd32b97ea54810
Analyzer Verdict Alert fortinet Phishing
GET /common_tpls/js/wow.min.js HTTP/1.1
Host: fdsygtnght.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fdsygtnght.com/dofadd/?sitekey=616a2eda5fbffd7a&SID=3586ffccf4a84ef17b467bc10e65d16c&product_id=274366
Cookie: PHPSESSID=3586ffccf4a84ef17b467bc10e65d16c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:34 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 10 Jun 2016 19:09:48 GMT
etag: W/"575b107c-1ff6"
section-io-cache-id: 23e28e9293a32923b3360f397eb769ed
x-varnish: 8799907 7665242
age: 9339
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 546c55860b190b55ef20a3184d8c180f
X-Firefox-Spdy: h2
kit.fontawesome.com/b314bdf1b3.js
104.18.22.52200 OK 58 kB URL HTTP/2 kit.fontawesome.com/b314bdf1b3.js
IP 104.18.22.52:0
File type ASCII text, with very long lines (54322)
Hash d04ab01f6c5f0fe7c725b11894a5fc19
b521d532a1f5edab45e9ee81e8142cf25d9e7877
bba0bfb776b9bdb3711d3c3af4bf941892c27850d26c8aaff39feaa81ae7b2cc
GET /b314bdf1b3.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fdsygtnght.com
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:34 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FxqhPkS3EeYZPMt-XkKh
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 755bd127ae9fb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 04:57:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 04:57:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc9.ttf
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc9.ttf
IP 216.58.207.195:0
File type TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto MediumRegularVersion 2.137; 2017Roboto-Med\012- data
Hash 616162505562da6dd7d3fe8a88a6a1d9
70dd3d073d70303067a5ebe333a4b5f2a127ce77
44897b4874c9a361177e9422bf3f7436b096e9710d76a1b447e9ac54291fd906
GET /s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc9.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fdsygtnght.com
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20911
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 06:55:15 GMT
expires: Wed, 04 Oct 2023 06:55:15 GMT
cache-control: public, max-age=31536000
age: 165740
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxP.ttf
216.58.207.195200 OK 68 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxP.ttf
IP 216.58.207.195:0
File type TrueType Font data, 22 tables, 1st "GDEF", 50 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 3.004; 2020Roboto-Regularhtt\012- data
Hash 6b83ffc2e7cd43247f91f2f00f3c9619
c1f4f5e233bd1483ebe0b014dbddd0fe36c9b854
505bc6d5bfa099bc25d58aac817cc9c71ba85b6b4e5e930e23d586f6d687c717
GET /s/roboto/v27/KFOmCnqEu92Fr1Mu4mxP.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fdsygtnght.com
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 68223
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 07:49:42 GMT
expires: Fri, 29 Sep 2023 07:49:42 GMT
cache-control: public, max-age=31536000
age: 594473
last-modified: Tue, 21 Sep 2021 23:13:53 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 04:57:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc9.ttf
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc9.ttf
IP 216.58.207.195:0
File type TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto LightRegularVersion 2.137; 2017Roboto-Ligh\012- data
Hash 875dbeec32ddbb9dd4142c95af4ef75a
a7835b96de409dfe14d112e864339ae9a14fa206
3a8723f3973aed8a7a8cdbe91914f0c69c4c1da55ee60a8ab5a9eade58bacdfd
GET /s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc9.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fdsygtnght.com
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20814
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 18:20:28 GMT
expires: Mon, 02 Oct 2023 18:20:28 GMT
cache-control: public, max-age=31536000
age: 297427
last-modified: Mon, 05 Apr 2021 21:10:41 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc9.ttf
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc9.ttf
IP 216.58.207.195:0
File type TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoBoldRoboto BoldVersion 2.137; 2017Roboto-Bo\012- data
Hash e33c42604152499bd05b70b7969ba1a1
c45c45512da469bdefa0858d01a3d18e5d23d51b
c4ddf75e9c8f38bdf3b676c81f8431578e9df591fa265558b4baa84dccda2696
GET /s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc9.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fdsygtnght.com
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20778
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 03:47:49 GMT
expires: Tue, 03 Oct 2023 03:47:49 GMT
cache-control: public, max-age=31536000
age: 263386
last-modified: Mon, 05 Apr 2021 21:10:45 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fdsygtnght.com/common_tpls/js/iframeResizer.contentWindow.min.js
207.120.33.38200 OK 36 kB URL HTTP/2 fdsygtnght.com/common_tpls/js/iframeResizer.contentWindow.min.js
IP 207.120.33.38:0
File type ASCII text, with very long lines (42914)
Hash 525262514308847d704894f7cf6fcbee
86d118fcf48496d11266ad8a8d05017595a68e62
29c5bdb5b406eb399df9bea861b81db68400ff38aa6ae4992e9053095f73dd27
Analyzer Verdict Alert fortinet Phishing
GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: fdsygtnght.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fdsygtnght.com/dofadd/?sitekey=616a2eda5fbffd7a&SID=3586ffccf4a84ef17b467bc10e65d16c&product_id=274366
Cookie: PHPSESSID=3586ffccf4a84ef17b467bc10e65d16c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:34 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2016 15:06:03 GMT
etag: W/"56b368db-3445"
section-io-cache-id: 73e2126805a6c91b672f05868a43c4be
x-varnish: 9309936 7660505
age: 20891
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: a66b4c9552ad19f333d93d659f9d3f44
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.11.woff2
104.18.22.52200 OK 4.0 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.11.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 3960, version 331.-31196\012- data
Hash 355c8968defbaf0564bdbba6d41b320f
97bf69a3c7750997caa05e9b20f49739841f0a95
a99869e51e3c5a515bb290ca6f1aa885a2feac8d58984a5e39dd3030e663f9e5
GET /releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.11.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fdsygtnght.com
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:35 GMT
content-type: font/woff2
content-length: 3960
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae35c-f78"
last-modified: Wed, 04 Aug 2021 18:58:36 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 211579
accept-ranges: bytes
server: cloudflare
cf-ray: 755bd12b98eab524-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.9.woff2
104.18.22.52200 OK 7.7 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.9.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 7732, version 331.-31196\012- data
Hash e626d400db3ab37ee6dbdde07b490ced
7c6baebac33353aab4ca0ca5a0caaa0c6a9e770b
b7fb99816108e6e66c7d6d5c3bc0fc270cd4875ec80c68685442dd102ae7acd2
GET /releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.9.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fdsygtnght.com
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:35 GMT
content-type: font/woff2
content-length: 7732
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae35d-1e34"
last-modified: Wed, 04 Aug 2021 18:58:37 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 755bd12bc904b524-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.6.0.woff2
104.18.22.52200 OK 10 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.6.0.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 10280, version 331.-31196\012- data
Hash f66d9938a5cb171b9ca08b2bcd334b1f
3fc8fe2898c63fc6b1f48ff5404d68a7ef446f32
889d04807befa3a57255f4e49352eb64e1debab4134e8c20395a701b899aa579
GET /releases/v5.15.4/webfonts/pro-fa-regular-400-5.6.0.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fdsygtnght.com
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:35 GMT
content-type: font/woff2
content-length: 10280
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae35f-2828"
last-modified: Wed, 04 Aug 2021 18:58:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 755bd12bc906b524-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.13.woff2
104.18.22.52200 OK 6.0 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.13.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 5964, version 331.-31196\012- data
Hash 8546b825eb71e91047604d1689b1334a
c9cf37b39f802db4058fdaa8ca75d5729f7778ab
ef8f8838ef61f54522e3b369a8f43c0512750407a421a7e10354cfead7f5da48
GET /releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.13.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fdsygtnght.com
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:35 GMT
content-type: font/woff2
content-length: 5964
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae360-174c"
last-modified: Wed, 04 Aug 2021 18:58:40 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 755bd12bc90ab524-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.10.2.woff2
104.18.22.52200 OK 16 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.10.2.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 16248, version 331.-31196\012- data
Hash 054b33973fedb68ef21f74b9d142acb4
a35f1a776ba0fd2089c0868f62b51a240782e75d
e272d442a9319692de4cc42fa2de41167f7f3731f247aa94399e07230f2ae46f
GET /releases/v5.15.4/webfonts/pro-fa-regular-400-5.10.2.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fdsygtnght.com
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:35 GMT
content-type: font/woff2
content-length: 16248
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae35d-3f78"
last-modified: Wed, 04 Aug 2021 18:58:37 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 755bd12bc908b524-OSL
X-Firefox-Spdy: h2
fdsygtnght.com/favicon.ico
207.120.33.38404 Not Found 9.0 kB URL HTTP/2 fdsygtnght.com/favicon.ico
IP 207.120.33.38:0
Hash ce4a698ef835b5ef8560817f21042cde
1e5da3cd092c1b6d5969d7be0d489ba609936b98
dad077ec5fbff2b807b0dfc5f19f3d251123cac6f556f5cb8d83795ee03de598
GET /favicon.ico HTTP/1.1
Host: fdsygtnght.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fdsygtnght.com/dofadd/?sitekey=616a2eda5fbffd7a&SID=3586ffccf4a84ef17b467bc10e65d16c&product_id=274366
Cookie: PHPSESSID=3586ffccf4a84ef17b467bc10e65d16c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 06 Oct 2022 04:57:35 GMT
content-type: text/html
vary: Accept-Encoding
x-varnish: 8799912 7995266
age: 56
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 68fd0b8f13ada38b60a1e6a57b8cd002
X-Firefox-Spdy: h2
fdsygtnght.com/common_tpls/compactTokens/less/c4upgrf2/fonts/slick.woff
207.120.33.38200 OK 7.7 kB URL HTTP/2 fdsygtnght.com/common_tpls/compactTokens/less/c4upgrf2/fonts/slick.woff
IP 207.120.33.38:0
Hash ede1d88b0f44c8642990a5a64438318e
d8707a24d7b4a50bfbd22f3f28bc83640f9687f0
62aee469ac8f7265e06c2a2783d466e67dfba13855119f17dac68d66094230df
Analyzer Verdict Alert fortinet Phishing
GET /common_tpls/compactTokens/less/c4upgrf2/fonts/slick.woff HTTP/1.1
Host: fdsygtnght.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://fdsygtnght.com/common_tpls/compactTokens/css/c4upgradeD.css
Cookie: PHPSESSID=3586ffccf4a84ef17b467bc10e65d16c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:35 GMT
content-type: application/font-woff
content-length: 1380
last-modified: Thu, 11 Jul 2019 19:01:00 GMT
etag: "5d27876c-564"
section-io-cache-id: ed688f93f73bf28e143437144851d408
x-varnish: 9196243 9210414
age: 13535
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 23f7804329e51dc4d09b4d09e8a2875f
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.11.woff2
104.18.22.52200 OK 3.2 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.11.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 3180, version 331.-31196\012- data
Hash 2dc6cffe9cc9fdda8734b48e4b49fd64
4e48901debac80981630a7fbb2a9d4ce7b611109
7cc42a9f8bf43bf7414d6f762c756fad09d90134bab450e423902af5facd2408
GET /releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.11.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fdsygtnght.com
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:35 GMT
content-type: font/woff2
content-length: 3180
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae360-c6c"
last-modified: Wed, 04 Aug 2021 18:58:40 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 755bd12c5965b524-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.10.2.woff2
104.18.22.52200 OK 13 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.10.2.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 13268, version 331.-31196\012- data
Hash 4a18bee89aa2256ef1c2cc9380552229
ff12ccbac7df0ff36d29ce91b42c43d5fd662cf6
46fa33cc9340603e767415c1829c08b91f3a3680b9800047dbc1bda91b8eb0ac
GET /releases/v5.15.4/webfonts/pro-fa-solid-900-5.10.2.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fdsygtnght.com
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:35 GMT
content-type: font/woff2
content-length: 13268
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae361-33d4"
last-modified: Wed, 04 Aug 2021 18:58:41 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 755bd12cc99fb524-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-brands-400-5.0.0.woff2
104.18.22.52200 OK 38 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-brands-400-5.0.0.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 37796, version 331.-31196\012- data
Hash 6cdf281bc8af0068561fe6aa361a6a0b
4b11f830ee1b852b8aa46ea7e4cfe709a327bf58
49fd3e0c64f247cf56cb828bc37b88cf139df6e5c7bb4c3a4507f740e9a52c17
GET /releases/v5.15.4/webfonts/pro-fa-brands-400-5.0.0.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fdsygtnght.com
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:35 GMT
content-type: font/woff2
content-length: 37796
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae351-93a4"
last-modified: Wed, 04 Aug 2021 18:58:25 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 211579
accept-ranges: bytes
server: cloudflare
cf-ray: 755bd12d39eeb524-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2
104.18.22.52200 OK 20 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 19784, version 331.-31196\012- data
Hash c7682b8035fc1d1672d6455631813794
9e2955e5e55b3073e229c218724406425862d4a1
1b50aa1d36ea249991fb44f8f6ad2aa74fe360df9cc04c564b5edf3b053b739c
GET /releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fdsygtnght.com
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:35 GMT
content-type: font/woff2
content-length: 19784
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae35f-4d48"
last-modified: Wed, 04 Aug 2021 18:58:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 755bd12d39ecb524-OSL
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.86.137200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 06 Oct 2022 04:57:35 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 387
x-timer: S1665032256.704706,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=2237&ck=1&ref=https://fdsygtnght.com/dofadd/&ap=78&be=1131&fe=2154&dc=1557&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1665032253482,%22n%22:0,%22f%22:295,%22dn%22:303,%22dne%22:305,%22c%22:305,%22s%22:410,%22ce%22:689,%22rq%22:689,%22rp%22:1010,%22rpe%22:1010,%22dl%22:1045,%22di%22:1546,%22ds%22:1556,%22de%22:1560,%22dc%22:2153,%22l%22:2154,%22le%22:2158%7D,%22navigation%22:%7B%7D%7D&fcp=1477&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=2237&ck=1&ref=https://fdsygtnght.com/dofadd/&ap=78&be=1131&fe=2154&dc=1557&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1665032253482,%22n%22:0,%22f%22:295,%22dn%22:303,%22dne%22:305,%22c%22:305,%22s%22:410,%22ce%22:689,%22rq%22:689,%22rp%22:1010,%22rpe%22:1010,%22dl%22:1045,%22di%22:1546,%22ds%22:1556,%22de%22:1560,%22dc%22:2153,%22l%22:2154,%22le%22:2158%7D,%22navigation%22:%7B%7D%7D&fcp=1477&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=2237&ck=1&ref=https://fdsygtnght.com/dofadd/&ap=78&be=1131&fe=2154&dc=1557&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1665032253482,%22n%22:0,%22f%22:295,%22dn%22:303,%22dne%22:305,%22c%22:305,%22s%22:410,%22ce%22:689,%22rq%22:689,%22rp%22:1010,%22rpe%22:1010,%22dl%22:1045,%22di%22:1546,%22ds%22:1556,%22de%22:1560,%22dc%22:2153,%22l%22:2154,%22le%22:2158%7D,%22navigation%22:%7B%7D%7D&fcp=1477&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:57:35 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 755bd12e8d330af6-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=adb67ce040ad640d; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5349
Expires: Thu, 06 Oct 2022 06:26:45 GMT
Date: Thu, 06 Oct 2022 04:57:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: e5d0bb7a-b9d5-49b1-b51c-8db019da641f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQOGEQloAMFjgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa5a-519d91fb0b83920960da479d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:42:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: l1HGT5ycH36vVojsOPFptRSU1YJFvLbBsgiWJqzRlRIGgm2o5vf6jg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:58:56 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 25120
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e949d36-f543-4757-9bc2-dbfc1a880438.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e949d36-f543-4757-9bc2-dbfc1a880438.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2d931d10ab5596a26616db46797f248
03bc7fa2fe6a4b291dc3ffb3ace50e21cf6478f4
15ac08b069bf5128c8def9d261ce1bd3834fbe7bbb17c49b69c07330a9f325fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e949d36-f543-4757-9bc2-dbfc1a880438.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7597
x-amzn-requestid: 1c7002f7-2369-4547-82ff-b873f7b055b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmFarIAMFTtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-785f9ddd7c8485be32388494;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9EP_hd2oRC9R-2ihddWSJIUV5xTGSiUOxNfAypAFXtiyU6ofgKVGzw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 04:26:45 GMT
age: 1851
etag: "03bc7fa2fe6a4b291dc3ffb3ace50e21cf6478f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 03:50:38 GMT
age: 4018
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbffd8689-87c3-4efb-b880-4109e3dc9294.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbffd8689-87c3-4efb-b880-4109e3dc9294.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 72ad6f9b79e7a3d11e3ace6b0e969614
a9cd62230d4aabfcc2e8b2494e687d854254113e
1d59cd22b3316da6f1d44076089ba983faed5327d174ddb3cb3d58f487ccae51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbffd8689-87c3-4efb-b880-4109e3dc9294.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7919
x-amzn-requestid: 01497827-07e5-4129-abf2-120b00eed8c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPs5F1LoAMF8Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df985-4b0c175142a6ace915d5e5d2;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: QElSCxuAj2dM9Psp2_fPTSi1goaNKkylf7D9ITOplorOFLIGIV332g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:52:46 GMT
age: 25490
etag: "a9cd62230d4aabfcc2e8b2494e687d854254113e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbba56f647bf5989ca51863632bbebfc
26694f34166345ee5693653e0101db6b910e68ba
ec5cc38f2a77e8e655aeeb7a376cf882ccb7163e4ef9d1ce4633ab4754e48765
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4140
x-amzn-requestid: f3cb33c4-26b6-4fd8-9293-dfb42be34600
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZiEZ4IAMFvLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-424459547db8b3d721d75e54;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: q70sezhl0h-lASzUDh5_WQ6KraRa3fWYl_tO0iuE0CpbJ5GeiihgMw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
etag: "26694f34166345ee5693653e0101db6b910e68ba"
content-type: image/jpeg
age: 26430
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6646df0-31a7-4c5a-8148-5fe9e20f3baf.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6646df0-31a7-4c5a-8148-5fe9e20f3baf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b5958f828ccc16a41b22d9ae812bccfc
f350f295dd70152712162d4be5b3b5f0d12cde57
230d7d8e570e433d18ec53b6ca114e2a206e8c265c0c66d73388c49db5c91c64
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6646df0-31a7-4c5a-8148-5fe9e20f3baf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9338
x-amzn-requestid: 4ca2eb3c-eba4-43a4-b79a-89546da3d660
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQBfG7soAMF9cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa09-1b5bd53052718f620b920a00;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:41:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 6pHftE0vUMqrH2NR_7DzrWlnD0yal7BkAfee7UeVG7DKZNEAYRa9HQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:03:23 GMT
age: 24853
etag: "f350f295dd70152712162d4be5b3b5f0d12cde57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=2449&ck=1&ref=https://fdsygtnght.com/dofadd/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=2449&ck=1&ref=https://fdsygtnght.com/dofadd/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=2449&ck=1&ref=https://fdsygtnght.com/dofadd/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 797
Origin: https://fdsygtnght.com
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:57:36 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 755bd12fadc70af6-OSL
Access-Control-Allow-Origin: https://fdsygtnght.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
fdsygtnght.com/common_tpls/js/form_support.js?v=1516308712
207.120.33.38200 OK 0 B URL HTTP/2 fdsygtnght.com/common_tpls/js/form_support.js?v=1516308712
IP 207.120.33.38:0
Analyzer Verdict Alert fortinet Phishing
GET /common_tpls/js/form_support.js?v=1516308712 HTTP/1.1
Host: fdsygtnght.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fdsygtnght.com/dofadd/?sitekey=616a2eda5fbffd7a&SID=3586ffccf4a84ef17b467bc10e65d16c&product_id=274366
Cookie: PHPSESSID=3586ffccf4a84ef17b467bc10e65d16c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:34 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 03 Oct 2022 16:43:12 GMT
etag: W/"633b1120-6a5"
section-io-cache-id: 79d0f4062119a42aa9749bdbdc3be052
x-varnish: 8451501 8438566
age: 14332
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 402b5aa52ea919988bcc46b3d9962968
X-Firefox-Spdy: h2
use.fontawesome.com/6efad30d05.js
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/6efad30d05.js
IP 172.64.133.15:0
GET /6efad30d05.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fdsygtnght.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:34 GMT
content-type: text/javascript
x-amz-id-2: SLwmeutq/VZmRbSP4CFQOcqKZNX/oRUh7jGA+5atg89VEvXBSkQZyB6DOUL414ektz3likGr1GU=
x-amz-request-id: X391DB9SK2HNPY3S
last-modified: Wed, 30 Jun 2021 20:33:54 GMT
etag: W/"762ab21c0ef83a0bd65ab5c90a66ea25"
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcRAkJUgVslMtkK6sFxS%2F6dOa0g60q2RJJHPBfRsGd9Z7HUZdR0jCJpYYphuwW57nB7ZZQ424svFEeRu8j%2BYFwE4iyeoLAYcEvPgxOk07WMbYqU4EkZBKIjXCDlNB4BbmvrGvlpR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755bd127dc7d8861-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fdsygtnght.com/dofadd/?sitekey=616a2eda5fbffd7a&SID=3586ffccf4a84ef17b467bc10e65d16c&product_id=274366
207.120.33.38200 OK 0 B URL HTTP/2 fdsygtnght.com/dofadd/?sitekey=616a2eda5fbffd7a&SID=3586ffccf4a84ef17b467bc10e65d16c&product_id=274366
IP 207.120.33.38:0
GET /dofadd/?sitekey=616a2eda5fbffd7a&SID=3586ffccf4a84ef17b467bc10e65d16c&product_id=274366 HTTP/1.1
Host: fdsygtnght.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:57:34 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=3586ffccf4a84ef17b467bc10e65d16c; path=/; secure; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 8451496
age: 0
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Miss
section-io-id: 45a2b0f839f4ad2d59291f62fa2f25ce
X-Firefox-Spdy: h2
fdsygtnght.com/common_tpls/compactTokens/css/ajax-loader.gif
207.120.33.38404 Not Found 0 B URL HTTP/2 fdsygtnght.com/common_tpls/compactTokens/css/ajax-loader.gif
IP 207.120.33.38:0
GET /common_tpls/compactTokens/css/ajax-loader.gif HTTP/1.1
Host: fdsygtnght.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fdsygtnght.com/common_tpls/compactTokens/css/c4upgradeD.css
Cookie: PHPSESSID=3586ffccf4a84ef17b467bc10e65d16c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 06 Oct 2022 04:57:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=0c34f6e820b297dbedacdb99731d8552; path=/; secure; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: ALLOW-FROM https://findingeasygoingsinglestonight.com
content-security-policy: frame-ancestors https://findingeasygoingsinglestonight.com
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 9252796
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: 951747af32d4a9b96d52f20cf1050fbe
X-Firefox-Spdy: h2