| respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} |  188.114.96.1 | 301 Moved Permanently | 0 B |
URL HTTP/1.1respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} HTTP/1.1
Host: respectphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Dec 2022 07:42:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 07 Dec 2022 08:42:51 GMT
Location: https://respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OI6P3Hh%2FO0Hp9W59MzZKKbHrSUVqFsr%2B00P6y%2Flg8dIhnSayruGGaZLHjZp4wIjGyTeDV6ICRZlwZPEWFP14Ft0YQ8oqkW3E8q8Rdwv%2FzgJ9mtzCTLFX3eo6tTiTDBAn5D0g%2BMK0OBT7hjs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775ba0825fe3b500-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ |  95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash5ceaca9fd4ad000cb435820812fc69c8 8168397aaf7b572c89a9c83f46c0b65e4ac509f2 9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19605
Expires: Wed, 07 Dec 2022 13:09:36 GMT
Date: Wed, 07 Dec 2022 07:42:51 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashf83c5e33ba42e312ee398848bbb711f5 caa1fd23b1fbbe883292ded04404c1cfd861eb09 106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3043
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:42:51 GMT
Etag: "638f19f6-1d7"
Last-Modified: Wed, 07 Dec 2022 06:52:10 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hasha0abf10fb7e96c1c98dacf2f013a68b4 acdd839bce85eadc78a8e821e32e00a958d5c0c8 b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19530
Expires: Wed, 07 Dec 2022 13:08:21 GMT
Date: Wed, 07 Dec 2022 07:42:51 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 07:18:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1446
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash53341dea33f4f3d9b4966f80589f429a 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pxww8KuPwDCIKzdkNmVZ1Ih7CxYtqSysERTFutdARrtT+/+i37mcyrNq+MwGKBsxbzsAGDQOIpUxKaaY+OTxtA==
x-amz-request-id: 6QVEPXCQ98G8QDMW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 06:49:16 GMT
age: 3215
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:42:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hash73b9dda475b836466529acce80d99675 377aa3b24202ddbbccf00f0573b3775183b302f4 a610246a651dca6684a08707a28bed34ef9cca4b6593cccf55a1e718409fd20b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:42:51 GMT
Server: ECS (amb/6B72)
Content-Length: 280
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 07:08:58 GMT
cache-control: public,max-age=3600
age: 2033
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hash73b9dda475b836466529acce80d99675 377aa3b24202ddbbccf00f0573b3775183b302f4 a610246a651dca6684a08707a28bed34ef9cca4b6593cccf55a1e718409fd20b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:42:52 GMT
Last-Modified: Wed, 07 Dec 2022 07:42:51 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 2.2 kB |
IP93.184.220.29:0
Hash0f37c27303b793b8d32d067e62eeb643 f2db11ee3f437b435d7e937e65a4aa515e3e280b 40dea938c01f8b759522dc6fbe9553ef67b50fb340a59ff0657ed37fa84ec9e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3027
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:42:52 GMT
Last-Modified: Wed, 07 Dec 2022 06:52:25 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashb22490b02628e79842aa551994331a2e 238870b8a3e6ef3b6a761154e3abee386643597c ef2e0268a5ed0ca7d64dfc1baa3d56d55f4062e4d84972bc9423fe56df585673
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF2E0268A5ED0CA7D64DFC1BAA3D56D55F4062E4D84972BC9423FE56DF585673"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4899
Expires: Wed, 07 Dec 2022 09:04:31 GMT
Date: Wed, 07 Dec 2022 07:42:52 GMT
Connection: keep-alive
|
|
| my.rtmark.net/p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8 | 139.45.195.8 | 200 OK | 697 B |
URL HTTP/2my.rtmark.net/p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8 IP139.45.195.8:0
Hash7e1da03b7d5254f7b1d93874c8f85ce4 c1ff6bec84dd9b2bf2bbcd11bb8791444f04b2d7 ff9366f794284e39381efd6b8ae4b6273469134c741ca7c3d6a1e1248e1a98d4
GET /p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:42:52 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq | 95.101.10.113 | 200 OK | 2.6 kB |
URL HTTP/2analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq IP95.101.10.113:0 ASN#20940 Akamai International B.V.
Hash12204132c34805cc0059efc359ce72f8 1cfd9d6c8ee58d2485b78d8cfe159e1650802e45 191b324f98fdd626db46052f8ce7ee139762f1aee28c1af53b5c7676e86ee30c
GET /i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221207074252C2CDA45AB7742326CD3B
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00bf98a4d5aea4e3f6f42dcf3880b9005232e321fdc076c8b39c976855a693cf00f3af79d292cb9a8f5dd444b17270c10247026c13747d867ee7b0343688a437092
content-encoding: gzip
content-length: 1316
x-origin-response-time: 17,23.48.215.31
x-akamai-request-id: 933fcfb.6e1ba2ad
expires: Wed, 07 Dec 2022 07:42:52 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 07 Dec 2022 07:42:52 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
set-cookie: _ttp=2IZpU6Z3mJ9CMntXBPrOVS7TIEQ; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-48-215-31.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=17, inner; dur=3
x-parent-response-time: 113,95.101.10.109
X-Firefox-Spdy: h2
|
|
| analytics.tiktok.com/i18n/pixel/static/main.MTk2NTc4NGU0MA.js | 95.101.10.113 | 200 OK | 67 kB |
URL HTTP/2analytics.tiktok.com/i18n/pixel/static/main.MTk2NTc4NGU0MA.js IP95.101.10.113:0 ASN#20940 Akamai International B.V.
File typeASCII text, with very long lines (21716) Hasha2ced8005c34dd0d76dda9f21d01afa5 d83e5c8cba4d9efdd3fb83c01cd8599ddf21b801 74b397f8b46b9f6747a4e2f3e817c883f466d33058c172759d2917635571c2e1
GET /i18n/pixel/static/main.MTk2NTc4NGU0MA.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/
Cookie: _ttp=2IZpU6Z3mJ9CMntXBPrOVS7TIEQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20221206132732D0ECA0A6AEF9623F8A54
x-tt-trace-host: 014eb13aa4362f9dd2f6acd202ee4586f6cc2be1abb956fa86aa4dc7822d91eb681878c834a0bf3905d20952f57059d5498ad6745f86edb4261ab730e3788891ad407d101788fa5b87526d8c1d0913d567
content-encoding: gzip
content-length: 66584
date: Wed, 07 Dec 2022 07:42:52 GMT
x-cache: TCP_HIT from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
x-akamai-request-id: 6e1ba34f
X-Firefox-Spdy: h2
|
|
| analytics.tiktok.com/i18n/pixel/static/identify_7373d.js | 95.101.10.113 | 200 OK | 31 kB |
URL HTTP/2analytics.tiktok.com/i18n/pixel/static/identify_7373d.js IP95.101.10.113:0 ASN#20940 Akamai International B.V.
File typeASCII text, with very long lines (65536), with no line terminators Hashf903a41e043452e3ec96297bb8fe30de 21a750289fa7266253ab7b3b1a18b55bd0e0b857 eebc96ed4144fe30c60fdbdaefe2ed2e4f09db990c29cebec4412bb804283eec
GET /i18n/pixel/static/identify_7373d.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/
Cookie: _ttp=2IZpU6Z3mJ9CMntXBPrOVS7TIEQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20221206132733A80B192CBC121C37E2D2
x-tt-trace-host: 014eb13aa4362f9dd2f6acd202ee4586f6cc2be1abb956fa86aa4dc7822d91eb6848eeec7666bf4bef48999ff53f693e32b35e570af7dbe6b8b28dc46e6340109e0f677d0ab0ff303ca92131a82741ece8
content-encoding: gzip
content-length: 30608
date: Wed, 07 Dec 2022 07:42:52 GMT
x-cache: TCP_MEM_HIT from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 6e1ba3bc
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashaf5c85bb29b5491730736549e899fae0 0e09c2be85edec5d1212d7b972b10495377cccb8 4a3edb4813548859cfbedd6f2bb070795ed6618a69af768c5ce575287f2479e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A3EDB4813548859CFBEDD6F2BB070795ED6618A69AF768C5CE575287F2479E0"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2548
Expires: Wed, 07 Dec 2022 08:25:20 GMT
Date: Wed, 07 Dec 2022 07:42:52 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 44.236.232.139 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP44.236.232.139:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I5i1Ni9LozBwHTq+e4oRRg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QgH6JNcUnUsC9/2syet8PfN551s=
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashb6571029630a3e4ac3f5692222cfc526 05b6b46428accd77476add95f3a6d130fee1e594 8569a0ceca30b0c94fd81c46cf461cdd438fd03f469b162e565f2bdd3cc444a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8569A0CECA30B0C94FD81C46CF461CDD438FD03F469B162E565F2BDD3CC444A8"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6502
Expires: Wed, 07 Dec 2022 09:31:14 GMT
Date: Wed, 07 Dec 2022 07:42:52 GMT
Connection: keep-alive
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hash32d732e9c53c3a07c5c7d49b6a934887 d5fca9123b20f2b339ad82102e34312b7e351df6 e60522d2e6c9294ace4bfada709342ea11d1affe396f68193cabdc73296ddb64
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=134138
Date: Wed, 07 Dec 2022 07:42:52 GMT
Etag: "638f9e2c-1d7"
Expires: Thu, 08 Dec 2022 20:58:30 GMT
Last-Modified: Tue, 06 Dec 2022 19:55:24 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8WYC4_3g-f-tH-d5LCfNV3iZJ8_DJKgNYQ_OpkVhBWsDPpGDnPN57w==
Age: 3786
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hash32d732e9c53c3a07c5c7d49b6a934887 d5fca9123b20f2b339ad82102e34312b7e351df6 e60522d2e6c9294ace4bfada709342ea11d1affe396f68193cabdc73296ddb64
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=135242
Date: Wed, 07 Dec 2022 07:42:52 GMT
Etag: "638f9e2c-1d7"
Expires: Thu, 08 Dec 2022 21:16:54 GMT
Last-Modified: Tue, 06 Dec 2022 19:55:24 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2yfr2ndJ8jAcE57eAvseAfsm5rhEWPK9nk-8ho_DMDhcTbjChLxayA==
Age: 4890
|
|
| analytics.tiktok.com/api/v2/pixel | 95.101.10.113 | 200 OK | 0 B |
URL HTTP/2analytics.tiktok.com/api/v2/pixel IP95.101.10.113:0 ASN#20940 Akamai International B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 918
Origin: https://respectphonesecurity.xyz
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/
Cookie: _ttp=2IZpU6Z3mJ9CMntXBPrOVS7TIEQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221207074252151DD6975DF61F27B29F
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00b9a3df6c06e97d58c1cbc3e965ed0be6f63b28bdb17ea44d4311c6a7a638ceb6940d16c2eafaeeac79d8874e17aba2a0e9003a073014d82159f7be0983864607c
x-origin-response-time: 24,23.220.107.210
x-akamai-request-id: 3f3fd8b.6e1ba3dc
expires: Wed, 07 Dec 2022 07:42:52 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 07 Dec 2022 07:42:52 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a23-220-107-210.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=24, inner; dur=18
x-parent-response-time: 116,95.101.10.109
X-Firefox-Spdy: h2
|
|
| app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64 | 54.243.129.215 | 200 OK | 769 B |
URL HTTP/1.1app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64 IP54.243.129.215:0
Hashc4610870e9f1199c07f7fc466f73eb46 631354079c766cbb6c495eaa7aaaa0244e7a451e bff894ece662ddf4bb86f64de4305b959534d31368d434fecbf1c5cd7e4cdb8f
OPTIONS /device_by_model?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://respectphonesecurity.xyz/
Origin: https://respectphonesecurity.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Server: gunicorn
Date: Wed, 07 Dec 2022 07:42:52 GMT
Content-Type: text/html; charset=utf-8
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur
|
|
| overalltrack.com/api/v3.0/clickapi/img?aid=1&clickId={clickid} | 204.48.29.15 | 200 OK | 327 B |
URL HTTP/1.1overalltrack.com/api/v3.0/clickapi/img?aid=1&clickId={clickid} IP204.48.29.15:0 ASN#14061 DIGITALOCEAN-ASN
Hash8a657a1d7f476eb51b6c3f7f90d0b1a9 e5d8760fc5d0d36b54814dea65558b049def4606 19c8ff0d1e0aa3bfc87558b1900c547c4666f9a763a33c15c18a2cc4bdaf92f5
GET /api/v3.0/clickapi/img?aid=1&clickId={clickid} HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 07 Dec 2022 07:42:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Set-Cookie: currentClickid=%7B%221%22%3A%22%7Bclickid%7D%22%7D; Max-Age=31536000; Path=/; Expires=Thu, 07 Dec 2023 07:42:52 GMT; Secure; SameSite=None
|
|
| overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 | 204.48.29.15 | 200 OK | 8 B |
URL HTTP/1.1overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 IP204.48.29.15:0 ASN#14061 DIGITALOCEAN-ASN
File typeASCII text, with no line terminators Hashf30c3a40e9a3e65c868c754a5de95919 65101ff283414b70636ff494d866190a66ed9978 875befe7cefc0715a17dc737f9514dda981f79a3c9f174badcae5bd1cc2425fe
OPTIONS /api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://respectphonesecurity.xyz/
Origin: https://respectphonesecurity.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 07 Dec 2022 07:42:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Allow: GET,HEAD
|
|
| app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64 | 54.243.129.215 | 301 Moved Permanently | 0 B |
URL HTTP/1.1app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64 IP54.243.129.215:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /device_by_model?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Basic bGFuZDptb2RlbGJyYW5k
Origin: https://respectphonesecurity.xyz
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Server: gunicorn
Date: Wed, 07 Dec 2022 07:42:52 GMT
Content-Type: text/html; charset=utf-8
Location: /device_by_model/?model=x64
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Vary: Origin
Access-Control-Allow-Origin: *
Content-Length: 0
Via: 1.1 vegur
|
|
| overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 | 204.48.29.15 | 200 OK | 126 B |
URL HTTP/1.1overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 IP204.48.29.15:0 ASN#14061 DIGITALOCEAN-ASN
File typeJSON data\012- , ASCII text, with no line terminators Hashc8f85db18fe8f89306f6c0819c67036d 7b5c44e4a9fd70e664aa4fe54fc0bd7bb3963a31 a71ab24977d03d440189548647bee7fdbdf0d6dee44478d1f6b44f17699a75ee
GET /api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://respectphonesecurity.xyz
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 07 Dec 2022 07:42:52 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 126
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
|
|
| my.rtmark.net/img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Frespectphonesecurity.xyz%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23 | 139.45.195.8 | 200 OK | 43 B |
URL HTTP/2my.rtmark.net/img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Frespectphonesecurity.xyz%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23 IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Frespectphonesecurity.xyz%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:42:52 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=470d179b8eca4aa0b55bebea2fb12353; expires=Thu, 07 Dec 2023 07:42:52 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64 | 54.243.129.215 | 200 OK | 0 B |
URL HTTP/1.1app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64 IP54.243.129.215:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /device_by_model/?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://respectphonesecurity.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Server: gunicorn
Date: Wed, 07 Dec 2022 07:42:52 GMT
Content-Type: text/html; charset=utf-8
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash2f9716b803d16b90cd33f887786c933d a356629ae038f10b551efe4f01d05a9ac06ee9e7 ab0637e276ffca0d0246a3123594115216d59ccb7c8233ab88a9c49a9baca238
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB0637E276FFCA0D0246A3123594115216D59CCB7C8233AB88A9C49A9BACA238"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14577
Expires: Wed, 07 Dec 2022 11:45:50 GMT
Date: Wed, 07 Dec 2022 07:42:53 GMT
Connection: keep-alive
|
|
| app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64 | 54.243.129.215 | 404 Not Found | 86 B |
URL HTTP/1.1app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64 IP54.243.129.215:0
File typeJSON data\012- , Unicode text, UTF-8 text, with no line terminators Hash024c203b02c3d88f5e07d125220aa18a 4450bc452d44c05834e068f5341745b2e81ebbe3 a7360add54a81883d7f3e724d07de917a7fcd5cc190db96b7de642d34ceb2787
GET /device_by_model/?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://respectphonesecurity.xyz
Authorization: Basic bGFuZDptb2RlbGJyYW5k
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Connection: keep-alive
Server: gunicorn
Date: Wed, 07 Dec 2022 07:42:53 GMT
Content-Type: application/json
Allow: GET, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Length: 86
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Vary: Origin
Access-Control-Allow-Origin: *
Via: 1.1 vegur
|
|
| redrotou.net/pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js | 139.45.197.251 | 200 OK | 14 kB |
URL HTTP/2redrotou.net/pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js IP139.45.197.251:0
Hash32dddb8b5ded58ef494247625dc90261 8e76aa8103e0342b0c7452b33e885569ed5c78af 0be68626182cfc164fcdc2a83961b5330c9e5ffe5091d306dd69aa63f3bff2a4
GET /pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js HTTP/1.1
Host: redrotou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:42:53 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-9a87"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash1ab1615b2c8cc26b12fc0cf41734ff07 a7d54b3709ce75a20210e20013e6f06b0aa88e2d 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4980
Expires: Wed, 07 Dec 2022 09:05:53 GMT
Date: Wed, 07 Dec 2022 07:42:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash1ab1615b2c8cc26b12fc0cf41734ff07 a7d54b3709ce75a20210e20013e6f06b0aa88e2d 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4980
Expires: Wed, 07 Dec 2022 09:05:53 GMT
Date: Wed, 07 Dec 2022 07:42:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash1ab1615b2c8cc26b12fc0cf41734ff07 a7d54b3709ce75a20210e20013e6f06b0aa88e2d 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4980
Expires: Wed, 07 Dec 2022 09:05:53 GMT
Date: Wed, 07 Dec 2022 07:42:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash1ab1615b2c8cc26b12fc0cf41734ff07 a7d54b3709ce75a20210e20013e6f06b0aa88e2d 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4980
Expires: Wed, 07 Dec 2022 09:05:53 GMT
Date: Wed, 07 Dec 2022 07:42:53 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e484ee7-12d9-41dc-b674-890c51c30626.png | 34.120.237.76 | 200 OK | 5.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e484ee7-12d9-41dc-b674-890c51c30626.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb079607b368263e3517dd30250f5f2af a1b7863c70f1d501560a5b2fb4442f4835f94341 e7ed3ed2aca312d82fb017e06c6493fafffff9a603d1498c9c05355c08b444e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e484ee7-12d9-41dc-b674-890c51c30626.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5913
x-amzn-requestid: 355ca338-7d8e-4a60-a491-0509d0ff32d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlirF3DIAMF-vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb610-5bff7b5b3984102e1ef0e737;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RlnA4SSUIbIVtGBxqBtabKw58aXWE-jGIKLZ4DnoTiGzvH5bzBOUbA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:54:15 GMT
age: 35318
etag: "a1b7863c70f1d501560a5b2fb4442f4835f94341"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd933687b-86e0-407a-9bff-2debb09d5167.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd933687b-86e0-407a-9bff-2debb09d5167.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash550ee57c325ce8d4892400deb24141d3 acece1761a7d4d3926500726c19d528bb204ef4c 7cc68e966362916947e7d6e24d3c001c64298fec2438a97538765d801fa7c92c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd933687b-86e0-407a-9bff-2debb09d5167.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10362
x-amzn-requestid: 7fdd2011-e283-467e-9f04-741946a834ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpl_1EsooAMFhvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5065-0cddad1919d984065bd0b03e;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 01:59:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WtZWFmfVSXYRQlYwpBxj8JG_WC91ik_p68HjX7-wCfYb0624CvcBSA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:58:02 GMT
age: 71600
etag: "acece1761a7d4d3926500726c19d528bb204ef4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg | 34.120.237.76 | 200 OK | 6.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha7ee62c5e846e8ad4808f4724f15146d 6d55b299f906908309f91eaf0a720ad65866db04 0d8f51d6f7f3bad4bb9d9c3000999739147f6dd718b290b0dca71a4cba85cb38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6846
x-amzn-requestid: 53452103-6559-460c-ac40-4685e6816aa4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGx4E-mIAMFatg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a5-5327ec9a2f247cc91654df80;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Znjnq24wuXoi43Bfc9aPdcUHhMh-a00hSCXUHFpHq3sTtQQoUYe6Uw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 07:10:36 GMT
age: 1937
etag: "6d55b299f906908309f91eaf0a720ad65866db04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg | 34.120.237.76 | 200 OK | 7.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash0d0219e6bee2a28f003f396f872eecf0 b3d22d146c6094cb539de40a72b9c5a140802ee5 41c1b037e8e654c19f36b74cceccd1fc841cc9fb7de39ac552ab5089dc3e82db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7609
x-amzn-requestid: 02299a39-6804-49ae-b415-313b6e06b2ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfj24G39oAMF25Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63894cf8-5f578e3f211063bd125b645a;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 00:55:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uMTaiFjrcbJxWm4M7BuSHPu0BFUMp9UIpMvnvlLs_dajlM0_iObY2A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:52 GMT
age: 35101
etag: "b3d22d146c6094cb539de40a72b9c5a140802ee5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg | 34.120.237.76 | 200 OK | 9.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb92721cbe24623f1713a5248d6a7c1b2 3628390c62642dcc375b28f58c9b48180c4abd73 37d0451c03bc7cf0253aba6d3204cbf38502692a0fbc751a3ead01b07e9a65d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9613
x-amzn-requestid: 3542fd4f-74e3-450b-b7fc-04034d680bf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cslIEEDtIAMFfuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e8233-40eaebed627d374d0910e456;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 23:43:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2aI7z8gOkQiNDlj2tbsoWibfupjl25ZjoO_QRbfmXQKwO-yF455yXg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 07:18:37 GMT
age: 1456
etag: "3628390c62642dcc375b28f58c9b48180c4abd73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg | 34.120.237.76 | 200 OK | 6.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashfb1ea0161d261518c99909aff49e6f58 c3b915cb579b651db25442fea0bbedd0d292c0fc d877a21abfd883a368da0136c4e56d7f590fa9e9ea09dec3675823211fe56385
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6110
x-amzn-requestid: 2ebf542a-dacc-472a-81c0-0c69cb1ec143
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEQAH2doAMFljA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb3ff-7173ff7941b57fa163e3cc6b;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:16:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5fxuPjC35VBDaymSCPY_iBxDnQY4CFHgolHSmnDhCRUjzw5UzY7ovA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 04:14:32 GMT
age: 12501
etag: "c3b915cb579b651db25442fea0bbedd0d292c0fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash19b6426285c119d6741647be77f201c4 cbb18a319dcd0747879033f9b31252858a1d5437 a17633616bacd38f4f0ec3ccd4694b85f7c5887fc7613b3e50c757e7d3a17529
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A17633616BACD38F4F0EC3CCD4694B85F7C5887FC7613B3E50C757E7D3A17529"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 07 Dec 2022 13:42:53 GMT
Date: Wed, 07 Dec 2022 07:42:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashb22490b02628e79842aa551994331a2e 238870b8a3e6ef3b6a761154e3abee386643597c ef2e0268a5ed0ca7d64dfc1baa3d56d55f4062e4d84972bc9423fe56df585673
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF2E0268A5ED0CA7D64DFC1BAA3D56D55F4062E4D84972BC9423FE56DF585673"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4897
Expires: Wed, 07 Dec 2022 09:04:31 GMT
Date: Wed, 07 Dec 2022 07:42:54 GMT
Connection: keep-alive
|
|
| my.rtmark.net/img.gif?f=merge&userId=b4274568db4a42fb9a56e9d6e0890c4e | 139.45.195.8 | 200 OK | 43 B |
URL HTTP/2my.rtmark.net/img.gif?f=merge&userId=b4274568db4a42fb9a56e9d6e0890c4e IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=b4274568db4a42fb9a56e9d6e0890c4e HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouhastay.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:42:54 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b4274568db4a42fb9a56e9d6e0890c4e; expires=Thu, 07 Dec 2023 07:42:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hash688b45eb160bc1d3c007143fd57ffca4 fc3d05405c60679f2916d4d7f9456f66ee17b47e fc2909dede0f02f33d873592a40c1617f8097be4e23990e4bde7806b2811c369
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 07:42:54 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 04:52:36 GMT
Expires: Mon, 12 Dec 2022 04:52:35 GMT
Etag: "fc3d05405c60679f2916d4d7f9456f66ee17b47e"
Cache-Control: max-age=421180,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775ba0941adbb4f9-OSL
|
|
| ouhastay.net/?z=3647676&syncedCookie=true&rhd=false | 139.45.197.239 | 302 Found | 0 B |
URL HTTP/2ouhastay.net/?z=3647676&syncedCookie=true&rhd=false IP139.45.197.239:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
POST /?z=3647676&syncedCookie=true&rhd=false HTTP/1.1
Host: ouhastay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 455
Origin: https://ouhastay.net
Connection: keep-alive
Referer: https://ouhastay.net/afu.php?zoneid=3647676&var=3647676&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false
Cookie: OAID=b4274568db4a42fb9a56e9d6e0890c4e; oaidts=1670398973
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 07 Dec 2022 07:42:54 GMT
content-length: 0
location: https://revpu.sh/redir?page=aHR0cHM6Ly93d3cuaGVscHdpcmUuY29tL2FydGljbGVzL2Vhc3ktaG9tZS1pbXByb3ZlbWVudD9xPVZlZWFtK1JhbnNvbXdhcmUrUHJvdGVjdGlvbiZzcmM9bWcmZ2NoPVQwMDAwMDEyJnZpc2l0b3JfaWQ9JTI0JTdCU1VCSUQlN0QmdGFyZ2V0X2lkPSU3QnpvbmVpZCU3RCZjYW1wYWlnbl9pZD0lN0JjYW1wYWlnbmlkJTdEJmxpbmtfa2V5PTA0NGIxOWM0OTA5OTg4YzFhNTFiOTU4YWE3ZTJiZmRk&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd&rdk=rk3
x-trace-id: fea309264ea9da42e8cf69e42dacf00a
link: <https://revpu.sh>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
access-control-allow-origin: https://ouhastay.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=b4274568db4a42fb9a56e9d6e0890c4e; expires=Thu, 07 Dec 2023 07:42:54 GMT; path=/; secure; SameSite=None
oaidts=1670398973; expires=Thu, 07 Dec 2023 07:42:54 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 14 Dec 2022 07:42:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hasha1329676cb87c885b6249a2bc670a193 1445bdcc4d011a945a204c337a1b19594d102353 99a49b8c2af3aaece408d3b535fb87fb3a7f70f0f7945aa9ed7222047a2ee12c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140023
Date: Wed, 07 Dec 2022 07:42:54 GMT
Etag: "638fbbb0-1d7"
Expires: Thu, 08 Dec 2022 22:36:37 GMT
Last-Modified: Tue, 06 Dec 2022 22:01:20 GMT
Server: ECS (dcb/7F3C)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zL4eTDm8ndOg9wfOBFUpcuZYAPwRGfc_NKQDR129xfejFptfts-P2w==
Age: 2117
|
|
| www.helpwire.com/_next/static/chunks/4963.2b7c7ead79fd7562.js | 54.230.111.93 | 200 OK | 705 B |
URL HTTP/2www.helpwire.com/_next/static/chunks/4963.2b7c7ead79fd7562.js IP54.230.111.93:0
File typeASCII text, with very long lines (705), with no line terminators Hash032c63d7d69c01f1d1e645bd93ff7210 3c0677bd33069b32ac660f354ab807d9625c7e08 a24eef15ae3579a3947bd6798c646fcb8b556a293bfb8c24a00225376a7c0316
GET /_next/static/chunks/4963.2b7c7ead79fd7562.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 705
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: "032c63d7d69c01f1d1e645bd93ff7210"
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NCmbg7qLponRHJSupt3nivwfHzqTqnEFamHJluD6JlybTPx--ywGXA==
age: 25122
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/AwjeBsmdDVNGYeOtHruZM/_ssgManifest.js | 54.230.111.93 | 200 OK | 77 B |
URL HTTP/2www.helpwire.com/_next/static/AwjeBsmdDVNGYeOtHruZM/_ssgManifest.js IP54.230.111.93:0
File typeASCII text, with no line terminators Hashb6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
GET /_next/static/AwjeBsmdDVNGYeOtHruZM/_ssgManifest.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 77
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: "b6652df95db52feb4daf4eca35380933"
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p2BvsaSXu4H1KTtOQoI4uknZg1O_3DZn9t83w8uOBI84vj5YtOXk5g==
age: 25122
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/c16184b3-278d9312fe59238e.js | 54.230.111.93 | 200 OK | 2.6 kB |
URL HTTP/2www.helpwire.com/_next/static/chunks/c16184b3-278d9312fe59238e.js IP54.230.111.93:0
Hash40c2fbc22c130458adab98196ac61a45 2bb360d40d1b6f14ad834de7aa7d2400fc804895 5be443480aa3ca6fa741eb63d203469f54ec0dbd9b32e2a6c03e9fca368a48a4
GET /_next/static/chunks/c16184b3-278d9312fe59238e.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:12 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"11bc8ea090dda19d4435839a4b7ab376"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RMSmQxuvEBguxLiv_J48ivhyfXuDthvl7o9DhO71xPCw4R_YSbv7CA==
age: 25124
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/scripttemplates/otSDKStub.js |  104.16.149.64 | 200 OK | 7.2 kB |
URL HTTP/2cdn.cookielaw.org/scripttemplates/otSDKStub.js IP104.16.149.64:0
File typeASCII text, with very long lines (21747) Hash6ca9058d9138dc07d9a378e6f20a8b7b ff5f65ad24a8e2b3042cbb0136be7edb52215c1a 1561d36bd995a09ea69c243767e196dd2e76a2753b59b78ecbf999161904f86d
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:42:55 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: bKkFjZE43AfZo3jm8gqLew==
last-modified: Tue, 06 Dec 2022 07:45:09 GMT
etag: 0x8DAD75DCC9E2F9F
x-ms-request-id: b80b8554-f01e-014c-18d0-0959ac000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 21197
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775ba09bbf15b50b-OSL
X-Firefox-Spdy: h2
|
|
| production-cmp.isgprivacy.cbsi.com/dist/optanon-v1.1.0.js |  151.101.85.188 | 200 OK | 11 kB |
URL HTTP/2production-cmp.isgprivacy.cbsi.com/dist/optanon-v1.1.0.js IP151.101.85.188:0
File typeASCII text, with very long lines (30787) Hash67ef57e9804d6164ab0228529c00634a b6221503720655cb5587ac02ab142e86547752c6 3e017104b5ad4b26d0365897e175f1c912c7d0272bfbf685a61187ed83ab95d8
GET /dist/optanon-v1.1.0.js HTTP/1.1
Host: production-cmp.isgprivacy.cbsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jtR/w/ggy4yJybv8Q6oEEVlLz2NZxrzjcRxyRWtbYV7zCAyFvJhKzrR2NoszBfi2tPd/SVORBTc=
last-modified: Wed, 30 Nov 2022 19:44:06 GMT
etag: "bea9da88ccef790fb77abaea44ea345e"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:485666168322:build/prod-optanon-pipeline:8320ed39-e573-464a-ae46-962fa1ee7233
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 07:42:55 GMT
via: 1.1 varnish
age: 3157
x-served-by: cache-bma1637-BMA
x-cache: HIT
x-cache-hits: 46
x-timer: S1670398975.337619,VS0,VE0
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 10990
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/consent/87c26e94-acc3-41b3-85ed-3c9e1e798677/87c26e94-acc3-41b3-85ed-3c9e1e798677.json | 104.16.149.64 | 200 OK | 1.7 kB |
URL HTTP/2cdn.cookielaw.org/consent/87c26e94-acc3-41b3-85ed-3c9e1e798677/87c26e94-acc3-41b3-85ed-3c9e1e798677.json IP104.16.149.64:0
File typeJSON data\012- , ASCII text, with very long lines (4419), with no line terminators Hashb32bdae0ff43718dfede05e024f206e0 06fc34e0d6682a3238ef79ad52d7d2d2d91a8bc6 09454c280e22b4b2d6396fd04e3a9e728068cace45e990a8dce5b44e1bd8c2bc
GET /consent/87c26e94-acc3-41b3-85ed-3c9e1e798677/87c26e94-acc3-41b3-85ed-3c9e1e798677.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.helpwire.com
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:42:55 GMT
content-type: application/x-javascript
content-length: 1727
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: syva4P9DcY3+3gXgJPIG4A==
last-modified: Tue, 27 Sep 2022 17:18:48 GMT
etag: 0x8DAA0AC5785A8E9
x-ms-request-id: b719c1ee-f01e-00c0-7995-d252a2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 7675
expires: Thu, 08 Dec 2022 07:42:55 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775ba09bf9b3b51d-OSL
X-Firefox-Spdy: h2
|
|
| production-cmp.isgprivacy.cbsi.com/cps/shamanNotifier.js | 151.101.85.188 | 200 OK | 1.6 kB |
URL HTTP/2production-cmp.isgprivacy.cbsi.com/cps/shamanNotifier.js IP151.101.85.188:0
File typeASCII text, with very long lines (4276), with no line terminators Hash763348e62c55c7dd9305ec53c9625fb8 4ab12704650190c06e311bb87b1061189aeef8ed ad386546b56fdbc7ca27432d19cc95b00804bad4222e51e2d9edc3e46526c0e2
GET /cps/shamanNotifier.js HTTP/1.1
Host: production-cmp.isgprivacy.cbsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: uubeTO18Dft9kzTBI/Toah17xX2B9HhMK6uDNdisIz7t5yffuVq6RDpXmOO3yypBeEdy+jCZy8Q=
last-modified: Fri, 22 Jul 2022 19:02:28 GMT
etag: "3e0cf3a78511da0d4110ac814d88e0ec"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:485666168322:build/prod-shaman-notifier-pipeline:65247f02-0cba-4f78-bd98-f251a31929ac
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 07:42:55 GMT
via: 1.1 varnish
age: 1857
x-served-by: cache-bma1637-BMA
x-cache: HIT
x-cache-hits: 25
x-timer: S1670398975.367751,VS0,VE0
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1598
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/scripts/optanonApiBootstrap.js | 54.230.111.93 | 200 OK | 541 B |
URL HTTP/2www.helpwire.com/scripts/optanonApiBootstrap.js IP54.230.111.93:0
Hasha350eef484fa9186bf408beda6538334 39838a84ccd3d3407b873bf64d20830ee1174a9e 759eb2ef0ee7c0dd29b8d3d17f9d4b3da3549ff715fa764745cb5129ccc53009
GET /scripts/optanonApiBootstrap.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 541
date: Wed, 07 Dec 2022 07:42:56 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: "a350eef484fa9186bf408beda6538334"
accept-ranges: bytes
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EED2D_EyTb-Cy_K2SrhORufE4N238QOcydxk5XkMpITKCWzBPbJnAA==
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/3493.e102016899dee344.js | 54.230.111.93 | 200 OK | 2.7 kB |
URL HTTP/2www.helpwire.com/_next/static/chunks/3493.e102016899dee344.js IP54.230.111.93:0
Hashe56f50f16d6ed460c00addc06b2ef6c5 03a95799412e6b1aeb746b610a50f53323e0fad0 75bceaeb01bb48ff51a651df856e51a7ae09ef61751a49d61822fc748634ffe5
GET /_next/static/chunks/3493.e102016899dee344.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:13 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"1fe1f60389ad9fd611c6389ff6e2611e"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mSTFAB11R82Kdh2t4Lb09Lu5E_qJoM2VDewQKLm98Wn28LzbTKmLmA==
age: 25123
X-Firefox-Spdy: h2
|
|
| cdn.galattic.com/bidder/cbs/filter.js |  95.110.203.212 | 200 OK | 424 B |
URL HTTP/1.1cdn.galattic.com/bidder/cbs/filter.js IP95.110.203.212:0
File typeASCII text, with very long lines (337) Hash7ce4858083c37871907f2f338f4371a0 1e0050323a2b1216eb0e9d2c0091ee91659a0503 8c6c7f84863db2932af068a41425b1532fa27df39688fdb0e016c336dfb74145
GET /bidder/cbs/filter.js HTTP/1.1
Host: cdn.galattic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 07 Dec 2022 09:55:39 GMT
Content-Type: application/javascript
Content-Length: 424
Connection: keep-alive
Last-Modified: Wed, 03 Aug 2022 11:33:13 GMT
ETag: "2be-5e55499294238-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Cacheable: YES
cache-control: max-age=900
X-UnsetCookies: TRUE
X-Varnish: 145773547 587140619
Via: 1.1 varnish (Varnish/5.2)
age: 0
X-Cache: HIT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| cdn.galattic.com/bidder/pm.v2.js | 95.110.203.212 | 200 OK | 5.1 kB |
URL HTTP/1.1cdn.galattic.com/bidder/pm.v2.js IP95.110.203.212:0
File typeASCII text, with very long lines (537) Hash7b1ee989885daae551165c112a58d3b3 baa841b1efd1d200195d210ba5384d0e3707ed45 f469628f6362b1dac4bd5b82394cceb85366ca1fe5346d2591ac21786d221bad
GET /bidder/pm.v2.js HTTP/1.1
Host: cdn.galattic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 07 Dec 2022 09:55:39 GMT
Content-Type: application/javascript
Content-Length: 5091
Connection: keep-alive
Last-Modified: Wed, 27 Jul 2022 12:40:52 GMT
ETag: "3642-5e4c8ba3332cf-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Cacheable: YES
cache-control: max-age=900
X-UnsetCookies: TRUE
X-Varnish: 151587886 482902296
Via: 1.1 varnish (Varnish/5.2)
age: 0
X-Cache: HIT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| www.helpwire.com/scripts/jquery.js | 54.230.111.93 | 200 OK | 734 B |
URL HTTP/2www.helpwire.com/scripts/jquery.js IP54.230.111.93:0
Hash8ffe2fe575d8d70031baae73f19cbaeb c5afaec856ef45509bd5e9fda32c72ca62cbaf6d 3704ddc18365094439dcd2fbb36cbefec4e69c0b81c3dd6331d886984f29cab6
GET /scripts/jquery.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 734
date: Wed, 07 Dec 2022 07:42:56 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: "8ffe2fe575d8d70031baae73f19cbaeb"
accept-ranges: bytes
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CbApUR4OymtktVPidTI3CC2_9hy9gx0i3FvilXKaa5LXahN6tN36fg==
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/scripts/google_head.js | 54.230.111.93 | 200 OK | 123 B |
URL HTTP/2www.helpwire.com/scripts/google_head.js IP54.230.111.93:0
Hashf8c8167390a88fb75b4faac761c487e5 ab257ec7e73a989a17553450985fcfd660be8e7a 1278654f4fa2f333df55a3f0ef92282fdfb657dd40b952e17c84f2372ef76727
GET /scripts/google_head.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 123
date: Wed, 07 Dec 2022 07:42:56 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: "f8c8167390a88fb75b4faac761c487e5"
accept-ranges: bytes
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 51V4t5m-JXedlPCjq2z6GYZWAw0JWLZiFyYpv4LSqxycpjDXLf4A_g==
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/scripts/google_rs_body.js | 54.230.111.93 | 200 OK | 28 kB |
URL HTTP/2www.helpwire.com/scripts/google_rs_body.js IP54.230.111.93:0
Hash517e0a68a2da5523d066b6847cd680db 8cf059228a361ef2ec277b7fc362ea3f4f060ee6 c129e1651b7d7df35f9193315dbb968024297333e6ad003e06b036d1cdf85c2d
GET /scripts/google_rs_body.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 07:42:56 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"8d537ab256654672dd15b33bb8ac6eac"
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XkkI4SvOEgZAxqpDboOfcGXFvypSm438WP74lprY5s6IdDzvaaq9uA==
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/image?url=%2Fassets%2Fhelpwire%2Flogo.png&w=96&q=75 | 54.230.111.93 | 200 OK | 1.5 kB |
URL HTTP/2www.helpwire.com/_next/image?url=%2Fassets%2Fhelpwire%2Flogo.png&w=96&q=75 IP54.230.111.93:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash496eacb1c842a860b2605faa05ae0140 fdc7453e70ea04ad9398e2ef803acf5f0dea7b18 f45991b0020bcbd31ffb521f726d70d73c34574dde21552dacd8fb0053a12890
GET /_next/image?url=%2Fassets%2Fhelpwire%2Flogo.png&w=96&q=75 HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 1502
server: CloudFront
date: Wed, 07 Dec 2022 07:42:56 GMT
cache-control: public, max-age=60
etag: "9FmRsAILy9Mf+1Ifcm1w1zw0V03eIVUtrNj7AFOhKJA="
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4hgbhr1FbTcEilhHAmTDHX0PgrLN2c39eizgk1U3CnToxM5WhzujjA==
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash9084a518c70ad57bb3226fb519b648fd 79348ebe6f5900a035d4d65e08a7409fd9708f15 f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash9084a518c70ad57bb3226fb519b648fd 79348ebe6f5900a035d4d65e08a7409fd9708f15 f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash81a7e0ed8b45460991a7d9b719423d48 fa4824b64d5484b955cecebbeea06710ced4fba5 2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.googletagservices.com/tag/js/gpt.js | 142.250.74.34 | 200 OK | 28 kB |
URL HTTP/2www.googletagservices.com/tag/js/gpt.js IP142.250.74.34:0
File typeASCII text, with very long lines (40252) Hash9f220d7f24304047ffe2176bb485bc01 f91c90d658491f94e73dfc9855c47b8fa877dff6 abfca8bf66c69e0e2136f9609c0ded21b387fdcef710b40618dee7ad4d070631
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27564
date: Wed, 07 Dec 2022 07:42:56 GMT
expires: Wed, 07 Dec 2022 07:42:56 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1414 / 328 of 1000 / last-modified: 1670367953"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/9063-1bec776d34b6942e.js | 54.230.111.93 | 200 OK | 3.5 kB |
URL HTTP/2www.helpwire.com/_next/static/chunks/9063-1bec776d34b6942e.js IP54.230.111.93:0
Hash05a1aabb4e7b61b80cd5cfe978ebfe77 fd9d27be4249ec40175fa806dad732d5174b9ca2 34c27f740a2a00228f538b644663c51f175132046465c19db9cf0c1e9410b10b
GET /_next/static/chunks/9063-1bec776d34b6942e.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"4e505b655b165ba96b14f7a6ad8d06f9"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5qZRiJGtbyRm2zr3PxYtDbj9L5ovMy0Ql5OgFeR5NaxJ1qDZyvTHYw==
age: 25122
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hashcd6dabd083ee1c237c8ea3ba38cc48d5 bbe4420bf1c0fe0d5621336865563418d2f16f39 c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/adsense/search/ads.js | 216.58.207.228 | 200 OK | 55 kB |
URL HTTP/2www.google.com/adsense/search/ads.js IP216.58.207.228:0
Hashc4ae411f5bf59f711d253ccbcaeba8aa fa1e6bd898e519793bee68e106005ea5dc7e2006 9d8417d69f8a8dd0ebe9744c47b1ad3edf820d44cc1551651a9d13c0f83348da
GET /adsense/search/ads.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Wed, 07 Dec 2022 07:42:56 GMT
expires: Wed, 07 Dec 2022 07:42:56 GMT
cache-control: private, max-age=3600
etag: "6213113356093713992"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hashaa0e64420f718aa4713e3f080b8d4099 927435ff8af66fa63c34aa0670ae80a997d59cd9 f8e0ab18de96e3d7aa4ed6a819740957b38c0c5d9571c8ccc23ba2dd4530fd42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashd44205a852cedc47da2373b3542f2ca0 884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82 f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3855
Cache-Control: max-age=108633
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:42:56 GMT
Etag: "638f3a4a-1d7"
Expires: Thu, 08 Dec 2022 13:53:29 GMT
Last-Modified: Tue, 06 Dec 2022 12:49:14 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hashaa0e64420f718aa4713e3f080b8d4099 927435ff8af66fa63c34aa0670ae80a997d59cd9 f8e0ab18de96e3d7aa4ed6a819740957b38c0c5d9571c8ccc23ba2dd4530fd42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.helpwire.com | 142.250.74.130 | 200 OK | 53 B |
URL HTTP/2securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.helpwire.com IP142.250.74.130:0
File typeJSON data\012- , ASCII text, with no line terminators Hashdc3a0ef5da57705b1fe3d54ad354c65b cc19b634ab794f0039560319bb7b0fc472999679 f54b1818340e775893dcedbb70603f2475bc2b869414b49b323d9271676bc2be
GET /pagead/ppub_config?ippd=www.helpwire.com HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.helpwire.com
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Wed, 07 Dec 2022 07:42:56 GMT
expires: Wed, 07 Dec 2022 07:42:56 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 53
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 07:57:56 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/scripts/fb.js?v=0 | 54.230.111.93 | 200 OK | 134 kB |
URL HTTP/2www.helpwire.com/scripts/fb.js?v=0 IP54.230.111.93:0
File typeASCII text, with very long lines (64337) Size134 kB (133793 bytes) Hash314764c90e75707784e6b5508071a7d0 ead65f436f92cacbddcf040fc9889bc9c1dd534d b46622e143daafa11042f480c8fd8d9153b49df47b5784879d27bf086252fe28
GET /scripts/fb.js?v=0 HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 07:42:57 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"e9075df74bdbf0956f03b84308a735d8"
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AsJcbQBbfs-nNxptxZGEcPb1JWWZOoXXPnicUywIk0ZCDlbCGAvUPA==
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/scripts/productAdsScroll.js | 54.230.111.93 | 200 OK | 670 B |
URL HTTP/2www.helpwire.com/scripts/productAdsScroll.js IP54.230.111.93:0
Hash53d05c701987257553c9c92c4d7396d8 78c2e756296a713826ecc1c6c98e761235ed5d1f 018da9921c8e21b8d2645ca0657817273f79ab65648777593dc5a97563001d0e
GET /scripts/productAdsScroll.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 07:42:57 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"315aa28ec31f4142831cef224bc0b74f"
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d569shbt-2xtU01RYe5ews37DooMrBxh-iLiFcQaqvybSm0FiBSM3Q==
X-Firefox-Spdy: h2
|
|
| connect.facebook.net/en_US/fbevents.js | 31.13.72.12 | 200 OK | 27 kB |
URL HTTP/2connect.facebook.net/en_US/fbevents.js IP31.13.72.12:0
File typeASCII text, with very long lines (64348) Hash44ecaa3c2a4929a40141edc4540aaf84 f29a573182333b2500d41bfc389d6c5232dfb348 6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: HM+UuCfS/2JUkzaXIJiFGdlAqOlCN/IAe06/uNEb+43JATQ4Lek+DniiyIsr7fWHGQ3dYmZoJauFz8mjY8riZg==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Wed, 07 Dec 2022 07:42:56 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashd44205a852cedc47da2373b3542f2ca0 884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82 f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3855
Cache-Control: max-age=108633
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:42:56 GMT
Etag: "638f3a4a-1d7"
Expires: Thu, 08 Dec 2022 13:53:29 GMT
Last-Modified: Tue, 06 Dec 2022 12:49:14 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
|
|
| partner.googleadservices.com/gampad/cookie.js?domain=www.helpwire.com&client=partner-helpwire-content-4&product=SAS&callback=__sasCookie | 216.58.207.226 | 200 OK | 180 B |
URL HTTP/2partner.googleadservices.com/gampad/cookie.js?domain=www.helpwire.com&client=partner-helpwire-content-4&product=SAS&callback=__sasCookie IP216.58.207.226:0
File typeASCII text, with no line terminators Hash2a2cb415c34fa0afec9d58c8137cdcde 5b60b3a555a74df2fd6d429ca57853ee424aba08 636fdbae876ab3e6c0db038c6f26cde412448aea38514384f866d3dde8f27cab
GET /gampad/cookie.js?domain=www.helpwire.com&client=partner-helpwire-content-4&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Dec 2022 07:42:56 GMT
server: cafe
cache-control: private
content-length: 180
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hashaa0e64420f718aa4713e3f080b8d4099 927435ff8af66fa63c34aa0670ae80a997d59cd9 f8e0ab18de96e3d7aa4ed6a819740957b38c0c5d9571c8ccc23ba2dd4530fd42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash3074a66f6d9b2e2af9b41ec0e2f4e2db 942e2c49b3848f11da966937f5914c62aed24bce 7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.googleapis.com/css?family=Roboto&display=swap | 142.250.74.106 | 200 OK | 996 B |
URL HTTP/2fonts.googleapis.com/css?family=Roboto&display=swap IP142.250.74.106:0
Hash054bfc1314b122230b16065e5e61e912 7da292006a6d43891f72b15e7f0a3a6265fe8102 976ae9ff1cb77e73523008509340add94af4a24e5747bac7f0b34139baa38208
GET /css?family=Roboto&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 07:42:56 GMT
date: Wed, 07 Dec 2022 07:42:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash9e83e23c9303fc167d2b23bceba4f304 cc712e67770a00bcc9901a6881f5b1cd343cf054 16378fd60ce4fb8ead3bbc313e6ae0166f68d532d40c586f8c71cb6cd1a91f50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash9e83e23c9303fc167d2b23bceba4f304 cc712e67770a00bcc9901a6881f5b1cd343cf054 16378fd60ce4fb8ead3bbc313e6ae0166f68d532d40c586f8c71cb6cd1a91f50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff | 216.58.207.225 | 200 OK | 174 B |
URL HTTP/2afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff IP216.58.207.225:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Hash4de8b85c8915995b571bde50e231be7c 29c226ca7b9cbe1d44e5480ce95bbb42727b2d99 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 03:03:04 GMT
expires: Thu, 08 Dec 2022 02:03:04 GMT
cache-control: public, max-age=82800
age: 16792
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23fce8b2 | 216.58.207.225 | 200 OK | 273 B |
URL HTTP/2afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23fce8b2 IP216.58.207.225:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390) Hashe3279c6d5fa9ce038a2f9035f7131494 67f33a60f04ceb99b1dcf3958eeff5c726531a8d 2145830c0b63bffb4b0417cb9ac3974e42c1e30621f5d728149b3437aa28e7c0
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23fce8b2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 273
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 22:34:13 GMT
expires: Wed, 07 Dec 2022 21:34:13 GMT
cache-control: public, max-age=82800
age: 32923
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash9e83e23c9303fc167d2b23bceba4f304 cc712e67770a00bcc9901a6881f5b1cd343cf054 16378fd60ce4fb8ead3bbc313e6ae0166f68d532d40c586f8c71cb6cd1a91f50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hashec6ece82a7cb8faa3ba171efae3a9eda 7ee75fba9a9d1078960f7834d71961c38f514b82 301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.35 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 562142
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/assets/helpwire/favicon.ico | 54.230.111.93 | 200 OK | 18 kB |
URL HTTP/2www.helpwire.com/assets/helpwire/favicon.ico IP54.230.111.93:0
File typeMS Windows icon resource - 4 icons, 16x16, 8 bits/pixel, 24x24, 32 bits/pixel\012- data Hash8c88e3b6919c49409bd9744ee68c5511 70c07b82f79743ca83711009dc42985580b078fe e676a7382a18b26fe268599dbd08bfd5380eafd20042f544b25d00df10a35f09
GET /assets/helpwire/favicon.ico HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 17798
date: Wed, 07 Dec 2022 07:42:57 GMT
last-modified: Wed, 07 Dec 2022 00:38:34 GMT
etag: "8c88e3b6919c49409bd9744ee68c5511"
cache-control: public, max-age=31536000, must-revalidate
accept-ranges: bytes
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bnNNUJsh7Ah5nqAF4k_siVC1gP7tcr-2Jy5LbhMyy3DdAS-3Kn0JTg==
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 86 kB |
IP216.58.211.3:0
File typegzip compressed data, from Unix\012- data Hash160f7abeebb3dd7dd10cc516d892a212 9dda0940c98be94a5fef9d80c66e9bbd256e4ee1 4438a74afb7e7e32fd03db968bc651d4f811f6578273403ad14fd3e3813dc3c4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:42:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.facebook.com/tr/?id=1741246512876651&ev=PageView&dl=https%3A%2F%2Fwww.helpwire.com%2Farticles%2Feasy-home-improvement%3Fq%3DVeeam%2520Ransomware%2520Protection%26src%3Dmg%26gch%3DT0000012%26visitor_id%3D624261141501321669%26target_id%3D3647676%26campaign_id%3D6397242%26link_key%3D044b19c4909988c1a51b958aa7e2bfdd&rl=&if=false&ts=1670398976712&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670398976712.793302210&it=1670398976533&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET | 31.13.72.36 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/tr/?id=1741246512876651&ev=PageView&dl=https%3A%2F%2Fwww.helpwire.com%2Farticles%2Feasy-home-improvement%3Fq%3DVeeam%2520Ransomware%2520Protection%26src%3Dmg%26gch%3DT0000012%26visitor_id%3D624261141501321669%26target_id%3D3647676%26campaign_id%3D6397242%26link_key%3D044b19c4909988c1a51b958aa7e2bfdd&rl=&if=false&ts=1670398976712&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670398976712.793302210&it=1670398976533&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET IP31.13.72.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1741246512876651&ev=PageView&dl=https%3A%2F%2Fwww.helpwire.com%2Farticles%2Feasy-home-improvement%3Fq%3DVeeam%2520Ransomware%2520Protection%26src%3Dmg%26gch%3DT0000012%26visitor_id%3D624261141501321669%26target_id%3D3647676%26campaign_id%3D6397242%26link_key%3D044b19c4909988c1a51b958aa7e2bfdd&rl=&if=false&ts=1670398976712&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670398976712.793302210&it=1670398976533&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 07 Dec 2022 07:42:57 GMT
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashb746371785ba1bc6cb2cc00c52bde896 20009dbca55e8dcce2a4d2ac36111204c70d53cb 996b87c3a6dcd333df24be291f9e2b7b5631fbc3f0809f04c47cd76043a466f2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2374
Cache-Control: max-age=104270
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:42:57 GMT
Etag: "638f2f09-117"
Expires: Thu, 08 Dec 2022 12:40:47 GMT
Last-Modified: Tue, 06 Dec 2022 12:01:13 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
|
|
| cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js | 104.16.149.64 | 200 OK | 81 kB |
URL HTTP/2cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js IP104.16.149.64:0
File typeASCII text, with very long lines (65455) Hashaf27d9858b2a2e2b0912706c3aa815b1 10c1fa093e80cbcb3ba39b8e54e934b37cb3aa57 a736527d6f80163a1b0ec8f7f8a2902c7005b4ec61fce5295d9612df48a72d06
GET /scripttemplates/6.32.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:42:57 GMT
content-type: application/javascript
content-length: 81095
content-encoding: gzip
content-md5: ryfZhYsqLisJEnBsOqgVsQ==
last-modified: Fri, 18 Mar 2022 16:29:23 GMT
etag: 0x8DA08FC76466F7A
x-ms-request-id: 4e03c84a-e01e-0031-75f4-3a8331000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 21171
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775ba0a6ea1cb50b-OSL
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/consent/87c26e94-acc3-41b3-85ed-3c9e1e798677/db9a8bfb-f407-4613-87a1-5679f28a722a/en.json | 104.16.149.64 | 200 OK | 13 kB |
URL HTTP/2cdn.cookielaw.org/consent/87c26e94-acc3-41b3-85ed-3c9e1e798677/db9a8bfb-f407-4613-87a1-5679f28a722a/en.json IP104.16.149.64:0
File typeJSON data\012- , Unicode text, UTF-8 text, with very long lines (50338), with no line terminators Hashfa3718df3afd6e77692e4439dafd9f43 7948e94914845712bfcde422358430aa7f802b2f 773000749ff033354710f616a152ee9c13cc6004e08dcd883fc114815716d675
GET /consent/87c26e94-acc3-41b3-85ed-3c9e1e798677/db9a8bfb-f407-4613-87a1-5679f28a722a/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.helpwire.com/
Origin: https://www.helpwire.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:42:57 GMT
content-type: application/x-javascript
content-length: 13391
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: +jcY3zr9bndpLkQ52v2fQw==
last-modified: Tue, 27 Sep 2022 17:18:58 GMT
etag: 0x8DAA0AC5CF2AD31
x-ms-request-id: ceb7e151-301e-00ff-4795-d2e57e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 7656
expires: Thu, 08 Dec 2022 07:42:57 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775ba0a76df9b51d-OSL
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/scripttemplates/6.32.0/assets/otFloatingRoundedCorner.json | 104.16.149.64 | 200 OK | 2.6 kB |
URL HTTP/2cdn.cookielaw.org/scripttemplates/6.32.0/assets/otFloatingRoundedCorner.json IP104.16.149.64:0
File typeJSON data\012- , ASCII text, with very long lines (7860) Hashb287063f84278e7a19dd038cdf2ed9b6 ad982f153b4e3fab6f0a33714d7ba60fc963c5f0 aafb5e4fd2ee23d7b06bbdbd0be1c00ca7f804fb29e9171f2a97995e3644bb36
GET /scripttemplates/6.32.0/assets/otFloatingRoundedCorner.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.helpwire.com/
Origin: https://www.helpwire.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:42:57 GMT
content-type: application/json
content-length: 2565
content-encoding: gzip
content-md5: socGP4QnjnoZ3QOM3y7Ztg==
last-modified: Fri, 18 Mar 2022 16:29:16 GMT
etag: 0x8DA08FC71DCDA25
x-ms-request-id: aab9ca01-701e-00da-19b4-567dcd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 2651
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775ba0a78e29b51d-OSL
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/pages/articles/%5Bslug%5D-8d887ec3c4fe42a8.js | 54.230.111.93 | 200 OK | 13 kB |
URL HTTP/2www.helpwire.com/_next/static/chunks/pages/articles/%5Bslug%5D-8d887ec3c4fe42a8.js IP54.230.111.93:0
File typeASCII text, with very long lines (36232) Hash16409e32d67ca833c181aedcc8fc8b95 86c182d564bcba7f5fb423e1fd12b7dcc8acf48c 8ae4951e9fa6f8ff832f6e7d6b8159b78959508d695bdc362f5727ffcd157525
GET /_next/static/chunks/pages/articles/%5Bslug%5D-8d887ec3c4fe42a8.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"e15eeefc27e2f5e37f3cbb8759623c5b"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ppKrBnKqam4wCB6viN83a2CMiXo5kINzi7j1-0RbJF5yEBu_NvXd7A==
age: 25122
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashe212a52bff44776e39a0d58077799be4 248f12fb3e0421e97d05f5f0d9475f7fbc8e06c7 8231e2fdacf43a377bf9c619a52ef742f447081ca03a043bf4bf9ca12403f85f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6483
Cache-Control: max-age=148689
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:43:00 GMT
Etag: "638fcc83-118"
Expires: Fri, 09 Dec 2022 01:01:09 GMT
Last-Modified: Tue, 06 Dec 2022 23:13:07 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
|
|
| cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg | 104.16.149.64 | 200 OK | 0 B |
URL HTTP/2cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg IP104.16.149.64:0
GET /logos/static/poweredBy_ot_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:42:57 GMT
content-type: image/svg+xml
content-md5: LpuayL42jB78xRllx0vkOw==
last-modified: Tue, 06 Dec 2022 07:45:20 GMT
x-ms-request-id: 89c12fbb-201e-0101-31d9-099f4e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 21201
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775ba0a7fb77b50b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/main-b9cb64723e338c4c.js | 54.230.111.93 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/_next/static/chunks/main-b9cb64723e338c4c.js IP54.230.111.93:0
GET /_next/static/chunks/main-b9cb64723e338c4c.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"2fb1f137ee1b94f6d707d0e5bb718d68"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9JDx2GhjWjYjQySKgvcyCZqMsGdgn_X6VABNneyXl_7HzkSXlIvkUw==
age: 25122
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/2121-4fe4ce6739beb5e7.js | 54.230.111.93 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/_next/static/chunks/2121-4fe4ce6739beb5e7.js IP54.230.111.93:0
GET /_next/static/chunks/2121-4fe4ce6739beb5e7.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"df06edd9f2d58887377191e1def2d748"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ldQmg0vPYzDPUSZEQBI_FfYaI05J3i0ej8AZOZt5BAa7FB9BSLpGqA==
age: 25122
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/AwjeBsmdDVNGYeOtHruZM/_buildManifest.js | 54.230.111.93 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/_next/static/AwjeBsmdDVNGYeOtHruZM/_buildManifest.js IP54.230.111.93:0
GET /_next/static/AwjeBsmdDVNGYeOtHruZM/_buildManifest.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"58ae92e18213cfd5cd715261c7a63634"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NgOcukqXJc-SLciCbMAKaGLcmYt2lhVz9J4qGySXJJ0DzMwohSgVtw==
age: 25122
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd | 54.230.111.93 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd IP54.230.111.93:0
GET /articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
server: CloudFront
date: Wed, 07 Dec 2022 07:42:55 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: public, max-age=600, s-maxage=1200, stale-while-revalidate=60
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP 8.1.2
set-cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}; path=/; secure; httponly
etag: W/"zzpuq16x60xf0"
content-encoding: gzip
vary: Accept-Encoding
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1hecoj4ACe3eTbrI_oCJGfZ8YKI3y_Ek9nsGxwYZpa2u6GMELrXtsA==
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/webpack-6bf17bd08c9c0c1f.js | 54.230.111.93 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/_next/static/chunks/webpack-6bf17bd08c9c0c1f.js IP54.230.111.93:0
GET /_next/static/chunks/webpack-6bf17bd08c9c0c1f.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"6352db52f27a8ed05afa440d06cfbe9e"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TvP_c5EfEv8cJETtcR-xmGuTy9irm7I4SKPzAtzOg3o4e2dhIEHqlA==
age: 25122
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/framework-a661be0ab3977016.js | 54.230.111.93 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/_next/static/chunks/framework-a661be0ab3977016.js IP54.230.111.93:0
GET /_next/static/chunks/framework-a661be0ab3977016.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"42969190930a47add78d0553ad3decd6"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ttPunI1sYZxrHsyQ8Vwm4SVjaup1ezbe5OTmyrAdZX01q-OHQIId5g==
age: 25122
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/pages/_app-ae91de5da9f4357b.js | 54.230.111.93 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/_next/static/chunks/pages/_app-ae91de5da9f4357b.js IP54.230.111.93:0
GET /_next/static/chunks/pages/_app-ae91de5da9f4357b.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"63a86bcb0a35020870cc81256fbc1581"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dwQ9Ast4jNILiIIzkW5bba-xhN30pfg0uGEFwXlGxUnIiwKYQ417Pg==
age: 25122
X-Firefox-Spdy: h2
|
|
| geolocation.onetrust.com/cookieconsentpub/v1/geo/location | 104.18.27.85 | 200 OK | 0 B |
URL HTTP/2geolocation.onetrust.com/cookieconsentpub/v1/geo/location IP104.18.27.85:0
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.helpwire.com
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:42:57 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775ba0a6b99bb4f4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/scripttemplates/6.32.0/assets/otCommonStyles.css | 104.16.149.64 | 200 OK | 0 B |
URL HTTP/2cdn.cookielaw.org/scripttemplates/6.32.0/assets/otCommonStyles.css IP104.16.149.64:0
GET /scripttemplates/6.32.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.helpwire.com/
Origin: https://www.helpwire.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:42:57 GMT
content-type: text/css
content-md5: SHFDtZO2nDZuiPDW83p1IQ==
last-modified: Fri, 18 Mar 2022 16:29:27 GMT
x-ms-request-id: 27c0e757-101e-00a7-5d44-66e105000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 2651
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775ba0a79e2eb51d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} | 188.114.97.1 | 200 OK | 0 B |
URL HTTP/2respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP188.114.97.1:0
GET /smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} HTTP/1.1
Host: respectphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:42:52 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 05 May 2022 04:35:59 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEhgQY%2FV8%2FR6WrGkJ6c6ybDSMY6sL3zikqibYUmnQZIQFbzT3lmwelK49Mf5bKIQ3atzY15H256GVeCbbmMtlFZI0hUGqxyZGCPGepMq2mrDYPdj6ldEEEfl2AeP6ZSBBszL7p04W7YXflo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775ba085593fb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| track.profitableredirect.com/redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1670398973303&hash=aRCcCJyQ2ztxXlte2zXYyXn7VYRiQgSd53WZP3GT6jw&rm=D |  18.192.108.151 | 200 OK | 0 B |
URL HTTP/2track.profitableredirect.com/redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1670398973303&hash=aRCcCJyQ2ztxXlte2zXYyXn7VYRiQgSd53WZP3GT6jw&rm=D IP18.192.108.151:0
GET /redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1670398973303&hash=aRCcCJyQ2ztxXlte2zXYyXn7VYRiQgSd53WZP3GT6jw&rm=D HTTP/1.1
Host: track.profitableredirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: e69b0e43-f199-496b-87cc-2daa322bb681-v4=E1xQBSu3KM7VjtBsVdfFfYKA67Glt68F12cHRib7GDU; cc-v4=zrH2QyTqgzLqbn1mfYxa9kFQjt%2FNNmeeNueZpuCNj9kPUB%2B0n4MoJ2yA%2F3fLjREowmkFK%2B4XVCLdF3BlBwFx8pg9kaQRYFtTpn2o711YoM7FLwlRxbYfTmlYEqXSsuVALzirdv%2FQqIrSjKs2H7vGVw%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:42:53 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
|
|
| ouhastay.net/afu.php?zoneid=3647676 | 139.45.197.239 | 200 OK | 0 B |
URL HTTP/2ouhastay.net/afu.php?zoneid=3647676 IP139.45.197.239:0
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /afu.php?zoneid=3647676 HTTP/1.1
Host: ouhastay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:42:53 GMT
content-type: text/html; charset=utf8
x-trace-id: a5d42d14862f65da1f6de75db6d1495f
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=b4274568db4a42fb9a56e9d6e0890c4e; expires=Thu, 07 Dec 2023 07:42:53 GMT; path=/; secure; SameSite=None
oaidts=1670398973; expires=Thu, 07 Dec 2023 07:42:53 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| revpu.sh/redir?page=aHR0cHM6Ly93d3cuaGVscHdpcmUuY29tL2FydGljbGVzL2Vhc3ktaG9tZS1pbXByb3ZlbWVudD9xPVZlZWFtK1JhbnNvbXdhcmUrUHJvdGVjdGlvbiZzcmM9bWcmZ2NoPVQwMDAwMDEyJnZpc2l0b3JfaWQ9JTI0JTdCU1VCSUQlN0QmdGFyZ2V0X2lkPSU3QnpvbmVpZCU3RCZjYW1wYWlnbl9pZD0lN0JjYW1wYWlnbmlkJTdEJmxpbmtfa2V5PTA0NGIxOWM0OTA5OTg4YzFhNTFiOTU4YWE3ZTJiZmRk&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd&rdk=rk3 | 139.162.186.41 | 302 Found | 0 B |
URL HTTP/2revpu.sh/redir?page=aHR0cHM6Ly93d3cuaGVscHdpcmUuY29tL2FydGljbGVzL2Vhc3ktaG9tZS1pbXByb3ZlbWVudD9xPVZlZWFtK1JhbnNvbXdhcmUrUHJvdGVjdGlvbiZzcmM9bWcmZ2NoPVQwMDAwMDEyJnZpc2l0b3JfaWQ9JTI0JTdCU1VCSUQlN0QmdGFyZ2V0X2lkPSU3QnpvbmVpZCU3RCZjYW1wYWlnbl9pZD0lN0JjYW1wYWlnbmlkJTdEJmxpbmtfa2V5PTA0NGIxOWM0OTA5OTg4YzFhNTFiOTU4YWE3ZTJiZmRk&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd&rdk=rk3 IP139.162.186.41:0
GET /redir?page=aHR0cHM6Ly93d3cuaGVscHdpcmUuY29tL2FydGljbGVzL2Vhc3ktaG9tZS1pbXByb3ZlbWVudD9xPVZlZWFtK1JhbnNvbXdhcmUrUHJvdGVjdGlvbiZzcmM9bWcmZ2NoPVQwMDAwMDEyJnZpc2l0b3JfaWQ9JTI0JTdCU1VCSUQlN0QmdGFyZ2V0X2lkPSU3QnpvbmVpZCU3RCZjYW1wYWlnbl9pZD0lN0JjYW1wYWlnbmlkJTdEJmxpbmtfa2V5PTA0NGIxOWM0OTA5OTg4YzFhNTFiOTU4YWE3ZTJiZmRk&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd&rdk=rk3 HTTP/1.1
Host: revpu.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
content-type: text/html; charset=UTF-8
location: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
cache-control: no-cache, private
date: Wed, 07 Dec 2022 07:42:50 GMT
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/css/8f57e9c85b5d5070.css | 54.230.111.93 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/_next/static/css/8f57e9c85b5d5070.css IP54.230.111.93:0
GET /_next/static/css/8f57e9c85b5d5070.css HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Wed, 07 Dec 2022 00:44:12 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"dcb484010de231dc283a4396d33734d0"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pbVhFpJGWihSKpy_2-VbnLVrQChNDlL73JgBLK3COMZAYk4Klt110w==
age: 25124
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/2489-8969c03bb192615f.js | 54.230.111.93 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/_next/static/chunks/2489-8969c03bb192615f.js IP54.230.111.93:0
GET /_next/static/chunks/2489-8969c03bb192615f.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:13 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"91e4cc118694d429f40b290fabc6c486"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yIpplxFm2q2L7TglWRloFWSvOkLF7LpjgiwFkpiazoWff3e1SW7NvA==
age: 25123
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/scripts/google_body.js | 54.230.111.93 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/scripts/google_body.js IP54.230.111.93:0
GET /scripts/google_body.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624261141501321669&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"2ae3f64b-944a-4e6a-bc87-5aa341250e0e","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 07:42:56 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"bc241cfddb77e291a3781f1946b1796e"
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QqWxhy6qLYKlc-fwrNn4n7JNC6C95-XYX0nQCnXGj2r6uxpqbSv8Tw==
X-Firefox-Spdy: h2
|
|