| exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} | 104.21.6.184 | 301 Moved Permanently | 0 B |
URL HTTP/1.1exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP104.21.6.184:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} HTTP/1.1
Host: exceptionalphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Dec 2022 07:49:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 07 Dec 2022 08:49:53 GMT
Location: https://exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BvsPeKuVNo8hwZTbDbtD80ZzYhDzt0nYiJwEDKUjDo8pV8WaNOogL%2BxmAFDa1AfTx2V9PBPk57GSwJ2%2BN9BMfTPssFKpnbzbseWYIV8Fdxs%2F4SCu9FfCHqsjpg2ifUslI2EDogizLEosbj%2F3w1c"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775baad20d5ab51b-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash5ceaca9fd4ad000cb435820812fc69c8 8168397aaf7b572c89a9c83f46c0b65e4ac509f2 9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6302
Expires: Wed, 07 Dec 2022 09:34:55 GMT
Date: Wed, 07 Dec 2022 07:49:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hasha0abf10fb7e96c1c98dacf2f013a68b4 acdd839bce85eadc78a8e821e32e00a958d5c0c8 b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4212
Expires: Wed, 07 Dec 2022 09:00:05 GMT
Date: Wed, 07 Dec 2022 07:49:53 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashf83c5e33ba42e312ee398848bbb711f5 caa1fd23b1fbbe883292ded04404c1cfd861eb09 106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3470
Cache-Control: max-age=99555
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:49:53 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 11:29:08 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash53341dea33f4f3d9b4966f80589f429a 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ec0G7QHfUKCsWLZd/zZCGRWIW3hvGood4Jv7rEezLNG4spDI4kjrdARa+wYWl+7Ul27eUSHmEpE=
x-amz-request-id: 6FCAANFEA29Z9W96
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 07:49:17 GMT
age: 36
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 07:18:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1868
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:49:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 07:08:58 GMT
cache-control: public,max-age=3600
age: 2456
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 1.2 kB |
IP93.184.220.29:0
Hash137ad938a0cca7ffab080758c3c34d47 84263e6e20eb526a3e7fd78e3cb18bc0c6cef3ba fe1f8bc1d6fed78aba655016085bc3ed88a78e699fe168ca2e303f3e6e33ac40
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3451
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:49:54 GMT
Last-Modified: Wed, 07 Dec 2022 06:52:23 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 647 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash95be800cb041945de2fb09e5c0958f0f 3838ddd6e5ef9f34ba7176f9c2379a6605e63fe1 a9ff79ed21b2c0fdc6a2f7e0863e54e7b8c8a28d81760d4e4f86fd584c03398f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF2E0268A5ED0CA7D64DFC1BAA3D56D55F4062E4D84972BC9423FE56DF585673"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17436
Expires: Wed, 07 Dec 2022 12:40:30 GMT
Date: Wed, 07 Dec 2022 07:49:54 GMT
Connection: keep-alive
|
|
| my.rtmark.net/p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8 | 139.45.195.8 | 200 OK | 697 B |
URL HTTP/2my.rtmark.net/p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8 IP139.45.195.8:0
Hash7e1da03b7d5254f7b1d93874c8f85ce4 c1ff6bec84dd9b2bf2bbcd11bb8791444f04b2d7 ff9366f794284e39381efd6b8ae4b6273469134c741ca7c3d6a1e1248e1a98d4
GET /p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:49:54 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 52.38.146.2 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.38.146.2:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: F0Lo4/2FJTAofCretmECZw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tNw5qT9f4AzFpOgDJwGhBVhqxNA=
|
|
| analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq | 95.101.10.113 | 200 OK | 1.3 kB |
URL HTTP/2analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq IP95.101.10.113:0 ASN#20940 Akamai International B.V.
File typeASCII text, with very long lines (2667) Hasha1ce0a74a986f7859764f75499c0ef97 ed98c5c6994150c3d55ee87dbdbefb7a528d6653 8773a184055c123eea5ccd1ccfa4a0c7b23ac38c004b620bb859996b056e8919
GET /i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221207074955DCAD5D10DE558B2AB237
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00b80b18155882b6fb985d8d9235c23655c1a4cb9b42b7f371e88f9eb10884f70bb2ff14d49d14860658f155ecc60ecdf4be7ebc5f019558474ca4062a53f26051d
content-encoding: gzip
content-length: 1316
x-origin-response-time: 12,23.48.215.79
x-akamai-request-id: 19e0e09c.6e24f4c0
expires: Wed, 07 Dec 2022 07:49:55 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 07 Dec 2022 07:49:55 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
set-cookie: _ttp=2IZqLK7vqeod3UNxhdo2tcJ1PMj; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-48-215-79.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=12, inner; dur=4
x-parent-response-time: 109,95.101.10.109
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashbd4300598772fa9d894af55b7c54c16a bf7e8a794e1cc52b330a894e9ed1d2c9fed0610f 93e073621f35c8cb3cfa5bbcedc2d99912f0a5114023333589f95c542e0df32c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "93E073621F35C8CB3CFA5BBCEDC2D99912F0A5114023333589F95C542E0DF32C"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10993
Expires: Wed, 07 Dec 2022 10:53:08 GMT
Date: Wed, 07 Dec 2022 07:49:55 GMT
Connection: keep-alive
|
|
| analytics.tiktok.com/i18n/pixel/static/main.MTk2NTc4NGU0MA.js | 95.101.10.113 | 200 OK | 67 kB |
URL HTTP/2analytics.tiktok.com/i18n/pixel/static/main.MTk2NTc4NGU0MA.js IP95.101.10.113:0 ASN#20940 Akamai International B.V.
File typeASCII text, with very long lines (21716) Hasha2ced8005c34dd0d76dda9f21d01afa5 d83e5c8cba4d9efdd3fb83c01cd8599ddf21b801 74b397f8b46b9f6747a4e2f3e817c883f466d33058c172759d2917635571c2e1
GET /i18n/pixel/static/main.MTk2NTc4NGU0MA.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Cookie: _ttp=2IZqLK7vqeod3UNxhdo2tcJ1PMj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20221206132732D0ECA0A6AEF9623F8A54
x-tt-trace-host: 014eb13aa4362f9dd2f6acd202ee4586f6cc2be1abb956fa86aa4dc7822d91eb681878c834a0bf3905d20952f57059d5498ad6745f86edb4261ab730e3788891ad407d101788fa5b87526d8c1d0913d567
content-encoding: gzip
content-length: 66584
date: Wed, 07 Dec 2022 07:49:55 GMT
x-cache: TCP_HIT from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
x-akamai-request-id: 6e24f544
X-Firefox-Spdy: h2
|
|
| overalltrack.com/api/v3.0/clickapi/img?aid=1&clickId={clickid} | 167.99.158.7 | 200 OK | 43 B |
URL HTTP/1.1overalltrack.com/api/v3.0/clickapi/img?aid=1&clickId={clickid} IP167.99.158.7:0 ASN#14061 DIGITALOCEAN-ASN
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /api/v3.0/clickapi/img?aid=1&clickId={clickid} HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 07 Dec 2022 07:49:55 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Set-Cookie: currentClickid=%7B%221%22%3A%22%7Bclickid%7D%22%7D; Max-Age=31536000; Path=/; Expires=Thu, 07 Dec 2023 07:49:55 GMT; Secure; SameSite=None
|
|
| analytics.tiktok.com/i18n/pixel/static/identify_7373d.js | 95.101.10.113 | 200 OK | 31 kB |
URL HTTP/2analytics.tiktok.com/i18n/pixel/static/identify_7373d.js IP95.101.10.113:0 ASN#20940 Akamai International B.V.
File typeASCII text, with very long lines (65536), with no line terminators Hashf903a41e043452e3ec96297bb8fe30de 21a750289fa7266253ab7b3b1a18b55bd0e0b857 eebc96ed4144fe30c60fdbdaefe2ed2e4f09db990c29cebec4412bb804283eec
GET /i18n/pixel/static/identify_7373d.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Cookie: _ttp=2IZqLK7vqeod3UNxhdo2tcJ1PMj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20221206132733A80B192CBC121C37E2D2
x-tt-trace-host: 014eb13aa4362f9dd2f6acd202ee4586f6cc2be1abb956fa86aa4dc7822d91eb6848eeec7666bf4bef48999ff53f693e32b35e570af7dbe6b8b28dc46e6340109e0f677d0ab0ff303ca92131a82741ece8
content-encoding: gzip
content-length: 30608
date: Wed, 07 Dec 2022 07:49:55 GMT
x-cache: TCP_MEM_HIT from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 6e24f654
X-Firefox-Spdy: h2
|
|
| analytics.tiktok.com/api/v2/pixel | 95.101.10.113 | 200 OK | 0 B |
URL HTTP/2analytics.tiktok.com/api/v2/pixel IP95.101.10.113:0 ASN#20940 Akamai International B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 927
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Cookie: _ttp=2IZqLK7vqeod3UNxhdo2tcJ1PMj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221207074955A1B348FF17F7582AA48F
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb67140549ad4eaaab92cb7363406bdeb017e8ff6d7518c5d3302fe64167f3658ca776989c64bd91a34c55616f444d845d3774f3586881c60e8ec46fd64af5563a2
expires: Wed, 07 Dec 2022 07:49:55 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 07 Dec 2022 07:49:55 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=14, cdn-cache; desc=MISS, edge; dur=6, origin; dur=105
x-origin-response-time: 106,95.101.10.109
x-akamai-request-id: 6e24f65f
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.110 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.110:0
Hash32d732e9c53c3a07c5c7d49b6a934887 d5fca9123b20f2b339ad82102e34312b7e351df6 e60522d2e6c9294ace4bfada709342ea11d1affe396f68193cabdc73296ddb64
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=134346
Date: Wed, 07 Dec 2022 07:49:55 GMT
Etag: "638f9e2c-1d7"
Expires: Thu, 08 Dec 2022 21:09:01 GMT
Last-Modified: Tue, 06 Dec 2022 19:55:24 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1C6_gyvhbjvIbVwfCqw0k79nEGJng97cKvxVF8DIwRM7Nz4AutT6Pw==
Age: 4417
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.110 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.110:0
Hash32d732e9c53c3a07c5c7d49b6a934887 d5fca9123b20f2b339ad82102e34312b7e351df6 e60522d2e6c9294ace4bfada709342ea11d1affe396f68193cabdc73296ddb64
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=135823
Date: Wed, 07 Dec 2022 07:49:55 GMT
Etag: "638f9e2c-1d7"
Expires: Thu, 08 Dec 2022 21:33:38 GMT
Last-Modified: Tue, 06 Dec 2022 19:55:24 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hqv-O6qcvnol-ULyUSj_Jn_fLgDxKOuOAOWHdHHYS98bFDD8_t-cSA==
Age: 5895
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash1c47e3be286fd3a993bd3ec79c1eb2ea b1e02e8079fc11a3e70d5f82ab03505697ef1274 811bd43886ffa0a9c9acc2fce1cd0f47a950331e8592c52c742a7796b3129449
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "811BD43886FFA0A9C9ACC2FCE1CD0F47A950331E8592C52C742A7796B3129449"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10944
Expires: Wed, 07 Dec 2022 10:52:19 GMT
Date: Wed, 07 Dec 2022 07:49:55 GMT
Connection: keep-alive
|
|
| app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64 | 54.208.186.182 | 200 OK | 0 B |
URL HTTP/1.1app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64 IP54.208.186.182:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /device_by_model?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://exceptionalphonesecurity.xyz/
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Server: gunicorn
Date: Wed, 07 Dec 2022 07:49:55 GMT
Content-Type: text/html; charset=utf-8
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashb8e4e5983e4e94c51da3faafa3906d6b 886c03cde4cfd5aded4e4bb84c83055795dbfdf8 9a58ddd5a43c81d671bde49f7ee80266995c54c106979ba00d8c3cd943286b8b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A58DDD5A43C81D671BDE49F7EE80266995C54C106979BA00D8C3CD943286B8B"
Last-Modified: Tue, 06 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21567
Expires: Wed, 07 Dec 2022 13:49:22 GMT
Date: Wed, 07 Dec 2022 07:49:55 GMT
Connection: keep-alive
|
|
| app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64 | 54.208.186.182 | 301 Moved Permanently | 0 B |
URL HTTP/1.1app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64 IP54.208.186.182:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /device_by_model?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Basic bGFuZDptb2RlbGJyYW5k
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Server: gunicorn
Date: Wed, 07 Dec 2022 07:49:55 GMT
Content-Type: text/html; charset=utf-8
Location: /device_by_model/?model=x64
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Vary: Origin
Access-Control-Allow-Origin: *
Content-Length: 0
Via: 1.1 vegur
|
|
| my.rtmark.net/img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Fexceptionalphonesecurity.xyz%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_push_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23 | 139.45.195.8 | 200 OK | 43 B |
URL HTTP/2my.rtmark.net/img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Fexceptionalphonesecurity.xyz%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_push_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23 IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Fexceptionalphonesecurity.xyz%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_push_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:49:55 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=087cc97d124d4b5c83613dfa96c17fda; expires=Thu, 07 Dec 2023 07:49:55 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 | 167.99.158.7 | 200 OK | 8 B |
URL HTTP/1.1overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 IP167.99.158.7:0 ASN#14061 DIGITALOCEAN-ASN
File typeASCII text, with no line terminators Hashf30c3a40e9a3e65c868c754a5de95919 65101ff283414b70636ff494d866190a66ed9978 875befe7cefc0715a17dc737f9514dda981f79a3c9f174badcae5bd1cc2425fe
OPTIONS /api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://exceptionalphonesecurity.xyz/
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 07 Dec 2022 07:49:55 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Allow: GET,HEAD
|
|
| app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64 | 54.208.186.182 | 200 OK | 0 B |
URL HTTP/1.1app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64 IP54.208.186.182:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /device_by_model/?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Server: gunicorn
Date: Wed, 07 Dec 2022 07:49:55 GMT
Content-Type: text/html; charset=utf-8
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur
|
|
| overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 | 167.99.158.7 | 200 OK | 126 B |
URL HTTP/1.1overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 IP167.99.158.7:0 ASN#14061 DIGITALOCEAN-ASN
File typeJSON data\012- , ASCII text, with no line terminators Hashc8f85db18fe8f89306f6c0819c67036d 7b5c44e4a9fd70e664aa4fe54fc0bd7bb3963a31 a71ab24977d03d440189548647bee7fdbdf0d6dee44478d1f6b44f17699a75ee
GET /api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 07 Dec 2022 07:49:55 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 126
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
|
|
| app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64 | 54.208.186.182 | 404 Not Found | 86 B |
URL HTTP/1.1app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64 IP54.208.186.182:0
File typeJSON data\012- , Unicode text, UTF-8 text, with no line terminators Hash024c203b02c3d88f5e07d125220aa18a 4450bc452d44c05834e068f5341745b2e81ebbe3 a7360add54a81883d7f3e724d07de917a7fcd5cc190db96b7de642d34ceb2787
GET /device_by_model/?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exceptionalphonesecurity.xyz
Authorization: Basic bGFuZDptb2RlbGJyYW5k
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Connection: keep-alive
Server: gunicorn
Date: Wed, 07 Dec 2022 07:49:56 GMT
Content-Type: application/json
Allow: GET, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Length: 86
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Vary: Origin
Access-Control-Allow-Origin: *
Via: 1.1 vegur
|
|
| primaveratrack.com/testb.php | 167.114.103.223 | 200 OK | 126 B |
URL HTTP/1.1primaveratrack.com/testb.php IP167.114.103.223:0
File typeJSON data\012- , ASCII text, with no line terminators Hasha5b3bfed693e840e5d91095409c6af0b 7fbe8433eda44893839708d5ce47d7a7041005fd a04e547854da7a70b03398e9329527420ef9f14486d35d5c3186ee46248f25a4
GET /testb.php HTTP/1.1
Host: primaveratrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 07 Dec 2022 07:49:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash15557fed28ee436852481c7daad6cfbb f39fb5e843a53d580a71f6390c67f1251712e104 57ae17f40d2df783b103d2b1b0fe9e1372c5ea289a5f6aff3e750a0c78af6f41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "57AE17F40D2DF783B103D2B1B0FE9E1372C5EA289A5F6AFF3E750A0C78AF6F41"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16147
Expires: Wed, 07 Dec 2022 12:19:03 GMT
Date: Wed, 07 Dec 2022 07:49:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash1ab1615b2c8cc26b12fc0cf41734ff07 a7d54b3709ce75a20210e20013e6f06b0aa88e2d 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10318
Expires: Wed, 07 Dec 2022 10:41:54 GMT
Date: Wed, 07 Dec 2022 07:49:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash1ab1615b2c8cc26b12fc0cf41734ff07 a7d54b3709ce75a20210e20013e6f06b0aa88e2d 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10318
Expires: Wed, 07 Dec 2022 10:41:54 GMT
Date: Wed, 07 Dec 2022 07:49:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash1ab1615b2c8cc26b12fc0cf41734ff07 a7d54b3709ce75a20210e20013e6f06b0aa88e2d 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10318
Expires: Wed, 07 Dec 2022 10:41:54 GMT
Date: Wed, 07 Dec 2022 07:49:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash1ab1615b2c8cc26b12fc0cf41734ff07 a7d54b3709ce75a20210e20013e6f06b0aa88e2d 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10318
Expires: Wed, 07 Dec 2022 10:41:54 GMT
Date: Wed, 07 Dec 2022 07:49:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 2.0 kB |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash06628c64cb9c95ff21fc58cd59e2f26d 7c17735d0ad4a6791b47d347f6fb5080e4cd790f 4f7adc6da43f296f67106d3501cd2d24b541c4c2f4f81274e3a2262db3dcb48c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10318
Expires: Wed, 07 Dec 2022 10:41:54 GMT
Date: Wed, 07 Dec 2022 07:49:56 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e484ee7-12d9-41dc-b674-890c51c30626.png | 34.120.237.76 | 200 OK | 5.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e484ee7-12d9-41dc-b674-890c51c30626.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb079607b368263e3517dd30250f5f2af a1b7863c70f1d501560a5b2fb4442f4835f94341 e7ed3ed2aca312d82fb017e06c6493fafffff9a603d1498c9c05355c08b444e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e484ee7-12d9-41dc-b674-890c51c30626.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5913
x-amzn-requestid: 355ca338-7d8e-4a60-a491-0509d0ff32d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlirF3DIAMF-vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb610-5bff7b5b3984102e1ef0e737;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RlnA4SSUIbIVtGBxqBtabKw58aXWE-jGIKLZ4DnoTiGzvH5bzBOUbA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
etag: "a1b7863c70f1d501560a5b2fb4442f4835f94341"
content-type: image/jpeg
age: 35557
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| redrotou.net/pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js | 139.45.197.251 | 200 OK | 21 kB |
URL HTTP/2redrotou.net/pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js IP139.45.197.251:0
Hash6e70716c3dc53c61f3da8835f120c038 16dca70f1aaac4bbddcc4af99e40ed2c42cd2ddf 996fa0c69bb4dd2da1a91b20b0c70a4f4509982f5367678f632e54822e206ac7
GET /pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js HTTP/1.1
Host: redrotou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:49:56 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-9a87"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg | 34.120.237.76 | 200 OK | 6.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash535710165275856757bd7d1689f79de3 d51162b7fcba50022482b7130a556f3a7dfe822f c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4ORpzqbzQyJz_i3wpxf_07mXK3ovj1JT8kn-M9fdrGRgDVig7hhN5w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 16:47:32 GMT
age: 54144
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg | 34.120.237.76 | 200 OK | 9.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb92721cbe24623f1713a5248d6a7c1b2 3628390c62642dcc375b28f58c9b48180c4abd73 37d0451c03bc7cf0253aba6d3204cbf38502692a0fbc751a3ead01b07e9a65d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9613
x-amzn-requestid: 31270e51-34df-4980-9221-e21a5521b3de
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clZQYHzvoAMFvdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ba268-509300b867fcbfb71a7cf6ad;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 19:24:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xk1sLSRBl1t872eGrnw1dVjQO7XvAM4NDFd5Y0wKjdvkKtaqDneEKg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:54 GMT
age: 35282
etag: "3628390c62642dcc375b28f58c9b48180c4abd73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd933687b-86e0-407a-9bff-2debb09d5167.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd933687b-86e0-407a-9bff-2debb09d5167.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash550ee57c325ce8d4892400deb24141d3 acece1761a7d4d3926500726c19d528bb204ef4c 7cc68e966362916947e7d6e24d3c001c64298fec2438a97538765d801fa7c92c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd933687b-86e0-407a-9bff-2debb09d5167.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10362
x-amzn-requestid: 7fdd2011-e283-467e-9f04-741946a834ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpl_1EsooAMFhvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5065-0cddad1919d984065bd0b03e;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 01:59:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uhgTdyHGPZ1Ocp6wLQNVgcZ0z2CPyV0a_51MXD6Q04tsJ3RhgMY2Fw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:58:02 GMT
age: 35514
etag: "acece1761a7d4d3926500726c19d528bb204ef4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849e6cc4-2b6a-4e78-ba2e-d46bfbadd6ba.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849e6cc4-2b6a-4e78-ba2e-d46bfbadd6ba.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash0a317faf49d8e057d1da40f9441b6c30 f01497a3eef693b70b18885156f63c9c7305ed7e 5687e273eefa9ba3733fabe234e52bc7db87b4ec6244d12077c5816ae7961576
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849e6cc4-2b6a-4e78-ba2e-d46bfbadd6ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12259
x-amzn-requestid: db1b424e-af8a-4a6f-92dc-27ccf3256d25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: coKPCHc9oAMFygg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638cbd93-56c293d73368cab66819d31e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 15:32:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VsWEwb3ynI-AP3uWwVHM6I7aY3f0TBLvge2Znt7hNIXlNtMbvpKmBQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 08:00:53 GMT
age: 85743
etag: "f01497a3eef693b70b18885156f63c9c7305ed7e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| track.profitableredirect.com/e69b0e43-f199-496b-87cc-2daa322bb681 | 18.192.108.151 | 200 OK | 724 B |
URL HTTP/2track.profitableredirect.com/e69b0e43-f199-496b-87cc-2daa322bb681 IP18.192.108.151:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (724), with no line terminators Hash9fd4801e2ecd8ca98f79072d6712097a 2e6f263aeabec9c56187a8a0de80a7d4cb79b8dc a59e107d30efd7a3d404e0b84b4e8a9541f3aa8492f33d3c4cf15988ffe01bae
GET /e69b0e43-f199-496b-87cc-2daa322bb681 HTTP/1.1
Host: track.profitableredirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:49:56 GMT
content-type: text/html;charset=UTF-8
content-length: 724
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: e69b0e43-f199-496b-87cc-2daa322bb681-v4=PbVITkNClEmr-BA-UVXWm9vy16pdbuxJ-aiLGA7az6A; Max-Age=86400; Expires=Thu, 08-Dec-2022 07:49:56 GMT; Domain=track.profitableredirect.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=K6P3qrLXEsdBlKIH9BYYtrOB269NhQw8yCCcrIZjzCxqO7BErPLYu9zM%2F3YSiFdy%2BXB7q3nKB5RkMSTDnr3%2FFPrwEdArFh84t9H7UuXSt7Ivjxf3uEfYMKyb5WI5mHEOU43VuDb3HhLv4tVf2U6XXw%3D%3D; Max-Age=31536000; Expires=Thu, 07-Dec-2023 07:49:56 GMT; Domain=track.profitableredirect.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 2.0 kB |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash5db79f094c8ddf3e345bdf82946ffa9d 0eec91eeb12380f7402101ab2bf5c397de57573f 066e3e2c128777206c7dd094e8ff46980103df9fad606855b1b131d4e7eee8ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A17633616BACD38F4F0EC3CCD4694B85F7C5887FC7613B3E50C757E7D3A17529"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12921
Expires: Wed, 07 Dec 2022 11:25:17 GMT
Date: Wed, 07 Dec 2022 07:49:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashb22490b02628e79842aa551994331a2e 238870b8a3e6ef3b6a761154e3abee386643597c ef2e0268a5ed0ca7d64dfc1baa3d56d55f4062e4d84972bc9423fe56df585673
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF2E0268A5ED0CA7D64DFC1BAA3D56D55F4062E4D84972BC9423FE56DF585673"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17433
Expires: Wed, 07 Dec 2022 12:40:30 GMT
Date: Wed, 07 Dec 2022 07:49:57 GMT
Connection: keep-alive
|
|
| my.rtmark.net/img.gif?f=merge&userId=ab6af67e589f40b090cb212410ca16fd | 139.45.195.8 | 200 OK | 43 B |
URL HTTP/2my.rtmark.net/img.gif?f=merge&userId=ab6af67e589f40b090cb212410ca16fd IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=ab6af67e589f40b090cb212410ca16fd HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouhastay.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:49:57 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=ab6af67e589f40b090cb212410ca16fd; expires=Thu, 07 Dec 2023 07:49:57 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ouhastay.net/?z=3647676&syncedCookie=true&rhd=false | 139.45.197.239 | 302 Found | 0 B |
URL HTTP/2ouhastay.net/?z=3647676&syncedCookie=true&rhd=false IP139.45.197.239:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /?z=3647676&syncedCookie=true&rhd=false HTTP/1.1
Host: ouhastay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 455
Origin: https://ouhastay.net
Connection: keep-alive
Referer: https://ouhastay.net/afu.php?zoneid=3647676&var=3647676&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false
Cookie: OAID=ab6af67e589f40b090cb212410ca16fd; oaidts=1670399396
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 07 Dec 2022 07:49:57 GMT
content-length: 0
location: https://revpu.sh/redir?page=aHR0cHM6Ly93d3cuaGVscHdpcmUuY29tL2FydGljbGVzL2Vhc3ktaG9tZS1pbXByb3ZlbWVudD9xPVZlZWFtK1JhbnNvbXdhcmUrUHJvdGVjdGlvbiZzcmM9bWcmZ2NoPVQwMDAwMDEyJnZpc2l0b3JfaWQ9JTI0JTdCU1VCSUQlN0QmdGFyZ2V0X2lkPSU3QnpvbmVpZCU3RCZjYW1wYWlnbl9pZD0lN0JjYW1wYWlnbmlkJTdEJmxpbmtfa2V5PTA0NGIxOWM0OTA5OTg4YzFhNTFiOTU4YWE3ZTJiZmRk&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd&rdk=rk3
x-trace-id: 1b506f9a7b67e6d2ab7385d379ede2c0
link: <https://revpu.sh>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
access-control-allow-origin: https://ouhastay.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=ab6af67e589f40b090cb212410ca16fd; expires=Thu, 07 Dec 2023 07:49:57 GMT; path=/; secure; SameSite=None
oaidts=1670399396; expires=Thu, 07 Dec 2023 07:49:57 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 14 Dec 2022 07:49:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| revpu.sh/redir?page=aHR0cHM6Ly93d3cuaGVscHdpcmUuY29tL2FydGljbGVzL2Vhc3ktaG9tZS1pbXByb3ZlbWVudD9xPVZlZWFtK1JhbnNvbXdhcmUrUHJvdGVjdGlvbiZzcmM9bWcmZ2NoPVQwMDAwMDEyJnZpc2l0b3JfaWQ9JTI0JTdCU1VCSUQlN0QmdGFyZ2V0X2lkPSU3QnpvbmVpZCU3RCZjYW1wYWlnbl9pZD0lN0JjYW1wYWlnbmlkJTdEJmxpbmtfa2V5PTA0NGIxOWM0OTA5OTg4YzFhNTFiOTU4YWE3ZTJiZmRk&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd&rdk=rk3 | 139.162.186.41 | 302 Found | 1.7 kB |
URL HTTP/2revpu.sh/redir?page=aHR0cHM6Ly93d3cuaGVscHdpcmUuY29tL2FydGljbGVzL2Vhc3ktaG9tZS1pbXByb3ZlbWVudD9xPVZlZWFtK1JhbnNvbXdhcmUrUHJvdGVjdGlvbiZzcmM9bWcmZ2NoPVQwMDAwMDEyJnZpc2l0b3JfaWQ9JTI0JTdCU1VCSUQlN0QmdGFyZ2V0X2lkPSU3QnpvbmVpZCU3RCZjYW1wYWlnbl9pZD0lN0JjYW1wYWlnbmlkJTdEJmxpbmtfa2V5PTA0NGIxOWM0OTA5OTg4YzFhNTFiOTU4YWE3ZTJiZmRk&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd&rdk=rk3 IP139.162.186.41:0
Hashd4e3d45570fbbcf01967e2f1cbcd9be1 4c9d7700bb4ecda129c8410e02e267e5d9023bbc e29aee29ba85ca81fa8150f7556e0cc5b64b4abb597601c06300a04eabb0e884
GET /redir?page=aHR0cHM6Ly93d3cuaGVscHdpcmUuY29tL2FydGljbGVzL2Vhc3ktaG9tZS1pbXByb3ZlbWVudD9xPVZlZWFtK1JhbnNvbXdhcmUrUHJvdGVjdGlvbiZzcmM9bWcmZ2NoPVQwMDAwMDEyJnZpc2l0b3JfaWQ9JTI0JTdCU1VCSUQlN0QmdGFyZ2V0X2lkPSU3QnpvbmVpZCU3RCZjYW1wYWlnbl9pZD0lN0JjYW1wYWlnbmlkJTdEJmxpbmtfa2V5PTA0NGIxOWM0OTA5OTg4YzFhNTFiOTU4YWE3ZTJiZmRk&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd&rdk=rk3 HTTP/1.1
Host: revpu.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
content-type: text/html; charset=UTF-8
location: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
cache-control: no-cache, private
date: Wed, 07 Dec 2022 07:49:53 GMT
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/4963.2b7c7ead79fd7562.js | 54.230.111.44 | 200 OK | 705 B |
URL HTTP/2www.helpwire.com/_next/static/chunks/4963.2b7c7ead79fd7562.js IP54.230.111.44:0
File typeASCII text, with very long lines (705), with no line terminators Hash032c63d7d69c01f1d1e645bd93ff7210 3c0677bd33069b32ac660f354ab807d9625c7e08 a24eef15ae3579a3947bd6798c646fcb8b556a293bfb8c24a00225376a7c0316
GET /_next/static/chunks/4963.2b7c7ead79fd7562.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 705
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: "032c63d7d69c01f1d1e645bd93ff7210"
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iwSFy1BQxaPmT2q-4KIwJETYdqtpMW0BrnA5S20XYANOyoarrwvWLQ==
age: 25545
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/AwjeBsmdDVNGYeOtHruZM/_ssgManifest.js | 54.230.111.44 | 200 OK | 77 B |
URL HTTP/2www.helpwire.com/_next/static/AwjeBsmdDVNGYeOtHruZM/_ssgManifest.js IP54.230.111.44:0
File typeASCII text, with no line terminators Hashb6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
GET /_next/static/AwjeBsmdDVNGYeOtHruZM/_ssgManifest.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 77
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: "b6652df95db52feb4daf4eca35380933"
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PYvGkjFhrNloGyppOC8-3-VyvTjwyGuyc1CwOXaDGk8_SZrRT_4Aww==
age: 25545
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/scripttemplates/otSDKStub.js | 104.16.149.64 | 200 OK | 7.2 kB |
URL HTTP/2cdn.cookielaw.org/scripttemplates/otSDKStub.js IP104.16.149.64:0
File typeASCII text, with very long lines (21747) Hash6ca9058d9138dc07d9a378e6f20a8b7b ff5f65ad24a8e2b3042cbb0136be7edb52215c1a 1561d36bd995a09ea69c243767e196dd2e76a2753b59b78ecbf999161904f86d
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:49:58 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: bKkFjZE43AfZo3jm8gqLew==
last-modified: Tue, 06 Dec 2022 07:45:09 GMT
etag: 0x8DAD75DCC9E2F9F
x-ms-request-id: b80b8554-f01e-014c-18d0-0959ac000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 21620
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775baaef7e78b51e-OSL
X-Firefox-Spdy: h2
|
|
| production-cmp.isgprivacy.cbsi.com/dist/optanon-v1.1.0.js | 151.101.85.188 | 200 OK | 11 kB |
URL HTTP/2production-cmp.isgprivacy.cbsi.com/dist/optanon-v1.1.0.js IP151.101.85.188:0
File typeASCII text, with very long lines (30787) Hash67ef57e9804d6164ab0228529c00634a b6221503720655cb5587ac02ab142e86547752c6 3e017104b5ad4b26d0365897e175f1c912c7d0272bfbf685a61187ed83ab95d8
GET /dist/optanon-v1.1.0.js HTTP/1.1
Host: production-cmp.isgprivacy.cbsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jtR/w/ggy4yJybv8Q6oEEVlLz2NZxrzjcRxyRWtbYV7zCAyFvJhKzrR2NoszBfi2tPd/SVORBTc=
last-modified: Wed, 30 Nov 2022 19:44:06 GMT
etag: "bea9da88ccef790fb77abaea44ea345e"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:485666168322:build/prod-optanon-pipeline:8320ed39-e573-464a-ae46-962fa1ee7233
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 07:49:58 GMT
via: 1.1 varnish
age: 3581
x-served-by: cache-bma1647-BMA
x-cache: HIT
x-cache-hits: 45
x-timer: S1670399398.346333,VS0,VE0
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 10990
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hash688b45eb160bc1d3c007143fd57ffca4 fc3d05405c60679f2916d4d7f9456f66ee17b47e fc2909dede0f02f33d873592a40c1617f8097be4e23990e4bde7806b2811c369
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 07:49:58 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 04:52:36 GMT
Expires: Mon, 12 Dec 2022 04:52:35 GMT
Etag: "fc3d05405c60679f2916d4d7f9456f66ee17b47e"
Cache-Control: max-age=420757,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775baae81b25b52d-OSL
|
|
| www.helpwire.com/_next/static/css/8f57e9c85b5d5070.css | 54.230.111.44 | 200 OK | 7.1 kB |
URL HTTP/2www.helpwire.com/_next/static/css/8f57e9c85b5d5070.css IP54.230.111.44:0
File typeUnicode text, UTF-8 text, with very long lines (29203), with no line terminators Hash5db6af4ab1283135843f6d49fd7efb0e 88de37b289e332e1b9a9e005b87a27974c0c42e5 2b86d346222169a505668730a09bd55ca6d1212f2d192508d7dac33707cb99a3
GET /_next/static/css/8f57e9c85b5d5070.css HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Wed, 07 Dec 2022 00:44:12 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"dcb484010de231dc283a4396d33734d0"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QLl2xXGcPTJgGXHevrZbQgBgqv1VS3XDcH7gMk3HO8Stg5oONz0GrQ==
age: 25547
X-Firefox-Spdy: h2
|
|
| production-cmp.isgprivacy.cbsi.com/cps/shamanNotifier.js | 151.101.85.188 | 200 OK | 1.6 kB |
URL HTTP/2production-cmp.isgprivacy.cbsi.com/cps/shamanNotifier.js IP151.101.85.188:0
File typeASCII text, with very long lines (4276), with no line terminators Hash763348e62c55c7dd9305ec53c9625fb8 4ab12704650190c06e311bb87b1061189aeef8ed ad386546b56fdbc7ca27432d19cc95b00804bad4222e51e2d9edc3e46526c0e2
GET /cps/shamanNotifier.js HTTP/1.1
Host: production-cmp.isgprivacy.cbsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: uubeTO18Dft9kzTBI/Toah17xX2B9HhMK6uDNdisIz7t5yffuVq6RDpXmOO3yypBeEdy+jCZy8Q=
last-modified: Fri, 22 Jul 2022 19:02:28 GMT
etag: "3e0cf3a78511da0d4110ac814d88e0ec"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:485666168322:build/prod-shaman-notifier-pipeline:65247f02-0cba-4f78-bd98-f251a31929ac
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 07:49:58 GMT
via: 1.1 varnish
age: 2281
x-served-by: cache-bma1647-BMA
x-cache: HIT
x-cache-hits: 33
x-timer: S1670399398.378109,VS0,VE0
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1598
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hash541d323f2c62a599adac414d865ddea0 1b7c289efa8d0e4db32591c80bb52d6d025227fb ab5ac61bf4987f08a14e137f5feccab888ca32e2f74d2f0196ae4d92cf7017d9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 07:49:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 00:46:22 GMT
Expires: Tue, 13 Dec 2022 00:46:21 GMT
Etag: "1b7c289efa8d0e4db32591c80bb52d6d025227fb"
Cache-Control: max-age=492382,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775baaefcb65fabc-OSL
|
|
| cdn.galattic.com/bidder/cbs/filter.js | 95.110.203.212 | 200 OK | 424 B |
URL HTTP/1.1cdn.galattic.com/bidder/cbs/filter.js IP95.110.203.212:0
File typeASCII text, with very long lines (337) Hash7ce4858083c37871907f2f338f4371a0 1e0050323a2b1216eb0e9d2c0091ee91659a0503 8c6c7f84863db2932af068a41425b1532fa27df39688fdb0e016c336dfb74145
GET /bidder/cbs/filter.js HTTP/1.1
Host: cdn.galattic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 07 Dec 2022 10:02:41 GMT
Content-Type: application/javascript
Content-Length: 424
Connection: keep-alive
Last-Modified: Wed, 03 Aug 2022 11:33:13 GMT
ETag: "2be-5e55499294238-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Cacheable: YES
cache-control: max-age=900
X-UnsetCookies: TRUE
X-Varnish: 163323437 587140619
Via: 1.1 varnish (Varnish/5.2)
age: 0
X-Cache: HIT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| cdn.galattic.com/bidder/pm.v2.js | 95.110.203.212 | 200 OK | 5.1 kB |
URL HTTP/1.1cdn.galattic.com/bidder/pm.v2.js IP95.110.203.212:0
File typeASCII text, with very long lines (537) Hash7b1ee989885daae551165c112a58d3b3 baa841b1efd1d200195d210ba5384d0e3707ed45 f469628f6362b1dac4bd5b82394cceb85366ca1fe5346d2591ac21786d221bad
GET /bidder/pm.v2.js HTTP/1.1
Host: cdn.galattic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 07 Dec 2022 10:02:41 GMT
Content-Type: application/javascript
Content-Length: 5091
Connection: keep-alive
Last-Modified: Wed, 27 Jul 2022 12:40:52 GMT
ETag: "3642-5e4c8ba3332cf-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Cacheable: YES
cache-control: max-age=900
X-UnsetCookies: TRUE
X-Varnish: 155965410 482902296
Via: 1.1 varnish (Varnish/5.2)
age: 0
X-Cache: HIT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| www.helpwire.com/scripts/optanonApiBootstrap.js | 54.230.111.44 | 200 OK | 541 B |
URL HTTP/2www.helpwire.com/scripts/optanonApiBootstrap.js IP54.230.111.44:0
Hasha350eef484fa9186bf408beda6538334 39838a84ccd3d3407b873bf64d20830ee1174a9e 759eb2ef0ee7c0dd29b8d3d17f9d4b3da3549ff715fa764745cb5129ccc53009
GET /scripts/optanonApiBootstrap.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 541
date: Wed, 07 Dec 2022 07:49:59 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: "a350eef484fa9186bf408beda6538334"
accept-ranges: bytes
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: j3yrWlaJ5QL1oevxVkfyXav6-nscD2xuncl7mxYKuJSbDZRmfc2hPQ==
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/scripts/google_head.js | 54.230.111.44 | 200 OK | 123 B |
URL HTTP/2www.helpwire.com/scripts/google_head.js IP54.230.111.44:0
Hashf8c8167390a88fb75b4faac761c487e5 ab257ec7e73a989a17553450985fcfd660be8e7a 1278654f4fa2f333df55a3f0ef92282fdfb657dd40b952e17c84f2372ef76727
GET /scripts/google_head.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 123
date: Wed, 07 Dec 2022 07:49:59 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: "f8c8167390a88fb75b4faac761c487e5"
accept-ranges: bytes
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IWMU-_CPpgjoqMlH782z3qtmoqjnSVzBag32T2peo3pQP845GpQcyg==
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/scripts/jquery.js | 54.230.111.44 | 200 OK | 734 B |
URL HTTP/2www.helpwire.com/scripts/jquery.js IP54.230.111.44:0
Hash8ffe2fe575d8d70031baae73f19cbaeb c5afaec856ef45509bd5e9fda32c72ca62cbaf6d 3704ddc18365094439dcd2fbb36cbefec4e69c0b81c3dd6331d886984f29cab6
GET /scripts/jquery.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 734
date: Wed, 07 Dec 2022 07:49:59 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: "8ffe2fe575d8d70031baae73f19cbaeb"
accept-ranges: bytes
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: owoJ0W9YJAtbqUt8yBVHPRGJs4mdBjmfZ6G6_BqJjTs31FjM7H8kmA==
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js | 104.17.25.14 | 200 OK | 27 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js IP104.17.25.14:0
File typeASCII text, with very long lines (32058) Hashb51f9d778be466703e73aceee13d836d cc5cd9dd2b48712dcf90f14a1ff19d729c43e378 f1e36d8f99614eef048fe3cb4275f3234536bff3e3b1b8f763f14a8a0cadab45
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:49:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 27277
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15283"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6068028
expires: Mon, 27 Nov 2023 07:49:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwRw0Yn%2FVlfpVeQRQkakEfgHJ8DP5vnDRLmj9DPiGcJhDYwvuxON%2BWDwX9ToGY2iX5oRCRxJCHikq6WBPUVArBeDfSIs6FiE1UOoe3mlOxI2uqBSkGhqObkd4i8uS%2FI183wqtGou"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775baaf3ad6fb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/scripts/google_body.js | 54.230.111.44 | 200 OK | 2.7 kB |
URL HTTP/2www.helpwire.com/scripts/google_body.js IP54.230.111.44:0
Hash57664793a37b51961575609e9cc92595 f18b6c6f64481e0c9f347705436f6899d9f2b6c0 b084dd67731337c351f7736cb59ba5d490be1d20673320437a8cd3dacddcf2a6
GET /scripts/google_body.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 07:49:59 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"bc241cfddb77e291a3781f1946b1796e"
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: D1SdVi31sVkavZgXGBjSzkfaYivcWDCn8GQfANtn8jcOJtjp-iPIXA==
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/image?url=%2Fassets%2Fhelpwire%2Flogo.png&w=96&q=75 | 54.230.111.44 | 200 OK | 1.5 kB |
URL HTTP/2www.helpwire.com/_next/image?url=%2Fassets%2Fhelpwire%2Flogo.png&w=96&q=75 IP54.230.111.44:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash496eacb1c842a860b2605faa05ae0140 fdc7453e70ea04ad9398e2ef803acf5f0dea7b18 f45991b0020bcbd31ffb521f726d70d73c34574dde21552dacd8fb0053a12890
GET /_next/image?url=%2Fassets%2Fhelpwire%2Flogo.png&w=96&q=75 HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 1502
server: CloudFront
date: Wed, 07 Dec 2022 07:49:59 GMT
cache-control: public, max-age=60
etag: "9FmRsAILy9Mf+1Ifcm1w1zw0V03eIVUtrNj7AFOhKJA="
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7UT38T1DlgQWIQ_MEOul6v4LvDxtWygnWykh5O5itVcKWEN2rS_mHw==
X-Firefox-Spdy: h2
|
|
| ouhastay.net/afu.php?zoneid=3647676 | 139.45.197.239 | 200 OK | 11 kB |
URL HTTP/2ouhastay.net/afu.php?zoneid=3647676 IP139.45.197.239:0
Hashbd923c1615c26dca808cc2759f9b3b22 4529cf467980b3112aab275d6bde30c4a2665fba 58a1cd86bd758f308eacca566e76222b749dcf9b1b070cc1d143875e4a43bd46
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /afu.php?zoneid=3647676 HTTP/1.1
Host: ouhastay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:49:56 GMT
content-type: text/html; charset=utf8
x-trace-id: 39394a0db5fca3ea3e489ea6eda58151
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=ab6af67e589f40b090cb212410ca16fd; expires=Thu, 07 Dec 2023 07:49:56 GMT; path=/; secure; SameSite=None
oaidts=1670399396; expires=Thu, 07 Dec 2023 07:49:56 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| connect.facebook.net/en_US/fbevents.js | 31.13.72.12 | 200 OK | 27 kB |
URL HTTP/2connect.facebook.net/en_US/fbevents.js IP31.13.72.12:0
File typeASCII text, with very long lines (64348) Hash44ecaa3c2a4929a40141edc4540aaf84 f29a573182333b2500d41bfc389d6c5232dfb348 6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 44PIJw552i3lhnwxN1BukLUoUG//UUXQf7NN89j59QbAx+d8Sq2S/TneIL5ACOjgl6HdZDEy1/AdR4DxJO2m0w==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Wed, 07 Dec 2022 07:49:59 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash9084a518c70ad57bb3226fb519b648fd 79348ebe6f5900a035d4d65e08a7409fd9708f15 f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:49:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash81a7e0ed8b45460991a7d9b719423d48 fa4824b64d5484b955cecebbeea06710ced4fba5 2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:49:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.helpwire.com/_next/static/chunks/7203.d962e336ccf4b740.js | 54.230.111.44 | 200 OK | 3.5 kB |
URL HTTP/2www.helpwire.com/_next/static/chunks/7203.d962e336ccf4b740.js IP54.230.111.44:0
Hash3523234266ace489b09e3cad22218c1b a37d95fd212f4e46c52cde0407bb07753361d3d4 c28ba56a42e13180952ec9cd314311703f56c47206cccd457688be3c60d87c5d
GET /_next/static/chunks/7203.d962e336ccf4b740.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:13 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"ba529874fcd0e69dfd8c9126603ba23b"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5_7AL-jYnBWp2R22QGTubrlQE_1tx-jDT2lJ-IJ3_l4O0TSi1Ebh2g==
age: 25546
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashd44205a852cedc47da2373b3542f2ca0 884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82 f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2118
Cache-Control: max-age=106473
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:49:59 GMT
Etag: "638f3a4a-1d7"
Expires: Thu, 08 Dec 2022 13:24:32 GMT
Last-Modified: Tue, 06 Dec 2022 12:49:14 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
|
|
| www.googletagservices.com/tag/js/gpt.js | 142.250.74.162 | 200 OK | 28 kB |
URL HTTP/2www.googletagservices.com/tag/js/gpt.js IP142.250.74.162:0
File typeASCII text, with very long lines (40252) Hash9f220d7f24304047ffe2176bb485bc01 f91c90d658491f94e73dfc9855c47b8fa877dff6 abfca8bf66c69e0e2136f9609c0ded21b387fdcef710b40618dee7ad4d070631
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27564
date: Wed, 07 Dec 2022 07:49:59 GMT
expires: Wed, 07 Dec 2022 07:49:59 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1414 / 978 of 1000 / last-modified: 1670367953"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash81a7e0ed8b45460991a7d9b719423d48 fa4824b64d5484b955cecebbeea06710ced4fba5 2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:49:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hashcd6dabd083ee1c237c8ea3ba38cc48d5 bbe4420bf1c0fe0d5621336865563418d2f16f39 c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:49:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.helpwire.com/assets/helpwire/favicon.ico | 54.230.111.44 | 200 OK | 18 kB |
URL HTTP/2www.helpwire.com/assets/helpwire/favicon.ico IP54.230.111.44:0
File typeMS Windows icon resource - 4 icons, 16x16, 8 bits/pixel, 24x24, 32 bits/pixel\012- data Hash8c88e3b6919c49409bd9744ee68c5511 70c07b82f79743ca83711009dc42985580b078fe e676a7382a18b26fe268599dbd08bfd5380eafd20042f544b25d00df10a35f09
GET /assets/helpwire/favicon.ico HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 17798
date: Wed, 07 Dec 2022 07:50:00 GMT
last-modified: Wed, 07 Dec 2022 00:38:34 GMT
etag: "8c88e3b6919c49409bd9744ee68c5511"
cache-control: public, max-age=31536000, must-revalidate
accept-ranges: bytes
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ptWbaeWjzdrAsTZyUtA5Bh4Y4wPpU_T8GEuLUSz3PnfyFy04uKqYyg==
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hashaa0e64420f718aa4713e3f080b8d4099 927435ff8af66fa63c34aa0670ae80a997d59cd9 f8e0ab18de96e3d7aa4ed6a819740957b38c0c5d9571c8ccc23ba2dd4530fd42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:49:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.helpwire.com/_next/static/chunks/3493.e102016899dee344.js | 54.230.111.44 | 200 OK | 2.3 kB |
URL HTTP/2www.helpwire.com/_next/static/chunks/3493.e102016899dee344.js IP54.230.111.44:0
Hash956712cb5676f1b81122c424244c9cd8 35bb3e0f853e2139ebd87f2a161af558862c476e 52fc1bb0027a191d8d2bd131804af4d3223952393d614fe8b3d8ca2b12308655
GET /_next/static/chunks/3493.e102016899dee344.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:13 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"1fe1f60389ad9fd611c6389ff6e2611e"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NVnz81SeCwsAtjcZb1LymOk22DRCuLASVrZPePW4yXo0fmFsYcf6cA==
age: 25546
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/5675-87136af191a34387.js | 54.230.111.44 | 200 OK | 138 kB |
URL HTTP/2www.helpwire.com/_next/static/chunks/5675-87136af191a34387.js IP54.230.111.44:0
Size138 kB (137775 bytes) Hash2a83f0fd5c268b15a54a602999c7c524 d99bf440582ff0153e1f974d1505490a3c0364f6 ba401e86aa8b1102ef11cae33f1de5d458e2b222e90d2f7baf9a5531ed5d47b4
GET /_next/static/chunks/5675-87136af191a34387.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:13 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"e195706c78902e7db3c14efa1580fee1"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FH5VFq3U88f1lAuLx4X3i1ZV2_doyyzESIFa1479UQI_pJekOX-XUA==
age: 25546
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/2489-8969c03bb192615f.js | 54.230.111.44 | 200 OK | 19 kB |
URL HTTP/2www.helpwire.com/_next/static/chunks/2489-8969c03bb192615f.js IP54.230.111.44:0
File typeASCII text, with very long lines (65536), with no line terminators Hash4a74cfef91e7e9a2c6d1a31750f01b42 922ca1d9f86aa8ae93896f893beec1cc09bbb2b5 918cc1809a09c3680f534b4d2e19313ca7cc1679c571d5978b22b6d465bf1909
GET /_next/static/chunks/2489-8969c03bb192615f.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:13 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"91e4cc118694d429f40b290fabc6c486"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9EAOkRFOM9HWK1VQzL3DvZz-iPkjA93MDBK-oJ5hNfTzanEYhq72Kg==
age: 25546
X-Firefox-Spdy: h2
|
|
| www.google.com/adsense/search/ads.js | 216.58.207.228 | 200 OK | 65 kB |
URL HTTP/2www.google.com/adsense/search/ads.js IP216.58.207.228:0
Hash6802d5f05332e6d2729346f84760f7b8 18c5832624dfbdb30e036503360d195e9ae5c5c5 dbf5db00f477984a70311f12ade650985994b01bbf36ccece004aba800251b7b
GET /adsense/search/ads.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Wed, 07 Dec 2022 07:49:59 GMT
expires: Wed, 07 Dec 2022 07:49:59 GMT
cache-control: private, max-age=3600
etag: "9619119662420944098"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/pages/_app-ae91de5da9f4357b.js | 54.230.111.44 | 200 OK | 1.5 kB |
URL HTTP/2www.helpwire.com/_next/static/chunks/pages/_app-ae91de5da9f4357b.js IP54.230.111.44:0
Hash70d81483e66461e910413230d9388792 bbf5db7a85e13b358ca5353d028673eef59a3a16 f2f176525e776c1b6ed819a88dda181d80f7eeac3a587dc6a6362d8e84ac6a89
GET /_next/static/chunks/pages/_app-ae91de5da9f4357b.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"63a86bcb0a35020870cc81256fbc1581"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tX8eowMkNb4O_YGrib5fVkyMV7uF2cyy_TLN4xxLXlSRye1os-LyoQ==
age: 25545
X-Firefox-Spdy: h2
|
|
| www.facebook.com/tr/?id=1741246512876651&ev=PageView&dl=https%3A%2F%2Fwww.helpwire.com%2Farticles%2Feasy-home-improvement%3Fq%3DVeeam%2520Ransomware%2520Protection%26src%3Dmg%26gch%3DT0000012%26visitor_id%3D624262918263025675%26target_id%3D3647676%26campaign_id%3D6397242%26link_key%3D044b19c4909988c1a51b958aa7e2bfdd&rl=&if=false&ts=1670399399484&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670399399484.951219127&it=1670399399143&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET | 31.13.72.36 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/tr/?id=1741246512876651&ev=PageView&dl=https%3A%2F%2Fwww.helpwire.com%2Farticles%2Feasy-home-improvement%3Fq%3DVeeam%2520Ransomware%2520Protection%26src%3Dmg%26gch%3DT0000012%26visitor_id%3D624262918263025675%26target_id%3D3647676%26campaign_id%3D6397242%26link_key%3D044b19c4909988c1a51b958aa7e2bfdd&rl=&if=false&ts=1670399399484&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670399399484.951219127&it=1670399399143&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET IP31.13.72.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1741246512876651&ev=PageView&dl=https%3A%2F%2Fwww.helpwire.com%2Farticles%2Feasy-home-improvement%3Fq%3DVeeam%2520Ransomware%2520Protection%26src%3Dmg%26gch%3DT0000012%26visitor_id%3D624262918263025675%26target_id%3D3647676%26campaign_id%3D6397242%26link_key%3D044b19c4909988c1a51b958aa7e2bfdd&rl=&if=false&ts=1670399399484&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670399399484.951219127&it=1670399399143&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 07 Dec 2022 07:49:59 GMT
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashb746371785ba1bc6cb2cc00c52bde896 20009dbca55e8dcce2a4d2ac36111204c70d53cb 996b87c3a6dcd333df24be291f9e2b7b5631fbc3f0809f04c47cd76043a466f2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2732
Cache-Control: max-age=104205
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:49:59 GMT
Etag: "638f2f09-117"
Expires: Thu, 08 Dec 2022 12:46:44 GMT
Last-Modified: Tue, 06 Dec 2022 12:01:13 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
|
|
| geolocation.onetrust.com/cookieconsentpub/v1/geo/location | 104.18.27.85 | 200 OK | 81 kB |
URL HTTP/2geolocation.onetrust.com/cookieconsentpub/v1/geo/location IP104.18.27.85:0
File typeJSON data\012- , ASCII text, with very long lines (65383) Hash38e517680dcae46b2de7da0a82bdfe27 d259149805855d6becd76f5e10ac42938eb6d72d 0f78d5a28a0053e52ca52c273dca0ca11a34eda87b259c4f39cdfee1d6dd52fc
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.helpwire.com
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:49:59 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775baaf94ffe0b51-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/consent/87c26e94-acc3-41b3-85ed-3c9e1e798677/db9a8bfb-f407-4613-87a1-5679f28a722a/en.json | 104.16.149.64 | 200 OK | 13 kB |
URL HTTP/2cdn.cookielaw.org/consent/87c26e94-acc3-41b3-85ed-3c9e1e798677/db9a8bfb-f407-4613-87a1-5679f28a722a/en.json IP104.16.149.64:0
File typeJSON data\012- , Unicode text, UTF-8 text, with very long lines (50338), with no line terminators Hashfa3718df3afd6e77692e4439dafd9f43 7948e94914845712bfcde422358430aa7f802b2f 773000749ff033354710f616a152ee9c13cc6004e08dcd883fc114815716d675
GET /consent/87c26e94-acc3-41b3-85ed-3c9e1e798677/db9a8bfb-f407-4613-87a1-5679f28a722a/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.helpwire.com/
Origin: https://www.helpwire.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:49:59 GMT
content-type: application/x-javascript
content-length: 13391
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: +jcY3zr9bndpLkQ52v2fQw==
last-modified: Tue, 27 Sep 2022 17:18:58 GMT
etag: 0x8DAA0AC5CF2AD31
x-ms-request-id: ceb7e151-301e-00ff-4795-d2e57e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 8078
expires: Thu, 08 Dec 2022 07:49:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775baaf9ec13b521-OSL
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/scripttemplates/6.32.0/assets/v2/otPcTab.json | 104.16.149.64 | 200 OK | 12 kB |
URL HTTP/2cdn.cookielaw.org/scripttemplates/6.32.0/assets/v2/otPcTab.json IP104.16.149.64:0
File typeJSON data\012- , ASCII text, with very long lines (36232) Hash5a9bd274ec42175644c81d3d3a9dfd4f 48456f3b2295d725ed3e241afb5f02c57325aab0 cc3efa846541bfb923aa1ca04687dde040cf9cf7781855655077b4429b61b9d9
GET /scripttemplates/6.32.0/assets/v2/otPcTab.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.helpwire.com/
Origin: https://www.helpwire.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:50:00 GMT
content-type: application/json
content-length: 11931
content-encoding: gzip
content-md5: WpvSdOxCF1ZEyB09Op39Tw==
last-modified: Fri, 18 Mar 2022 16:29:17 GMT
etag: 0x8DA08FC7270043D
x-ms-request-id: e1fa97ac-e01e-011c-7fad-5646a4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 3074
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775baafa1c52b521-OSL
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/scripttemplates/6.32.0/assets/otFloatingRoundedCorner.json | 104.16.149.64 | 200 OK | 2.6 kB |
URL HTTP/2cdn.cookielaw.org/scripttemplates/6.32.0/assets/otFloatingRoundedCorner.json IP104.16.149.64:0
File typeJSON data\012- , ASCII text, with very long lines (7860) Hashb287063f84278e7a19dd038cdf2ed9b6 ad982f153b4e3fab6f0a33714d7ba60fc963c5f0 aafb5e4fd2ee23d7b06bbdbd0be1c00ca7f804fb29e9171f2a97995e3644bb36
GET /scripttemplates/6.32.0/assets/otFloatingRoundedCorner.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.helpwire.com/
Origin: https://www.helpwire.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:50:00 GMT
content-type: application/json
content-length: 2565
content-encoding: gzip
content-md5: socGP4QnjnoZ3QOM3y7Ztg==
last-modified: Fri, 18 Mar 2022 16:29:16 GMT
etag: 0x8DA08FC71DCDA25
x-ms-request-id: aab9ca01-701e-00da-19b4-567dcd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 3074
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775baafa0c3db521-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashe212a52bff44776e39a0d58077799be4 248f12fb3e0421e97d05f5f0d9475f7fbc8e06c7 8231e2fdacf43a377bf9c619a52ef742f447081ca03a043bf4bf9ca12403f85f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5213
Cache-Control: max-age=146998
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:50:02 GMT
Etag: "638fcc83-118"
Expires: Fri, 09 Dec 2022 00:40:00 GMT
Last-Modified: Tue, 06 Dec 2022 23:13:07 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
|
|
| www.helpwire.com/_next/static/chunks/pages/articles/%5Bslug%5D-8d887ec3c4fe42a8.js | 54.230.111.44 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/_next/static/chunks/pages/articles/%5Bslug%5D-8d887ec3c4fe42a8.js IP54.230.111.44:0
GET /_next/static/chunks/pages/articles/%5Bslug%5D-8d887ec3c4fe42a8.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"e15eeefc27e2f5e37f3cbb8759623c5b"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Pxb_B48733R9l-Yn1U4c32hUrFbCww37uYY3sNS5CxtwvPzqeYN3Tw==
age: 25545
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/AwjeBsmdDVNGYeOtHruZM/_buildManifest.js | 54.230.111.44 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/_next/static/AwjeBsmdDVNGYeOtHruZM/_buildManifest.js IP54.230.111.44:0
GET /_next/static/AwjeBsmdDVNGYeOtHruZM/_buildManifest.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"58ae92e18213cfd5cd715261c7a63634"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: c7mAbZPz0BmnZH_BQxQf7bbZyE90ndwqLhempjTFR2xe9xVHbwBxzA==
age: 25545
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/scripts/google_rs_body.js | 54.230.111.44 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/scripts/google_rs_body.js IP54.230.111.44:0
GET /scripts/google_rs_body.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 07:49:59 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"8d537ab256654672dd15b33bb8ac6eac"
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mpeXwQcEqsZFxIxzmbTJlGD7iyt_vWTfXy-8lRghNO2gE1Ci_fRxOA==
X-Firefox-Spdy: h2
|
|
| track.profitableredirect.com/redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1670399396477&hash=lxXd9QLvEhQA7riAaEnIn-wFsr6eUnEJP-oOLpnnq3Q&rm=DJ | 18.192.108.151 | 200 OK | 0 B |
URL HTTP/2track.profitableredirect.com/redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1670399396477&hash=lxXd9QLvEhQA7riAaEnIn-wFsr6eUnEJP-oOLpnnq3Q&rm=DJ IP18.192.108.151:0
GET /redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1670399396477&hash=lxXd9QLvEhQA7riAaEnIn-wFsr6eUnEJP-oOLpnnq3Q&rm=DJ HTTP/1.1
Host: track.profitableredirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: e69b0e43-f199-496b-87cc-2daa322bb681-v4=PbVITkNClEmr-BA-UVXWm9vy16pdbuxJ-aiLGA7az6A; cc-v4=K6P3qrLXEsdBlKIH9BYYtrOB269NhQw8yCCcrIZjzCxqO7BErPLYu9zM%2F3YSiFdy%2BXB7q3nKB5RkMSTDnr3%2FFPrwEdArFh84t9H7UuXSt7Ivjxf3uEfYMKyb5WI5mHEOU43VuDb3HhLv4tVf2U6XXw%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:49:56 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/webpack-6bf17bd08c9c0c1f.js | 54.230.111.44 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/_next/static/chunks/webpack-6bf17bd08c9c0c1f.js IP54.230.111.44:0
GET /_next/static/chunks/webpack-6bf17bd08c9c0c1f.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"6352db52f27a8ed05afa440d06cfbe9e"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XW-QsOIbrsF1DYUJkDTnfbhnXPU2SZVQSxkNwBSF3OSdNGb8u1mBSQ==
age: 25545
X-Firefox-Spdy: h2
|
|
| exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} | 172.67.155.44 | 200 OK | 0 B |
URL HTTP/2exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP172.67.155.44:0
GET /smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} HTTP/1.1
Host: exceptionalphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:49:54 GMT
content-type: text/html
last-modified: Mon, 13 Jun 2022 09:09:10 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShVjGM34%2BqJe4injq%2FJsXcQUUoTroJefk6Fi1L4ZE9yj6zMqUEWoQ38tjecGi%2BDvU9O1vIEiiKjUWEyFbSZt5NNARM6S93i53SSU3s1o0b9JTGD5Bl0pjLwYQs1qswSo7oM9ze9G1ZRoe8jgdcyf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775baad44a2c0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/framework-a661be0ab3977016.js | 54.230.111.44 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/_next/static/chunks/framework-a661be0ab3977016.js IP54.230.111.44:0
GET /_next/static/chunks/framework-a661be0ab3977016.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"42969190930a47add78d0553ad3decd6"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zocqguCgsMdmgI4f4svzwTXuoxJT28c7L-io9AoTV_M--ZKcH1KESQ==
age: 25545
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/main-b9cb64723e338c4c.js | 54.230.111.44 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/_next/static/chunks/main-b9cb64723e338c4c.js IP54.230.111.44:0
GET /_next/static/chunks/main-b9cb64723e338c4c.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"2fb1f137ee1b94f6d707d0e5bb718d68"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wf9nD7h5JGl7JpfdcYwbLiTnsANCHwaqo6zX0d7PqBmPKyltNUyeEQ==
age: 25545
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/9063-1bec776d34b6942e.js | 54.230.111.44 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/_next/static/chunks/9063-1bec776d34b6942e.js IP54.230.111.44:0
GET /_next/static/chunks/9063-1bec776d34b6942e.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"4e505b655b165ba96b14f7a6ad8d06f9"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GQ5QL8GPz6O7dciNCOB9MvV5UJJEdNElwHQICcIaCe_ZCkKulHt8WA==
age: 25545
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/2121-4fe4ce6739beb5e7.js | 54.230.111.44 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/_next/static/chunks/2121-4fe4ce6739beb5e7.js IP54.230.111.44:0
GET /_next/static/chunks/2121-4fe4ce6739beb5e7.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"df06edd9f2d58887377191e1def2d748"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SprQrdiKaFBnS4YgEvn5SW1qXGoJgDVQdN2mfvfPx9dQ72ZBxKPVxg==
age: 25545
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/scripts/fb.js?v=0 | 54.230.111.44 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/scripts/fb.js?v=0 IP54.230.111.44:0
GET /scripts/fb.js?v=0 HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 07:50:00 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"e9075df74bdbf0956f03b84308a735d8"
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WJbRNB42CsVLLRLhIya3UMsaVu1M3e7uMyTH4sXBVeEQ5lQkBLY16w==
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd | 54.230.111.44 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd IP54.230.111.44:0
GET /articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
server: CloudFront
date: Wed, 07 Dec 2022 07:49:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: public, max-age=600, s-maxage=1200, stale-while-revalidate=60
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP 8.1.2
set-cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}; path=/; secure; httponly
etag: W/"uajfq4f7y5xf0"
content-encoding: gzip
vary: Accept-Encoding
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wfV1g5lGYJP8AXnodR0t8u0tf4N0LHGKhU05Q7_yxeqlwzb6stByaw==
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/scripttemplates/6.32.0/assets/otCommonStyles.css | 104.16.149.64 | 200 OK | 0 B |
URL HTTP/2cdn.cookielaw.org/scripttemplates/6.32.0/assets/otCommonStyles.css IP104.16.149.64:0
GET /scripttemplates/6.32.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.helpwire.com/
Origin: https://www.helpwire.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:50:00 GMT
content-type: text/css
content-md5: SHFDtZO2nDZuiPDW83p1IQ==
last-modified: Fri, 18 Mar 2022 16:29:27 GMT
x-ms-request-id: 27c0e757-101e-00a7-5d44-66e105000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 3074
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775baafa1c56b521-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/9669-97c5cf1761642ab6.js | 54.230.111.44 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/_next/static/chunks/9669-97c5cf1761642ab6.js IP54.230.111.44:0
GET /_next/static/chunks/9669-97c5cf1761642ab6.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:13 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"3b84c3631391d301a78a469413875f14"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZIMmFWdRgD1Rul-mDdjM4iFNf_MoZ41pVoVNZCc4KxCB8hsROI4TLQ==
age: 25546
X-Firefox-Spdy: h2
|
|
| www.helpwire.com/_next/static/chunks/5729.31080824f0d629b2.js | 54.230.111.44 | 200 OK | 0 B |
URL HTTP/2www.helpwire.com/_next/static/chunks/5729.31080824f0d629b2.js IP54.230.111.44:0
GET /_next/static/chunks/5729.31080824f0d629b2.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"489a9bb7ca6f3965afd3155a5050414d"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pBJPYQzktOe29tPgSdY68-R_mtzT8KAqrh3eeMw2aQar7UjDGYIwHg==
age: 25545
X-Firefox-Spdy: h2
|
|