firefox.settings.services.mozilla.com/v1/
54.230.111.118200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hwy1WV-pvdUUXo8ref1Q2QDt33uCjMxr3Nv5HbIWpnGqnyEHRHDqDQ==
Age: 232910
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cf768e41672570b0a4a9fe86045915fc
2249064a86b2ba11e28208b9fba1c9f1db4f3e9e
a049499f78078df12f4d1c5180f1f36715a5c99db4f31c18ee06bcf0b6382b30
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A049499F78078DF12F4D1C5180F1F36715A5C99DB4F31C18EE06BCF0B6382B30"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17270
Expires: Sat, 08 Oct 2022 13:16:58 GMT
Date: Sat, 08 Oct 2022 08:29:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5194
Expires: Sat, 08 Oct 2022 09:55:42 GMT
Date: Sat, 08 Oct 2022 08:29:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xEZ3s3RGtQrRq86ZHym2eyRd+h2A9etpO0ZKfc1dT6FqshgWiFI8cwGyTUPCai3AW3oB/qxrFdU=
x-amz-request-id: 9GK4D0VEV5R2J1EH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 08 Oct 2022 07:31:32 GMT
age: 3456
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 08:29:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
66.84.30.17200 OK 17 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
IP 66.84.30.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1920), with CRLF line terminators
Hash 93725c706eda8c42b41bcca4d3e64969
72011789b5cc39176eebb2fe5eeeefc1fbcf362b
5668f66541c53b709dc5b04fc475dab7bb8251b3ebf7a2274a2eaa0db53992ef
GET /menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113 HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 08:29:08 GMT
Server: Apache
Last-Modified: Tue, 23 Aug 2022 21:31:12 GMT
Accept-Ranges: bytes
Content-Length: 16803
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/tracking-aws.js
66.84.30.17200 OK 2.5 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/tracking-aws.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (2546), with no line terminators
Hash 576b123770b3c1ada8d4260344726960
c8716f7d0fe73d9edf5ec333e9fc5500f7543fe9
11da464f86f5ff9850e1ef53dd13336cfbfd38a8f3808d7826d0c1a2d925563f
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/tracking-aws.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 08:29:09 GMT
Server: Apache
Last-Modified: Tue, 23 Aug 2022 21:31:12 GMT
Accept-Ranges: bytes
Content-Length: 2546
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/vm-login-form-ad.js
66.84.30.17200 OK 8.8 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/vm-login-form-ad.js
IP 66.84.30.17:0
Hash 0318627f2adf5aafb9520d94f30749a4
643454397eddf53c58e6766f58a519b0b444592c
1bdca04f41b797a00f1ac403070d6ea18a459754c41d383ffddf5b0991f04d9d
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/vm-login-form-ad.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 08:29:09 GMT
Server: Apache
Last-Modified: Tue, 23 Aug 2022 21:31:12 GMT
Accept-Ranges: bytes
Content-Length: 8775
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/data.json
66.84.30.17200 OK 169 B URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/data.json
IP 66.84.30.17:0
File type ASCII text, with no line terminators
Hash d64e6c5a8ce0f0383b88a1be77b053ee
a316ca3df9822a7e638623d92e5aeacb3f4e3a2e
c3d83128029acb4b1c9ae295ea823c9adb93e1cfa1e81d200e30adba82b3d4d3
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/data.json HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 08:29:09 GMT
Server: Apache
Last-Modified: Tue, 23 Aug 2022 21:31:12 GMT
Accept-Ranges: bytes
Content-Length: 169
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/json
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.118200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sat, 08 Oct 2022 07:29:41 GMT
Cache-Control: max-age=3600
Expires: Sat, 08 Oct 2022 08:22:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xhTP7JNSEG59Ja3LR8VrkVWagvJmtwOdT7jO0bzvviwVWr8QRD1K4Q==
Age: 3568
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/1011719316x32.js
66.84.30.17200 OK 1.7 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/1011719316x32.js
IP 66.84.30.17:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (433)
Hash fa05120ba52f7ee87e3521b726d66fd0
d7ba5ed4796a436e942afac492ec02c4d9796e17
55b2a74a7498140a0e3d2e62e00a967fffac9a908c326d2294a1b37c0fb8b2f3
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/1011719316x32.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 08:29:09 GMT
Server: Apache
Last-Modified: Tue, 23 Aug 2022 21:31:12 GMT
Accept-Ranges: bytes
Content-Length: 1723
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/fonts-remote.css
66.84.30.17200 OK 3.2 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/fonts-remote.css
IP 66.84.30.17:0
File type ASCII text, with very long lines (3243), with no line terminators
Hash 709e5291d3bbec4524a53edf4c343352
de3799da5fc172ae2a76c5b4716b1f621ae3c2c6
25910ca8aaacdd039f7e596b4f446ac4c71f67ff3911d5969dfba9b7f1a6688f
GET /menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/fonts-remote.css HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 08:29:09 GMT
Server: Apache
Last-Modified: Tue, 23 Aug 2022 21:31:12 GMT
Accept-Ranges: bytes
Content-Length: 3243
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/rta.js
66.84.30.17404 Not Found 315 B URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/rta.js
IP 66.84.30.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/rta.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
HTTP/1.1 404 Not Found
Date: Sat, 08 Oct 2022 08:29:09 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/ttj
66.84.30.17200 OK 7.4 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/ttj
IP 66.84.30.17:0
File type HTML document, ASCII text, with very long lines (7387), with no line terminators
Hash 89cf9988d16c15d5919e2efdeb341003
6554b529e37e27af64a11b0d3507073ca05fb822
0f108c7122c218a486594e6ddd029c00844979992aa9d7b00ea9d3816a3e5be5
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/ttj HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 08:29:09 GMT
Server: Apache
Last-Modified: Tue, 23 Aug 2022 21:31:12 GMT
Accept-Ranges: bytes
Content-Length: 7387
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/lodash-slim.js
66.84.30.17200 OK 23 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/lodash-slim.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (1486)
Hash 542a4d4d47e89ca290d850a6a0ae09b4
56445e16057d5b725ae11f5e85db661120515299
49d0c079f8431833fb59275e68a7db8b9215dc52068ff63c179e32dfe618a8c4
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/lodash-slim.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 08:29:09 GMT
Server: Apache
Last-Modified: Tue, 23 Aug 2022 21:31:12 GMT
Accept-Ranges: bytes
Content-Length: 23346
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d6c404502c7987174a84d8f0a3efab23
fc3a3f6d63acab3f659fb3536b65fd8564ec8628
94b5693df873bd923ffbf31f576fff01d2628e5796af4c6b91306a743e27d19b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6001
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 08:29:09 GMT
Last-Modified: Sat, 08 Oct 2022 06:49:08 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/scripts-responsive.js
66.84.30.17200 OK 7.3 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/scripts-responsive.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (7303), with no line terminators
Hash e98c1a1adf5539adda926dc57b56df92
3024e9e83dc44d9d9e6e7b1437110d68ca80e54f
aceb470e2f0767fe13270d4f84dc14e347889dd34762dd6eb095db9581051e89
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/scripts-responsive.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 08:29:09 GMT
Server: Apache
Last-Modified: Tue, 23 Aug 2022 21:31:12 GMT
Accept-Ranges: bytes
Content-Length: 7303
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/tracking-DTM.js
66.84.30.17200 OK 1.6 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/tracking-DTM.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (1624), with no line terminators
Hash 1fb3947058db50b6b3d0487328e3f86e
471f8733093ede4b0e075751bb89e0678d06a4f1
0df906e16d1ed57a686d542ac0e7a620eafb715c12ee0a0c648653b569e72a9b
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/tracking-DTM.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 08:29:09 GMT
Server: Apache
Last-Modified: Tue, 23 Aug 2022 21:31:12 GMT
Accept-Ranges: bytes
Content-Length: 1624
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/styles-light.css
66.84.30.17200 OK 45 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/styles-light.css
IP 66.84.30.17:0
File type ASCII text, with very long lines (45103), with no line terminators
Hash 0a0b49b52b3291d6b49b7713c4a4118d
8e720bff1874620ef556512d3c690c69da3c3255
e9838dd96e607f7db82a919db47ac8ead355133b2a0ac312517d76b1a9b47266
GET /menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/styles-light.css HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 08:29:09 GMT
Server: Apache
Last-Modified: Tue, 23 Aug 2022 21:31:12 GMT
Accept-Ranges: bytes
Content-Length: 45103
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/tracking.js
66.84.30.17200 OK 15 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/tracking.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (14942)
Hash d8c65cf89a55791f45cf6eba34c0a6e9
05bf019faf116dfd1a9811a806e5bd0639d83c45
d1e2dfc4882d3951f8b5ce26f342fdbd83dcfc7c5d53cc455dc3703b706fc7c2
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/tracking.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 08:29:09 GMT
Server: Apache
Last-Modified: Tue, 23 Aug 2022 21:31:12 GMT
Accept-Ranges: bytes
Content-Length: 14964
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/jquery-3.js
66.84.30.17200 OK 87 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/jquery-3.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/jquery-3.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 08:29:09 GMT
Server: Apache
Last-Modified: Tue, 23 Aug 2022 21:31:12 GMT
Accept-Ranges: bytes
Content-Length: 86927
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
66.84.30.17200 OK 129 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (32748)
Size 129 kB (129056 bytes)
Hash 01221af4231ddeec15ca85739ffc766c
f61a3d6cf1fc6262b0c1e9b8bad2c9d56dca1702
eab642baf412d4de18d20788e3784c47927549da84c4f0b5a0f6865fdbfb61a3
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 08:29:09 GMT
Server: Apache
Last-Modified: Tue, 23 Aug 2022 21:31:12 GMT
Accept-Ranges: bytes
Content-Length: 129056
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
push.services.mozilla.com/
35.161.231.36101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.231.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7BjXlxjW8O5e31jRt7vdlQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fH6aie8TDNMhbLdQh+nE4DyoQl8=
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/moatad.js
66.84.30.17200 OK 276 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/moatad.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (761)
Size 276 kB (275951 bytes)
Hash 62628dc07dedc3f2a479575c2de3c899
a2e5f0a77a4df50476072170a47af42b28bcba02
2a150284ec831c47369e543eaaf6b57e2cbfc5102ff7d147efd3e12f26d53eaa
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/moatad.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 08:29:09 GMT
Server: Apache
Last-Modified: Tue, 23 Aug 2022 21:31:12 GMT
Accept-Ranges: bytes
Content-Length: 275951
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/6d6e5a4b50313176614c77414143627a.gif
66.84.30.17200 OK 43 B URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/6d6e5a4b50313176614c77414143627a.gif
IP 66.84.30.17:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/6d6e5a4b50313176614c77414143627a.gif HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 08:29:09 GMT
Server: Apache
Last-Modified: Tue, 23 Aug 2022 21:31:12 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/event.gif
66.84.30.17200 OK 42 B URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/event.gif
IP 66.84.30.17:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/event.gif HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 08:29:09 GMT
Server: Apache
Last-Modified: Tue, 23 Aug 2022 21:31:12 GMT
Accept-Ranges: bytes
Content-Length: 42
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/u.gif
66.84.30.17200 OK 42 B URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/u.gif
IP 66.84.30.17:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/u.gif HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 08:29:09 GMT
Server: Apache
Last-Modified: Tue, 23 Aug 2022 21:31:12 GMT
Accept-Ranges: bytes
Content-Length: 42
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/rta.js
66.84.30.17404 Not Found 315 B URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/rta.js
IP 66.84.30.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index_files/rta.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8552c358a14004a8177b1f6d04698aa4/index.htm?cmd=login_submit&entity=1073444&id=19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665&session=19f20cf74d5612aa1fb67d7eba113
Cookie: AMCV_DA11332E5321D0550A490D45%40AdobeOrg=1406116232%7CMCIDTS%7C19274%7CvVersion%7C2.5.0
HTTP/1.1 404 Not Found
Date: Sat, 08 Oct 2022 08:29:09 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
fast.comcast.demdex.net/dest5.html?d_nsid=0
23.36.76.177200 OK 2.8 kB URL HTTP/1.1 fast.comcast.demdex.net/dest5.html?d_nsid=0
IP 23.36.76.177:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash b8a1b21bd0651935d53a7bff0c2479d6
31527c952669b6d1d06c537eb50c9043f576e607
80888fb8b92d01d8dd990af664d273f6364b2917741b09911096099ce4eef1bd
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: fast.comcast.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: text/html
ETag: "2c9c2ee145ee280b85a217ad7045fae5:1580750826.437238"
Last-Modified: Mon, 03 Feb 2020 17:27:06 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=21600
Date: Sat, 08 Oct 2022 08:29:10 GMT
Content-Length: 2785
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
104.110.1.60200 OK 27 kB URL HTTP/2 sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
IP 104.110.1.60:0
File type Web Open Font Format (Version 2), TrueType, length 26768, version 0.0\012- data
Hash e3e79cd377b28c1e7ffea64b194136cf
e67fb661f5d630ecc811e93d526065a680bf58d7
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
GET /fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2 HTTP/1.1
Host: sdx.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://swancommunications.com
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff2
content-length: 26768
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
etag: "e3e79cd377b28c1e7ffea64b194136cf"
x-amz-version-id: kLBQWhXkUwwuS0hOSKJ2GQ_XrNE.oQFF
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XTk1ZXdpqisLN4abManV2eERXXfdVDr6nw7IuuvYX00Zl-QVHJqL0A==
cache-control: max-age=2318883
date: Sat, 08 Oct 2022 08:29:10 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
comcastcom.d1.sc.omtrdc.net/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=71118261443747819202307882870395156104&ts=1665217750023
13.36.218.177200 OK 2 B URL HTTP/1.1 comcastcom.d1.sc.omtrdc.net/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=71118261443747819202307882870395156104&ts=1665217750023
IP 13.36.218.177:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=71118261443747819202307882870395156104&ts=1665217750023 HTTP/1.1
Host: comcastcom.d1.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Origin: http://swancommunications.com
Connection: keep-alive
Referer: http://swancommunications.com/
HTTP/1.1 200 OK
access-control-allow-origin: http://swancommunications.com
access-control-allow-credentials: true
date: Sat, 08 Oct 2022 08:29:10 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
z.moatads.com/comcastapn56341864860/moatad.js
23.38.201.146200 OK 0 B URL HTTP/2 z.moatads.com/comcastapn56341864860/moatad.js
IP 23.38.201.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comcastapn56341864860/moatad.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DgrV/yUP0cYZJ24pT7Z5LVkFATYFOX23OVuFadPO2EW++SB5KZZT2R0SCmVojLGlVbLec6pGXtw=
x-amz-request-id: CA2DQ7A5WM2MGH3Y
last-modified: Mon, 11 May 2020 15:59:42 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
content-length: 0
cache-control: max-age=20565
date: Sat, 08 Oct 2022 08:29:10 GMT
X-Firefox-Spdy: h2
ib.adnxs.com/ttj?id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0
37.252.173.38307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/ttj?id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0
IP 37.252.173.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ttj?id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 08 Oct 2022 08:29:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fttj%3Fid%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
AN-X-Request-Uuid: 9ea1e298-0290-4fc1-b41b-191393f1b659
Set-Cookie: uuid2=4035114898330419944; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 06-Jan-2023 08:29:10 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fttj%3Fid%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
37.252.173.38200 OK 2.9 kB URL HTTP/1.1 ib.adnxs.com/bounce?%2Fttj%3Fid%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
IP 37.252.173.38:0
File type HTML document, ASCII text, with very long lines (7400), with no line terminators
Hash 7872af8c8fa913dfe6ae7d2b4493e41b
bc7e06c042725045456bc6d653217006677022c0
b25cc6a79581cc11dcf190ea1af4c121aee025a7f94204c4eabc4d2b38c7378a
GET /bounce?%2Fttj%3Fid%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://swancommunications.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 08 Oct 2022 08:29:10 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 202fda37-9407-4ce8-83e1-ea35403a6f8b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Encoding: gzip
ib.adnxs.com/ttj?ttjb=1&bdc=1665217750&bdh=jujaEm0cYgmfbAMgguOBfzF2J50.&&bdref=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0
37.252.173.38307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/ttj?ttjb=1&bdc=1665217750&bdh=jujaEm0cYgmfbAMgguOBfzF2J50.&&bdref=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0
IP 37.252.173.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ttj?ttjb=1&bdc=1665217750&bdh=jujaEm0cYgmfbAMgguOBfzF2J50.&&bdref=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 08 Oct 2022 08:29:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1665217750%26bdh%3DjujaEm0cYgmfbAMgguOBfzF2J50.%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
AN-X-Request-Uuid: 0877bba5-fc7e-40f6-8d58-62f0fc245095
Set-Cookie: uuid2=4382550241493051904; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 06-Jan-2023 08:29:10 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1665217750%26bdh%3DjujaEm0cYgmfbAMgguOBfzF2J50.%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
37.252.173.38200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1665217750%26bdh%3DjujaEm0cYgmfbAMgguOBfzF2J50.%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
IP 37.252.173.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1665217750%26bdh%3DjujaEm0cYgmfbAMgguOBfzF2J50.%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://swancommunications.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 08 Oct 2022 08:29:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: f0e2af14-d355-48cd-9812-14f8f5267c65
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/ttj?ttjb=1&bdc=1567582558&bdh=19csEAsmUreP4t53ODdEMQs8zSk.&&bdref=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&&id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0
37.252.173.38307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/ttj?ttjb=1&bdc=1567582558&bdh=19csEAsmUreP4t53ODdEMQs8zSk.&&bdref=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&&id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0
IP 37.252.173.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ttj?ttjb=1&bdc=1567582558&bdh=19csEAsmUreP4t53ODdEMQs8zSk.&&bdref=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&&id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 08 Oct 2022 08:29:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1567582558%26bdh%3D19csEAsmUreP4t53ODdEMQs8zSk.%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
AN-X-Request-Uuid: af8de888-6d1a-4b48-aeb9-c07d157c5a20
Set-Cookie: uuid2=1888389333185794472; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 06-Jan-2023 08:29:10 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1567582558%26bdh%3D19csEAsmUreP4t53ODdEMQs8zSk.%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
37.252.173.38200 OK 3.1 kB URL HTTP/1.1 ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1567582558%26bdh%3D19csEAsmUreP4t53ODdEMQs8zSk.%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
IP 37.252.173.38:0
File type HTML document, ASCII text, with very long lines (7748), with no line terminators
Hash 6709262ef2a7bb8cddb5ee212d697a8f
da3dc2c5dde12cd45da16b3cf84c3707fb1cfeeb
7c2c7f65dd5ad6ba9df2759987bebed5b8f53eb692587d6efa850f1fa7cc89cf
GET /bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1567582558%26bdh%3D19csEAsmUreP4t53ODdEMQs8zSk.%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://swancommunications.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 08 Oct 2022 08:29:10 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: a033c7f3-5a07-4fbf-9ca2-0f6c3114cf61
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Encoding: gzip
ib.adnxs.com/ttj?ttjb=1&bdc=1665217750&bdh=jujaEm0cYgmfbAMgguOBfzF2J50.&bdl=1567582558&&bdref=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0
37.252.173.38307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/ttj?ttjb=1&bdc=1665217750&bdh=jujaEm0cYgmfbAMgguOBfzF2J50.&bdl=1567582558&&bdref=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0
IP 37.252.173.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ttj?ttjb=1&bdc=1665217750&bdh=jujaEm0cYgmfbAMgguOBfzF2J50.&bdl=1567582558&&bdref=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 08 Oct 2022 08:29:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1665217750%26bdh%3DjujaEm0cYgmfbAMgguOBfzF2J50.%26bdl%3D1567582558%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
AN-X-Request-Uuid: 73b3d69a-cc0a-4d17-8526-14b1c60dd92c
Set-Cookie: uuid2=7799325468437301369; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 06-Jan-2023 08:29:10 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1665217750%26bdh%3DjujaEm0cYgmfbAMgguOBfzF2J50.%26bdl%3D1567582558%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
37.252.173.38200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1665217750%26bdh%3DjujaEm0cYgmfbAMgguOBfzF2J50.%26bdl%3D1567582558%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
IP 37.252.173.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1665217750%26bdh%3DjujaEm0cYgmfbAMgguOBfzF2J50.%26bdl%3D1567582558%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8552c358a14004a8177b1f6d04698aa4%252Findex.htm%253Fcmd%253Dlogin_submit%2526entity%253D1073444%2526id%253D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%2526session%253D19f20cf74d5612aa1fb67d7eba113%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://swancommunications.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 08 Oct 2022 08:29:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 66a199e6-4b31-427d-b976-0e3a0e058afc
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2
104.110.1.60200 OK 27 kB URL HTTP/2 sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2
IP 104.110.1.60:0
File type Web Open Font Format (Version 2), TrueType, length 27420, version 0.0\012- data
Hash f05d3ebe80809d82ab14d62a79da544e
bf08410286fbadd57335dc63dbdd8169cd4e6d1e
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a
GET /fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2 HTTP/1.1
Host: sdx.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://swancommunications.com
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 27420
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
etag: "f05d3ebe80809d82ab14d62a79da544e"
x-amz-version-id: wnCwOacXycelzt78IMkr55wWB9WkMd2W
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _vpkqBlLETw4T6oH2cSnkktI4BxeLxas20IZvW788el8Nomx3bJ5ug==
cache-control: max-age=1920286
date: Sat, 08 Oct 2022 08:29:10 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2
104.110.1.60200 OK 27 kB URL HTTP/2 sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2
IP 104.110.1.60:0
File type Web Open Font Format (Version 2), TrueType, length 27152, version 0.0\012- data
Hash 13709eac065721ba8cd0e2d1b6fa8026
2fa86f3c0fbc94711d6c0ed32e3e03add756ba18
2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228
GET /fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2 HTTP/1.1
Host: sdx.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://swancommunications.com
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 27152
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
etag: "13709eac065721ba8cd0e2d1b6fa8026"
x-amz-version-id: 6t4RA2DS89tdf_2IK5vrc9JAOKCy9A40
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IzOfbbv8gz8w_604kyRw0cTtS-ry2VNjzzr5bNN0H7WL2BOGYFlCng==
cache-control: max-age=452865
date: Sat, 08 Oct 2022 08:29:10 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js
23.38.200.237200 OK 34 kB URL HTTP/1.1 assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (557)
Hash 953eadbd32b8680b37511cc683781aff
8ea7a5fb3bd5f727f3ec3366bc1d91b3a104043b
14dd417150683ce056827225bbf94a0f26e95a820b604f815021be49eb8c707b
GET /43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "7c44e613d67e21f6a1c3afd5985988da:1581368005.559228"
Last-Modified: Mon, 10 Feb 2020 20:53:25 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 34525
Cache-Control: max-age=3600
Expires: Sat, 08 Oct 2022 09:29:10 GMT
Date: Sat, 08 Oct 2022 08:29:10 GMT
Connection: keep-alive
Access-Control-Allow-Origin: http://swancommunications.com
Timing-Allow-Origin: *
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fc62264746d0ba500dd83.js
23.38.200.237200 OK 134 B URL HTTP/1.1 assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fc62264746d0ba500dd83.js
IP 23.38.200.237:0
Hash 26720501c4260c7cc5833d9e06f0af87
26ce9fe2fa65dcd91b1ff050a238892a70eaad6c
e23487c8456f551b44229fd881dd8c524922e7c4c68682028c245bf706820e62
GET /43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fc62264746d0ba500dd83.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "16dfb4bd56a82d8f8018ab2fa164856c:1581368006.307249"
Last-Modified: Mon, 10 Feb 2020 20:53:26 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 134
Cache-Control: max-age=3600
Expires: Sat, 08 Oct 2022 09:29:10 GMT
Date: Sat, 08 Oct 2022 08:29:10 GMT
Connection: keep-alive
Access-Control-Allow-Origin: http://swancommunications.com
Timing-Allow-Origin: *
rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=50557534951&varName=crtg_content
178.250.0.166204 No Content 0 B URL HTTP/1.1 rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=50557534951&varName=crtg_content
IP 178.250.0.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=50557534951&varName=crtg_content HTTP/1.1
Host: rtax.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/
HTTP/1.1 204 No Content
server: nginx/1.20.1
date: Sat, 08 Oct 2022 08:29:10 GMT
strict-transport-security: max-age=31536000; preload;
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa36064746d7e580013b4.js
23.38.200.237200 OK 187 B URL HTTP/1.1 assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa36064746d7e580013b4.js
IP 23.38.200.237:0
Hash 100e6bd0333d51a01c9e2bf4130cd5c9
b03e6b94b4c163de582e217f6e148f3b12df8f1f
481a6bc427ce8b7601db07e2387f5265db27e59a9a54abcb88f0e2497387912a
GET /43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa36064746d7e580013b4.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "b5834499509b419a0926487143b3976d:1581368006.388159"
Last-Modified: Mon, 10 Feb 2020 20:53:26 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 187
Cache-Control: max-age=3600
Expires: Sat, 08 Oct 2022 09:29:11 GMT
Date: Sat, 08 Oct 2022 08:29:11 GMT
Connection: keep-alive
Access-Control-Allow-Origin: http://swancommunications.com
Timing-Allow-Origin: *
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash d78f83894b36146c85aedacc419df61b
14e6706bc1c7ecd408fad812c4d42e16048c0b0f
3e1a1e3a697a4aab502d571e9e54b9ba9d025b677094d6e0a1e44346a22c007f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4494
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 08:29:11 GMT
Last-Modified: Sat, 08 Oct 2022 07:14:17 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash d78f83894b36146c85aedacc419df61b
14e6706bc1c7ecd408fad812c4d42e16048c0b0f
3e1a1e3a697a4aab502d571e9e54b9ba9d025b677094d6e0a1e44346a22c007f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4494
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 08:29:11 GMT
Last-Modified: Sat, 08 Oct 2022 07:14:17 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash d78f83894b36146c85aedacc419df61b
14e6706bc1c7ecd408fad812c4d42e16048c0b0f
3e1a1e3a697a4aab502d571e9e54b9ba9d025b677094d6e0a1e44346a22c007f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5059
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 08:29:11 GMT
Last-Modified: Sat, 08 Oct 2022 07:04:52 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5971021b64746d663b00202b.js
23.38.200.237200 OK 15 kB URL HTTP/1.1 assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5971021b64746d663b00202b.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (563)
Hash 4da5a7f7e67cf8d72d1238efbd4dac31
e8bf676f06b42529aa475c3d292acfa0f5b4a6b7
2c68577dc9e4226daf46cbcf1650a0e91a1841c67ecf5e4ecea749cbea7ed973
GET /43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5971021b64746d663b00202b.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "dbef438e3fcd49bdc0ee4d74b97df080:1581368005.888342"
Last-Modified: Mon, 10 Feb 2020 20:53:25 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14684
Cache-Control: max-age=3600
Expires: Sat, 08 Oct 2022 09:29:11 GMT
Date: Sat, 08 Oct 2022 08:29:11 GMT
Connection: keep-alive
Access-Control-Allow-Origin: http://swancommunications.com
Timing-Allow-Origin: *
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2985
Expires: Sat, 08 Oct 2022 09:18:56 GMT
Date: Sat, 08 Oct 2022 08:29:11 GMT
Connection: keep-alive
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa34764746d6ae001a760.js
23.38.200.237200 OK 681 B URL HTTP/1.1 assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa34764746d6ae001a760.js
IP 23.38.200.237:0
Hash 238e9ac366afc5ccb8ab193af21a3bdd
ccbe4cf829625b32aa2ecb714bc68c05c53de703
2f27f96e790c01c88b87af6a72d3d635b9bfc630d13bd43bd46a8be4ac5fac9f
GET /43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa34764746d6ae001a760.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "1cf26e862d696e4a210b77e9f506e652:1581368006.039768"
Last-Modified: Mon, 10 Feb 2020 20:53:26 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 681
Cache-Control: max-age=3600
Expires: Sat, 08 Oct 2022 09:29:11 GMT
Date: Sat, 08 Oct 2022 08:29:11 GMT
Connection: keep-alive
Access-Control-Allow-Origin: http://swancommunications.com
Timing-Allow-Origin: *
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2985
Expires: Sat, 08 Oct 2022 09:18:56 GMT
Date: Sat, 08 Oct 2022 08:29:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2985
Expires: Sat, 08 Oct 2022 09:18:56 GMT
Date: Sat, 08 Oct 2022 08:29:11 GMT
Connection: keep-alive
gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
178.250.0.157200 OK 9.3 kB URL HTTP/2 gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
IP 178.250.0.157:0
Hash eebe8c5cf1dd2448a131ff78b8f3183a
44f1781f8c749dcc22706b4985b2a438b1be96bc
61354eb5649ea887af9f9e92531cad2bdb6212be57d620475161526925e35598
GET /sync?c=30&r=2&j=cr_handle_data_a HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 08:29:10 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 598198
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2985
Expires: Sat, 08 Oct 2022 09:18:56 GMT
Date: Sat, 08 Oct 2022 08:29:11 GMT
Connection: keep-alive
dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=1&ts=1665217751051
54.77.35.16200 OK 215 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=1&ts=1665217751051
IP 54.77.35.16:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bd26b5f0d46b2221c1cfa09e4cff5345
d77b37e207b7ee1305c65b0cbb5ebcdb21473c87
905b4f65ec0b0b345e72097846e2aa943fa7c1458b2b82684aac36e0abd00010
GET /id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=1&ts=1665217751051 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Origin: http://swancommunications.com
Connection: keep-alive
Referer: http://swancommunications.com/
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://swancommunications.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v044-05525f3f4.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=68701899645843718361332029261162682584; Max-Age=15552000; Expires=Thu, 06 Apr 2023 08:29:11 GMT; Path=/; Domain=.demdex.net
Vary: Origin
X-TID: w2d6uiknQ6g=
Content-Length: 215
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70128380-51a1-430f-bca1-5212a3dd8807.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70128380-51a1-430f-bca1-5212a3dd8807.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c712a8d12119cdef4376b6055f3493c
e040dc81a71c6a94dc600ecb61bf0c8f1a086e85
6a2c6384e05dae0013a2890ad63c91af7d2f04a0d706ce496f44defc7b209fa7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70128380-51a1-430f-bca1-5212a3dd8807.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11618
x-amzn-requestid: 5a8e397a-41df-41a1-a71e-25cedc35b063
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1R5H9aoAMFyew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409c0b-3286ff464612a56158b81f4e;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:37:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dpzW4--jwWxQ7cD4rKIZuX4pr9LQI0CivP6grcpduuNMPoKyQwSecg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:37:16 GMT
etag: "e040dc81a71c6a94dc600ecb61bf0c8f1a086e85"
content-type: image/jpeg
age: 39115
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56d7dd70-3706-4d51-94da-88fa19a58ad8.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56d7dd70-3706-4d51-94da-88fa19a58ad8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5c4757ceb6dce32d0f9d26d5b3df038
d8209d82f61c7a09e00756e5dd32c99bc61af4a8
6aa007279ba4cdea3f772e0601e4082d40ee947ef8cc1201ce0009fb42ca9885
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56d7dd70-3706-4d51-94da-88fa19a58ad8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5185
x-amzn-requestid: 3c3ff89f-8a8c-44ae-981a-0e9adaf7d959
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zj_dSEs8IAMFqFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e45ee-6c97b82d137c2f1951270b82;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 03:05:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6wWlD3C6HI9oxa0VAYA6N5afAcUDTQXdO8X31eZUglfdC6jSQo_gew==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 03:29:14 GMT
age: 17997
etag: "d8209d82f61c7a09e00756e5dd32c99bc61af4a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e30ca5022768294665070cafc9d489c
c6ebf53c21206cfcf8e70279d3ae43f0170ade3a
6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: Y_VpleudG3M2sQd7mFGVhPvfULiNQl3YY8xuhiTnTE5VIC64O8vqMA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:44:19 GMT
age: 38692
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcff4d93b-bc27-41dd-ad6a-5d295cfb6472.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcff4d93b-bc27-41dd-ad6a-5d295cfb6472.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7dcf23b32642f7a82a0a7d734a631bca
9dc8bd1a00dcb896fade6d3112ef53439ecb8fe7
add9aab4427819610f8d693758a752910cf314346e974b7636a82381ab9daa4d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcff4d93b-bc27-41dd-ad6a-5d295cfb6472.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4252
x-amzn-requestid: 8d6a225c-6389-4f20-9b90-494841f47c99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1R4GjCIAMFX-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409c0b-4076dc933185d9fd6b68e802;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:37:15 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Wb1JAlWtR9sSEi_KuYZivvMivSxZjo92LGpWgFppol5zgapK6eQ-dg==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:37:16 GMT
etag: "9dc8bd1a00dcb896fade6d3112ef53439ecb8fe7"
content-type: image/jpeg
age: 39115
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57a0ead-deef-46c2-985b-fb7ba539285b.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57a0ead-deef-46c2-985b-fb7ba539285b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9bc50d1380ae8fc980ae1cc38f2371c7
be79aecfd7eefa89c409ed743402a292ff0ce6c0
43e015802ba453d4cd79984b53efa8a529ece62760f6693f9daeb2388179201f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57a0ead-deef-46c2-985b-fb7ba539285b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6366
x-amzn-requestid: ddcd915d-2606-4243-969e-19fb02b5b6d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1EJGoSIAMFcSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409bb3-1c7bd17a2dcdd25e4da6d346;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:35:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Cm4uaStVKEsemoOHrc04J9qNysQJoMB7-R8LEzmlRXt47mpXi2NRPA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:50:12 GMT
age: 38339
etag: "be79aecfd7eefa89c409ed743402a292ff0ce6c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa96a8500-2a22-4035-9ef1-326d1694aabe.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa96a8500-2a22-4035-9ef1-326d1694aabe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15ba06e4cfdbb4480ad9d3d07a70f7d1
54050ea4062695b87d04d69f455b957bc93c9be6
9ee148a18daffcd7e3892ee7818886b7ee8763272c97b627d368d1dc995836bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa96a8500-2a22-4035-9ef1-326d1694aabe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8628
x-amzn-requestid: 858952a7-50aa-4942-a58a-6b1a8ead66cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp2BeG45oAMF0yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409d3c-6e26167b1944a0e518b0686e;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:42:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: olEe_ETm0OBokLbkhr2a5invlm5stvDH86HZKIIDNuytlH7bgr_SpQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 22:11:34 GMT
age: 37057
etag: "54050ea4062695b87d04d69f455b957bc93c9be6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
login.xfinity.com/static/images/favicon/favicon-16x16.png
23.36.79.11200 OK 184 B URL HTTP/2 login.xfinity.com/static/images/favicon/favicon-16x16.png
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
File type PNG image data, 16 x 16, 8-bit grayscale, non-interlaced\012- data
Hash db142cad60d6acbf015835843f35071f
56261a4d35ff1ad9c210376f025f8762e608494f
1a819ccf88edbedbdce80f8f48844260c685edf389ba39ba92e42c7291522801
GET /static/images/favicon/favicon-16x16.png HTTP/1.1
Host: login.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Tue, 11 Jan 2022 16:05:32 GMT
accept-ranges: bytes
content-length: 184
content-type: image/png
cache-control: max-age=616
expires: Sat, 08 Oct 2022 08:39:27 GMT
date: Sat, 08 Oct 2022 08:29:11 GMT
X-Firefox-Spdy: h2
login.xfinity.com/static/images/favicon/android-icon-192x192.png
23.36.79.11200 OK 2.6 kB URL HTTP/2 login.xfinity.com/static/images/favicon/android-icon-192x192.png
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
File type PNG image data, 192 x 192, 8-bit grayscale, non-interlaced\012- data
Hash 4d5a72cfafe8a0e67a3a4e3684ae379f
2140780ff72470e5a9d63fdf950d7b816ce804be
b8bbda2990b5611317f747bf13de3a78e1de77fd7d864a27d845194988490375
GET /static/images/favicon/android-icon-192x192.png HTTP/1.1
Host: login.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Tue, 11 Jan 2022 16:05:32 GMT
accept-ranges: bytes
content-length: 2569
content-type: image/png
cache-control: max-age=968
expires: Sat, 08 Oct 2022 08:45:19 GMT
date: Sat, 08 Oct 2022 08:29:11 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 51c390159903c17ac5df6938dc229d27
293a187c95b08c020814f170f446c13f1e889f45
230550cbcbf9628a6dba7f865301104995c35e2faa85854890c17f3f2b2f3283
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 77
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 08:29:11 GMT
Last-Modified: Sat, 08 Oct 2022 08:27:54 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
comcastathena.demdex.net/event?_ts=1665217751110
34.249.157.182200 OK 118 B URL HTTP/1.1 comcastathena.demdex.net/event?_ts=1665217751110
IP 34.249.157.182:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 877d1a83fa869ec13d488e130b32e6ef
34792f60038a321e16d03eacc302191f2ed45955
6874b4631b27d325d1b53cad97d5d9b4702ff60a2ce37f0a4ee24bbbee31e65f
POST /event?_ts=1665217751110 HTTP/1.1
Host: comcastathena.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 637
Origin: http://swancommunications.com
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://swancommunications.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v044-08580ef78.edge-irl1.demdex.com 5 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=68701899645843718361332029261162682584; Max-Age=15552000; Expires=Thu, 06 Apr 2023 08:29:11 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: muDgZDQySL8=
Content-Length: 118
Connection: keep-alive
comcastcom.d1.sc.omtrdc.net/b/ss/comcastdotcomprod/10/JS-2.3.0-D7QN/s62661566037556?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=8%2F9%2F2022%208%3A29%3A11%206%200&d.&nsid=0&jsonv=1&.d&D=D%3D&mid=71118261443747819202307882870395156104&aamlh=6&ce=UTF-8&pageName=resi%7Cselfservice%7Clogin%7Csign%20in&g=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&cc=USD&ch=login&events=event125%3D25%2Cevent36%3D27&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c25=resi%7Cselfservice%7Clogin%7Csign%20in%7Cpage%20load&v29=landscape%3Adesktop%20layout%3A1280x939&v37=D%3DpageName&c44=responsive%7Ccima%20login&v44=responsive%7Ccima%20login&v46=First%20Visit&c54=VisitorAPI%20Present&c55=resi%7Cselfservice&c60=en&c69=res_beta&c72=27&c73=DTM%20Hosted%20%7C11212019&v86=unauthenticated%7Cunrecognized&v99=comcast%7Cweb&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&AQE=1
13.36.218.177200 OK 3.9 kB URL HTTP/1.1 comcastcom.d1.sc.omtrdc.net/b/ss/comcastdotcomprod/10/JS-2.3.0-D7QN/s62661566037556?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=8%2F9%2F2022%208%3A29%3A11%206%200&d.&nsid=0&jsonv=1&.d&D=D%3D&mid=71118261443747819202307882870395156104&aamlh=6&ce=UTF-8&pageName=resi%7Cselfservice%7Clogin%7Csign%20in&g=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&cc=USD&ch=login&events=event125%3D25%2Cevent36%3D27&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c25=resi%7Cselfservice%7Clogin%7Csign%20in%7Cpage%20load&v29=landscape%3Adesktop%20layout%3A1280x939&v37=D%3DpageName&c44=responsive%7Ccima%20login&v44=responsive%7Ccima%20login&v46=First%20Visit&c54=VisitorAPI%20Present&c55=resi%7Cselfservice&c60=en&c69=res_beta&c72=27&c73=DTM%20Hosted%20%7C11212019&v86=unauthenticated%7Cunrecognized&v99=comcast%7Cweb&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&AQE=1
IP 13.36.218.177:0
File type ASCII text, with very long lines (3886)
Hash f438bd90db63c8f5670790b1a7dbe59d
0abdd2215428e57c8402824fe3ec5073ab2f8e3e
4b94200f7d0476f3f23c5a28e620e04c89c69ee62e45985be8c95ab7e2216c27
GET /b/ss/comcastdotcomprod/10/JS-2.3.0-D7QN/s62661566037556?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=8%2F9%2F2022%208%3A29%3A11%206%200&d.&nsid=0&jsonv=1&.d&D=D%3D&mid=71118261443747819202307882870395156104&aamlh=6&ce=UTF-8&pageName=resi%7Cselfservice%7Clogin%7Csign%20in&g=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8552c358a14004a8177b1f6d04698aa4%2Findex.htm%3Fcmd%3Dlogin_submit%26entity%3D1073444%26id%3D19f20cf74d5612aa1fb67d7eba11366519f20cf74d5612aa1fb67d7eba113665%26session%3D19f20cf74d5612aa1fb67d7eba113&cc=USD&ch=login&events=event125%3D25%2Cevent36%3D27&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c25=resi%7Cselfservice%7Clogin%7Csign%20in%7Cpage%20load&v29=landscape%3Adesktop%20layout%3A1280x939&v37=D%3DpageName&c44=responsive%7Ccima%20login&v44=responsive%7Ccima%20login&v46=First%20Visit&c54=VisitorAPI%20Present&c55=resi%7Cselfservice&c60=en&c69=res_beta&c72=27&c73=DTM%20Hosted%20%7C11212019&v86=unauthenticated%7Cunrecognized&v99=comcast%7Cweb&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&AQE=1 HTTP/1.1
Host: comcastcom.d1.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/
HTTP/1.1 200 OK
access-control-allow-origin: *
date: Sat, 08 Oct 2022 08:29:11 GMT
expires: Fri, 07 Oct 2022 08:29:11 GMT
last-modified: Sun, 09 Oct 2022 08:29:11 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3576027892463861760-4619593676658533062
vary: *
dcs: dcs-prod-irl1-1-v044-057fd01b2.edge-irl1.demdex.com 8 ms
x-aam-tid: PdtRapE4RTc=
content-type: application/x-javascript;charset=utf-8
content-length: 3887
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
comcastathena.demdex.net/dest5.html?d_nsid=1
34.249.157.182200 OK 2.8 kB URL HTTP/1.1 comcastathena.demdex.net/dest5.html?d_nsid=1
IP 34.249.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=1 HTTP/1.1
Host: comcastathena.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swancommunications.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sat, 8 Oct 2022 08:29:11 GMT
DCS: dcs-prod-irl1-2-v044-02f73253e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 29 Sep 2022 16:47:45 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: olfKr1Q8TSo=
Content-Length: 2791
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23be53f0796c8e41706dcd00284560fc
9608740dde2b8801081f68b9aa0afe9ae048e3fb
08efc4c1977aef68123a25c191e9af752bf3ffc9d9c3a1790ae3ec350a239206
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 08:29:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dl.cws.xfinity.com/event/
184.86.58.27200 OK 0 B URL HTTP/2 dl.cws.xfinity.com/event/
IP 184.86.58.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event/ HTTP/1.1
Host: dl.cws.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: content-type
Referer: http://swancommunications.com/
Origin: http://swancommunications.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 0
x-amzn-requestid: 4602fc66-297f-4d56-adb6-6937f56c525f
access-control-allow-origin: *
access-control-allow-headers: Content-Type
x-amz-apigw-id: ZrUxtGeUiYcFdWg=
access-control-allow-methods: HEAD,OPTIONS,PUT
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: BKpV687M0saGf0bYqQIl5qFzwBwpMvqMKYCg1XYtWyrHRa37fD1fig==
date: Sat, 08 Oct 2022 08:29:11 GMT
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/?label=cYj3CPPGqqsBEIOInOgD&guid=ON&script=0
142.250.74.162302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/?label=cYj3CPPGqqsBEIOInOgD&guid=ON&script=0
IP 142.250.74.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1023869955/?label=cYj3CPPGqqsBEIOInOgD&guid=ON&script=0 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fast.comcast.demdex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 08 Oct 2022 08:29:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=989622425
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 08-Oct-2022 08:44:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23be53f0796c8e41706dcd00284560fc
9608740dde2b8801081f68b9aa0afe9ae048e3fb
08efc4c1977aef68123a25c191e9af752bf3ffc9d9c3a1790ae3ec350a239206
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 08:29:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 1e25dac22560f32b30f1da4d0648985d
fd9de735b57ead8e77231dab2fec6b26b55f6ece
7aa8590bbf33a0271c9ac7ffeb83ee336442909cd5f4e7f66805563b802b2ad8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4241
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 08:29:11 GMT
Last-Modified: Sat, 08 Oct 2022 07:18:31 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 579e733097a7260db68f6ab5fc4ab3c9
bcee618650f7eb1595974812db6995d7ee0e9764
c025aa32afae5edb4c793bcc3076c86ae945438c7d2e96f7847054aeb1ed690b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 08:29:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=989622425
142.250.74.164302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=989622425
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=989622425 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fast.comcast.demdex.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 08 Oct 2022 08:29:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=989622425&ipr=y
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=rtus&topUrl=swancommunications.com
178.250.0.157200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=swancommunications.com
IP 178.250.0.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 2cf12a61c5f3f23abe6f26d2181f908c
7cc44e27a14d87f3a8180a7b3a99f6fbc52f99c8
f0b7a85374c53a3a5e3dc9074aa1587df2e43cbd4835cb777f23ae7492cf2041
GET /syncframe?origin=rtus&topUrl=swancommunications.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swancommunications.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 08:29:10 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=c9cdf1f6-a7da-47a7-8e34-ea7d9d46d54d; expires=Thu, 02 Nov 2023 08:29:10 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 629099
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 0641fe145e61ddbc5e19157508e21e9a
ef160116452867d8d9254601ddd723884be113bb
cee72961162c076476612009bf338147e108d813bd246765f46cfe78af88d6d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3125
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 08:29:11 GMT
Last-Modified: Sat, 08 Oct 2022 07:37:07 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 0641fe145e61ddbc5e19157508e21e9a
ef160116452867d8d9254601ddd723884be113bb
cee72961162c076476612009bf338147e108d813bd246765f46cfe78af88d6d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6455
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 08:29:11 GMT
Last-Modified: Sat, 08 Oct 2022 06:41:36 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 312
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 74b63831a0a449c3e37b584db0009072
929f9f036c4a6a078c51c3b3dc2a7f902c9ee9ac
686845b4cf9a67078f03cb221ce13175a72074f6aa3804ba4fa06623ab856bae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 08:29:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da5f54e2d234b159e435039798b4f58c
115cbe08795735df780e8d1a5fb31141187c074e
20fefe2ac7fcd44ae4d6714ff2148b54810a8e7b7f66103e4bbe9c0156b7b2fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 08:29:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=989622425&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=989622425&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=989622425&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fast.comcast.demdex.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 08 Oct 2022 08:29:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da5f54e2d234b159e435039798b4f58c
115cbe08795735df780e8d1a5fb31141187c074e
20fefe2ac7fcd44ae4d6714ff2148b54810a8e7b7f66103e4bbe9c0156b7b2fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 08:29:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=30&r=2&j=cr_handle_data_a HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: http://swancommunications.com/
Origin: http://swancommunications.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 08:29:11 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: http://swancommunications.com
server-processing-duration-in-ticks: 226465
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
dl.cws.xfinity.com/event/
184.86.58.27200 OK 110 B URL HTTP/2 dl.cws.xfinity.com/event/
IP 184.86.58.27:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3b8aae6b163b833080cd7c518a08c6b4
db6a0369bd00199309f66b3c822af5af3c81023c
8202f3ed3a2884fecde254bf95b3627dc5872e44acb379d917eb9d96054e5522
PUT /event/ HTTP/1.1
Host: dl.cws.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 3756
Origin: http://swancommunications.com
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 110
x-amzn-requestid: 1bb6c2b1-2cff-4aa7-a4a0-c832621ff5f6
x-amz-apigw-id: ZrUxxFfqCYcF4-Q=
x-amzn-trace-id: Root=1-634134d7-772cccc406e5422814aafe8b
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: vFlruGtNtNmvVEXcnqHEKAQ3CdJskCHzsSGPJI2B5aF_7sEGpqljHw==
date: Sat, 08 Oct 2022 08:29:11 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST,PUT,HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 857d615378d2a3ab00d62ebc206e41ff
148bdf601ab1f7acc0f305cf0274618d80819b72
023ee37e5c8f6506bd5cc829712d358ca2967f196bcddbf6d04dc30be82c8fa8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5513
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 08:29:12 GMT
Last-Modified: Sat, 08 Oct 2022 06:57:19 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 314
ag.gbc.criteo.com/newidsd
178.250.6.142200 OK 405 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.142:0
Hash 7849d421ae24e95e9004e194d3105ff1
dbf83eb9195563d9ef7696cb0265cd557ae0e01c
660b8aedb75e67278e926383c22245924e919ca91250679a7f6f32b3e6f71501
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 08:29:11 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 54884
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.142200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.142:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 08:29:11 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 110125
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.0200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.0:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 08:29:11 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 136760
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=dbj7VF80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRkkzT3I1Z3NnTEpaOU5RR1dNelU3QjVpTFdMVGJOV0hLVnZMJTJCVHBPVXBC
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 08:29:11 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=rd_3_V80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRkkzT3I1Z3NnTEpaOU5RR1dNelU3Q1A1T00wVEFtY0VFNVZ0ams5SHlxTg; expires=Thu, 02 Nov 2023 08:29:11 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 305102
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.0200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.0:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 08:29:11 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 75081
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=ZLrmx180M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRkkzT3I1Z3NnTEpaOU5RR1dNelU3QUZGSnJkclVVcHNaRlhINmhNejg0dg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 08:29:10 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=dbj7VF80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRkkzT3I1Z3NnTEpaOU5RR1dNelU3QjVpTFdMVGJOV0hLVnZMJTJCVHBPVXBC; expires=Thu, 02 Nov 2023 08:29:11 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 266273
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
IP 178.250.0.157:0
GET /sync?c=30&r=2&j=cr_handle_data_a HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://swancommunications.com/
x-crto-bundle: r_p8VF83VzBzJTJGODFDeWszM3lKWEM5bjlVUjZTRGJ2ZnZydUpHT0g4M3R1JTJGclA0NjVOR015VGJlclZwVFNBYzZCbGo1cFlaNjkxS3dBT2tPaUpEbWpDb3NOaWRjbEVxUGhBVEFRb0NuVW9zMlFzQ2VnZzNCUnhyazczVnljYU5HT2FUZ0VHUXpadGxreXpKVDhicW1EdlNMS0NRJTNEJTNE
Origin: http://swancommunications.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 08:29:11 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: http://swancommunications.com
server-processing-duration-in-ticks: 1753354
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=dbj7VF80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRkkzT3I1Z3NnTEpaOU5RR1dNelU3QjVpTFdMVGJOV0hLVnZMJTJCVHBPVXBC
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 08:29:11 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=FJabt180M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRkkzT3I1Z3NnTEpaOU5RR1dNelU3RGRsSFltbzdrNHBLSUtuWUkyd0RDVQ; expires=Thu, 02 Nov 2023 08:29:11 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 178604
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2